package util import ( "crypto/aes" "crypto/cipher" "crypto/rand" "crypto/rsa" "crypto/x509" "encoding/base64" "encoding/pem" "errors" "fmt" "github.com/gogf/gf/v2/frame/g" "github.com/gogf/gf/v2/os/gctx" "io" "io/ioutil" "log" ) var ( PublicKey *rsa.PublicKey PrivateKey *rsa.PrivateKey ) func InitPrivatePublicKey() { // 读取私钥文件 privateKeyBytes, err := ioutil.ReadFile("./etc/rsa_private_key.pem") if err != nil { log.Println("无法读取私钥文件:", err) return } // 解码私钥 privateKeyBlock, _ := pem.Decode(privateKeyBytes) if privateKeyBlock == nil || privateKeyBlock.Type != "PRIVATE KEY" { log.Println("私钥文件格式错误") return } // 解析私钥 privateKeys, err := x509.ParsePKCS8PrivateKey(privateKeyBlock.Bytes) if err != nil { log.Println("私钥解析失败:", err) return } // 转换为RSA类型的私钥 rsaPrivateKey, ok := privateKeys.(*rsa.PrivateKey) if !ok { fmt.Println("无法转换为RSA类型的私钥") return } PrivateKey = rsaPrivateKey // 读取公钥文件 publicKeyBytes, err := ioutil.ReadFile("./etc/rsa_public_key.pem") if err != nil { log.Println("无法读取公钥文件:", err) return } log.Println("读取公钥文件") // 解码公钥 publicKeyBlock, _ := pem.Decode(publicKeyBytes) if publicKeyBlock == nil || publicKeyBlock.Type != "PUBLIC KEY" { log.Println("公钥文件格式错误", publicKeyBlock.Type) return } // 解析公钥 publicKeyInterface, err := x509.ParsePKIXPublicKey(publicKeyBlock.Bytes) if err != nil { log.Println("公钥解析失败:", err.Error()) return } // 转换为公钥类型 rsaPublicKey, ok := publicKeyInterface.(*rsa.PublicKey) if !ok { log.Println("无法转换为公钥类型") return } PublicKey = rsaPublicKey log.Println("初始化公钥成功", PublicKey) //对称key加密 //AesEncDecKey = g.Cfg().MustGet(gctx.New(), "aesEncDecKey").String() //使用非对称加密key //shiftValue := big.NewInt(g.Cfg().MustGet(ctx, "pos").Int64()) //PublicKey.E = int(shiftValue.Int64()) } func JyAntiEncrypt(plaintext []byte) (out, PKeyStr string, err error) { if plaintext == nil { return } if PublicKey == nil { err = errors.New("无效公钥") return } aesEncDecKey := g.Cfg().MustGet(gctx.New(), "aesEncDecKey").String() if aesEncDecKey == "" { err = errors.New("密钥获取失败") return } out, err = Encrypt(plaintext, []byte(aesEncDecKey)) if err != nil { return } //非对称加密 var pKeyByte []byte pKeyByte, err = rsa.EncryptPKCS1v15(rand.Reader, PublicKey, []byte(aesEncDecKey)) if err == nil { PKeyStr = base64.StdEncoding.EncodeToString(pKeyByte) } log.Println("key加密前===", aesEncDecKey) log.Println("key加密后===", PKeyStr) //log.Println("加密后内容===", out) return } // 对称加密 func Encrypt(plaintext []byte, key []byte) (string, error) { block, err := aes.NewCipher(key) if err != nil { return "", err } ciphertext := make([]byte, aes.BlockSize+len(plaintext)) iv := ciphertext[:aes.BlockSize] if _, err := io.ReadFull(rand.Reader, iv); err != nil { return "", err } stream := cipher.NewCTR(block, iv) stream.XORKeyStream(ciphertext[aes.BlockSize:], plaintext) return base64.StdEncoding.EncodeToString(ciphertext), nil } /*func JyAntiDoc(plaintext []byte, pos int) (out string, err error) { if plaintext == nil { return "", errors.New("加密内容为空") } //exponent := big.NewInt(int64(pos)) // 位移处理的值 //PrivateKey.D = new(big.Int).Mul(PrivateKey.D, exponent) return string(PrivateKey.D.Bytes()), nil }*/