package bcrypt
import (
"crypto"
"crypto/hmac"
"crypto/md5"
"crypto/rand"
"crypto/rsa"
"crypto/sha1"
"crypto/sha256"
"crypto/x509"
"encoding/base64"
"encoding/hex"
"encoding/pem"
"errors"
"fmt"
"github.com/druidcaesa/gotool/logs"
"golang.org/x/crypto/bcrypt"
)
type BcryptUtil struct {
logs logs.Logs
}
// Generate Password encryption 密码加密
func (b *BcryptUtil) Generate(password string) string {
hash, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) //加密处理
if err != nil {
b.logs.ErrorLog().Println(err)
}
return string(hash)
}
// CompareHash Password validation 密码验证
func (b *BcryptUtil) CompareHash(dbPassword string, loginPassword string) bool {
err := bcrypt.CompareHashAndPassword([]byte(dbPassword), []byte(loginPassword))
if err != nil {
b.logs.ErrorLog().Println(err)
return false
}
return true
}
// MD5 md5签名 signature
func (b *BcryptUtil) MD5(s string) string {
data := []byte(s)
md5Ctx := md5.New()
md5Ctx.Write(data)
cipherStr := md5Ctx.Sum(nil)
return hex.EncodeToString(cipherStr)
}
// SHA1 sha1加密 encryption
func (b *BcryptUtil) SHA1(s string) string {
o := sha1.New()
o.Write([]byte(s))
return hex.EncodeToString(o.Sum(nil))
}
// ComputeHmacSha256 hmac_sha256 encryption
func (b *BcryptUtil) ComputeHmacSha256(message string, secret string) string {
key := []byte(secret)
h := hmac.New(sha256.New, key)
h.Write([]byte(message))
sha := hex.EncodeToString(h.Sum(nil))
return base64.StdEncoding.EncodeToString([]byte(sha))
}
// GenRsaKey RSA公钥私钥产生
func (b *BcryptUtil) GenRsaKey() (prvkey, pubkey []byte) {
// 生成私钥文件
privateKey, err := rsa.GenerateKey(rand.Reader, 1024)
if err != nil {
panic(err)
}
derStream := x509.MarshalPKCS1PrivateKey(privateKey)
block := &pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: derStream,
}
prvkey = pem.EncodeToMemory(block)
publicKey := &privateKey.PublicKey
derPkix, err := x509.MarshalPKIXPublicKey(publicKey)
if err != nil {
panic(err)
}
block = &pem.Block{
Type: "PUBLIC KEY",
Bytes: derPkix,
}
pubkey = pem.EncodeToMemory(block)
return
}
// RsaSignWithSha256 签名
func (b *BcryptUtil) RsaSignWithSha256(data []byte, keyBytes []byte) []byte {
h := sha256.New()
h.Write(data)
hashed := h.Sum(nil)
block, _ := pem.Decode(keyBytes)
if block == nil {
panic(errors.New("private key error"))
}
privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
fmt.Println("ParsePKCS8PrivateKey err", err)
panic(err)
}
signature, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, hashed)
if err != nil {
fmt.Printf("Error from signing: %s\n", err)
panic(err)
}
return signature
}
// RsaVerySignWithSha256 验证
func (b *BcryptUtil) RsaVerySignWithSha256(data, signData, keyBytes []byte) bool {
block, _ := pem.Decode(keyBytes)
if block == nil {
panic(errors.New("public key error"))
}
pubKey, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
panic(err)
}
hashed := sha256.Sum256(data)
err = rsa.VerifyPKCS1v15(pubKey.(*rsa.PublicKey), crypto.SHA256, hashed[:], signData)
if err != nil {
panic(err)
}
return true
}
// RsaEncrypt 公钥加密
func (b *BcryptUtil) RsaEncrypt(data, keyBytes []byte) []byte {
//解密pem格式的公钥
block, _ := pem.Decode(keyBytes)
if block == nil {
panic(errors.New("public key error"))
}
// 解析公钥
pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
panic(err)
}
// 类型断言
pub := pubInterface.(*rsa.PublicKey)
//加密
ciphertext, err := rsa.EncryptPKCS1v15(rand.Reader, pub, data)
if err != nil {
panic(err)
}
return ciphertext
}
// RsaDecrypt 私钥解密
func (b *BcryptUtil) RsaDecrypt(ciphertext, keyBytes []byte) []byte {
//获取私钥
block, _ := pem.Decode(keyBytes)
if block == nil {
panic(errors.New("private key error!"))
}
//解析PKCS1格式的私钥
priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
panic(err)
}
// 解密
data, err := rsa.DecryptPKCS1v15(rand.Reader, priv, ciphertext)
if err != nil {
panic(err)
}
return data
}