-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathencryptasymmetric.go
127 lines (106 loc) · 2.64 KB
/
encryptasymmetric.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
package gocrypto
import (
"crypto/rand"
"crypto/rsa"
"fmt"
)
type asymmetricDriver struct {
key *RSAKey
publicKey *rsa.PublicKey
signer HashingAlgo
}
func (driver asymmetricDriver) PublicKey() *rsa.PublicKey {
if driver.publicKey != nil {
return driver.publicKey
} else if driver.key != nil {
return driver.key.PublicKey()
}
return nil
}
func (driver asymmetricDriver) Sign(data []byte) ([]byte, error) {
if driver.key == nil {
return nil, fmt.Errorf("no private key passed to driver")
}
constructor := HashingInstance(driver.signer)
if constructor == nil {
return nil, fmt.Errorf("invalid hash algo passed to driver")
}
hasher := constructor()
_, err := hasher.Write(data)
if err != nil {
return nil, err
}
signature, err := rsa.SignPKCS1v15(
rand.Reader, driver.key.PrivateKey(),
HashingAlg(driver.signer), hasher.Sum(nil),
)
if err != nil {
return nil, err
}
return signature, nil
}
func (driver asymmetricDriver) ValidateSignature(data []byte, signature []byte) (bool, error) {
constructor := HashingInstance(driver.signer)
if constructor == nil {
return false, fmt.Errorf("invalid hash algo passed to driver")
}
hasher := constructor()
_, err := hasher.Write(data)
if err != nil {
return false, err
}
err = rsa.VerifyPKCS1v15(
driver.PublicKey(), HashingAlg(driver.signer),
hasher.Sum(nil), signature,
)
if err != nil {
return false, err
}
return true, nil
}
func (driver asymmetricDriver) Encrypt(data []byte) ([]byte, error) {
constructor := HashingInstance(driver.signer)
if constructor == nil {
return nil, fmt.Errorf("invalid hash algo passed to driver")
}
encrypted, err := rsa.EncryptOAEP(
constructor(), rand.Reader,
driver.PublicKey(), data, nil,
)
if err != nil {
return nil, err
}
return encrypted, nil
}
func (driver asymmetricDriver) Decrypt(data []byte) ([]byte, error) {
if driver.key == nil {
return nil, fmt.Errorf("no private key passed to driver")
}
constructor := HashingInstance(driver.signer)
if constructor == nil {
return nil, fmt.Errorf("invalid hash algo passed to driver")
}
decrypted, err := rsa.DecryptOAEP(
constructor(), rand.Reader,
driver.key.PrivateKey(), data, nil,
)
if err != nil {
return nil, err
}
return decrypted, nil
}
func (driver asymmetricDriver) EncryptBase64(data []byte) (string, error) {
raw, err := driver.Encrypt(data)
if err != nil {
return "", err
}
encoded, err := base64Encode(raw)
return string(encoded), nil
}
func (driver asymmetricDriver) DecryptBase64(encrypted string) ([]byte, error) {
raw, err := base64Decode([]byte(encrypted))
if err != nil {
return nil, err
}
return driver.Decrypt(raw)
}