BaseService
/
gateway


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146
							package util

import (
	"crypto/aes"
	"crypto/cipher"
	"crypto/rand"
	"crypto/rsa"
	"crypto/x509"
	"encoding/base64"
	"encoding/pem"
	"errors"
	"fmt"
	"github.com/gogf/gf/v2/frame/g"
	"github.com/gogf/gf/v2/os/gctx"
	"io"
	"io/ioutil"
	"log"
)

var (
	PublicKey  *rsa.PublicKey
	PrivateKey *rsa.PrivateKey
)

func InitPrivatePublicKey() {
	// 读取私钥文件
	privateKeyBytes, err := ioutil.ReadFile("./etc/rsa_private_key.pem")
	if err != nil {
		log.Println("无法读取私钥文件：", err)
		return
	}
	// 解码私钥
	privateKeyBlock, _ := pem.Decode(privateKeyBytes)
	if privateKeyBlock == nil || privateKeyBlock.Type != "PRIVATE KEY" {
		log.Println("私钥文件格式错误")
		return
	}

	// 解析私钥
	privateKeys, err := x509.ParsePKCS8PrivateKey(privateKeyBlock.Bytes)
	if err != nil {
		log.Println("私钥解析失败：", err)
		return
	}

	// 转换为RSA类型的私钥
	rsaPrivateKey, ok := privateKeys.(*rsa.PrivateKey)
	if !ok {
		fmt.Println("无法转换为RSA类型的私钥")
		return
	}
	PrivateKey = rsaPrivateKey
	// 读取公钥文件
	publicKeyBytes, err := ioutil.ReadFile("./etc/rsa_public_key.pem")
	if err != nil {
		log.Println("无法读取公钥文件：", err)
		return
	}
	log.Println("读取公钥文件")
	// 解码公钥
	publicKeyBlock, _ := pem.Decode(publicKeyBytes)
	if publicKeyBlock == nil || publicKeyBlock.Type != "PUBLIC KEY" {
		log.Println("公钥文件格式错误", publicKeyBlock.Type)
		return
	}

	// 解析公钥
	publicKeyInterface, err := x509.ParsePKIXPublicKey(publicKeyBlock.Bytes)
	if err != nil {
		log.Println("公钥解析失败：", err.Error())
		return
	}

	// 转换为公钥类型
	rsaPublicKey, ok := publicKeyInterface.(*rsa.PublicKey)
	if !ok {
		log.Println("无法转换为公钥类型")
		return
	}
	PublicKey = rsaPublicKey
	log.Println("初始化公钥成功", PublicKey)
	//对称key加密
	//AesEncDecKey = g.Cfg().MustGet(gctx.New(), "aesEncDecKey").String()
	//使用非对称加密key
	//shiftValue := big.NewInt(g.Cfg().MustGet(ctx, "pos").Int64())
	//PublicKey.E = int(shiftValue.Int64())

}

func JyAntiEncrypt(plaintext []byte) (out, PKeyStr string, err error) {
	if plaintext == nil {
		return
	}
	if PublicKey == nil {
		err = errors.New("无效公钥")
		return
	}
	aesEncDecKey := g.Cfg().MustGet(gctx.New(), "aesEncDecKey").String()
	if aesEncDecKey == "" {
		err = errors.New("密钥获取失败")
		return
	}
	out, err = Encrypt(plaintext, []byte(aesEncDecKey))
	if err != nil {
		return
	}
	//非对称加密
	var pKeyByte []byte
	pKeyByte, err = rsa.EncryptPKCS1v15(rand.Reader, PublicKey, []byte(aesEncDecKey))
	if err == nil {
		PKeyStr = base64.StdEncoding.EncodeToString(pKeyByte)
	}
	log.Println("key加密前===", aesEncDecKey)
	log.Println("key加密后===", PKeyStr)
	//log.Println("加密后内容===", out)
	return
}

// 对称加密
func Encrypt(plaintext []byte, key []byte) (string, error) {
	block, err := aes.NewCipher(key)
	if err != nil {
		return "", err
	}

	ciphertext := make([]byte, aes.BlockSize+len(plaintext))

	iv := ciphertext[:aes.BlockSize]
	if _, err := io.ReadFull(rand.Reader, iv); err != nil {
		return "", err
	}

	stream := cipher.NewCTR(block, iv)
	stream.XORKeyStream(ciphertext[aes.BlockSize:], plaintext)

	return base64.StdEncoding.EncodeToString(ciphertext), nil
}

/*func JyAntiDoc(plaintext []byte, pos int) (out string, err error) {
	if plaintext == nil {
		return "", errors.New("加密内容为空")
	}
	//exponent := big.NewInt(int64(pos)) // 位移处理的值
	//PrivateKey.D = new(big.Int).Mul(PrivateKey.D, exponent)
	return string(PrivateKey.D.Bytes()), nil
}*/