Skip to content

Commit

Permalink
添加 EC-GDSA 文档
Browse files Browse the repository at this point in the history
  • Loading branch information
deatil committed Sep 25, 2024
1 parent 770b91b commit aad439f
Show file tree
Hide file tree
Showing 18 changed files with 2,008 additions and 2 deletions.
2 changes: 1 addition & 1 deletion cryptobin/ecdsa/parse.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ package ecdsa

import (
"errors"
"crypto/ecdsa"
"crypto/x509"
"crypto/ecdsa"
"encoding/pem"

"github.com/deatil/go-cryptobin/pkcs1"
Expand Down
22 changes: 22 additions & 0 deletions cryptobin/ecgdsa/check.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
package ecgdsa

// 检测公钥私钥是否匹配
func (this ECGDSA) CheckKeyPair() bool {
// 私钥导出的公钥
pubKeyFromPriKey := this.MakePublicKey().
CreatePublicKey().
ToKeyString()

// 公钥数据
pubKeyFromPubKey := this.CreatePublicKey().ToKeyString()

if pubKeyFromPriKey == "" || pubKeyFromPubKey == "" {
return false
}

if pubKeyFromPriKey == pubKeyFromPubKey {
return true
}

return false
}
192 changes: 192 additions & 0 deletions cryptobin/ecgdsa/create.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,192 @@
package ecgdsa

import (
"errors"
"crypto/rand"
"encoding/pem"

"github.com/deatil/go-cryptobin/pkcs1"
"github.com/deatil/go-cryptobin/pkcs8"
"github.com/deatil/go-cryptobin/pubkey/ecgdsa"
)

type (
// 配置
Opts = pkcs8.Opts
// PBKDF2 配置
PBKDF2Opts = pkcs8.PBKDF2Opts
// Scrypt 配置
ScryptOpts = pkcs8.ScryptOpts
)

var (
// 获取 Cipher 类型
GetCipherFromName = pkcs8.GetCipherFromName
// 获取 hash 类型
GetHashFromName = pkcs8.GetHashFromName
)

// 生成私钥 pem 数据, PKCS1 别名
// 使用:
// obj := New().WithCurve("P521").GenerateKey()
// priKey := obj.CreatePrivateKey().ToKeyString()
func (this ECGDSA) CreatePrivateKey() ECGDSA {
return this.CreatePKCS1PrivateKey()
}

// 生成私钥带密码 pem 数据, PKCS1 别名
// CreatePrivateKeyWithPassword("123", "AES256CBC")
// PEMCipher: DESCBC | DESEDE3CBC | AES128CBC | AES192CBC | AES256CBC
func (this ECGDSA) CreatePrivateKeyWithPassword(password string, opts ...string) ECGDSA {
return this.CreatePKCS1PrivateKeyWithPassword(password, opts...)
}

// ====================

// 生成私钥 pem 数据
func (this ECGDSA) CreatePKCS1PrivateKey() ECGDSA {
if this.privateKey == nil {
err := errors.New("privateKey empty.")
return this.AppendError(err)
}

publicKeyBytes, err := ecgdsa.MarshalECPrivateKey(this.privateKey)
if err != nil {
return this.AppendError(err)
}

privateBlock := &pem.Block{
Type: "EC PRIVATE KEY",
Bytes: publicKeyBytes,
}

this.keyData = pem.EncodeToMemory(privateBlock)

return this
}

// 生成私钥带密码 pem 数据
func (this ECGDSA) CreatePKCS1PrivateKeyWithPassword(password string, opts ...string) ECGDSA {
if this.privateKey == nil {
err := errors.New("privateKey empty.")
return this.AppendError(err)
}

opt := "AES256CBC"
if len(opts) > 0 {
opt = opts[0]
}

// 加密方式
cipher := pkcs1.GetPEMCipher(opt)
if cipher == nil {
err := errors.New("PEMCipher not exists.")
return this.AppendError(err)
}

// 生成私钥
publicKeyBytes, err := ecgdsa.MarshalECPrivateKey(this.privateKey)
if err != nil {
return this.AppendError(err)
}

// 生成加密数据
privateBlock, err := pkcs1.EncryptPEMBlock(
rand.Reader,
"EC PRIVATE KEY",
publicKeyBytes,
[]byte(password),
cipher,
)
if err != nil {
return this.AppendError(err)
}

this.keyData = pem.EncodeToMemory(privateBlock)

return this
}

// ====================

// 生成 PKCS8 私钥 pem 数据
func (this ECGDSA) CreatePKCS8PrivateKey() ECGDSA {
if this.privateKey == nil {
err := errors.New("privateKey empty.")
return this.AppendError(err)
}

publicKeyBytes, err := ecgdsa.MarshalPrivateKey(this.privateKey)
if err != nil {
return this.AppendError(err)
}

privateBlock := &pem.Block{
Type: "PRIVATE KEY",
Bytes: publicKeyBytes,
}

this.keyData = pem.EncodeToMemory(privateBlock)

return this
}

// 生成 PKCS8 私钥带密码 pem 数据
// CreatePKCS8PrivateKeyWithPassword("123", "AES256CBC", "SHA256")
func (this ECGDSA) CreatePKCS8PrivateKeyWithPassword(password string, opts ...any) ECGDSA {
if this.privateKey == nil {
err := errors.New("privateKey empty.")
return this.AppendError(err)
}

opt, err := pkcs8.ParseOpts(opts...)
if err != nil {
return this.AppendError(err)
}

// 生成私钥
publicKeyBytes, err := ecgdsa.MarshalPrivateKey(this.privateKey)
if err != nil {
return this.AppendError(err)
}

// 生成加密数据
privateBlock, err := pkcs8.EncryptPEMBlock(
rand.Reader,
"ENCRYPTED PRIVATE KEY",
publicKeyBytes,
[]byte(password),
opt,
)
if err != nil {
return this.AppendError(err)
}

this.keyData = pem.EncodeToMemory(privateBlock)

return this
}

// ====================

// 生成公钥 pem 数据
func (this ECGDSA) CreatePublicKey() ECGDSA {
if this.publicKey == nil {
err := errors.New("publicKey empty.")
return this.AppendError(err)
}

publicKeyBytes, err := ecgdsa.MarshalPublicKey(this.publicKey)
if err != nil {
return this.AppendError(err)
}

publicBlock := &pem.Block{
Type: "PUBLIC KEY",
Bytes: publicKeyBytes,
}

this.keyData = pem.EncodeToMemory(publicBlock)

return this
}
81 changes: 81 additions & 0 deletions cryptobin/ecgdsa/ecgdsa.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
package ecgdsa

import (
"hash"
"crypto/elliptic"
"crypto/sha256"

"github.com/deatil/go-cryptobin/pubkey/ecgdsa"
)

type (
// HashFunc
HashFunc = func() hash.Hash
)

// 数据编码方式
// marshal data type
type EncodingType uint

const (
EncodingASN1 EncodingType = 1 + iota
EncodingBytes
)

/**
* EC-GDSA
*
* @create 2024-9-26
* @author deatil
*/
type ECGDSA struct {
// 私钥
privateKey *ecgdsa.PrivateKey

// 公钥
publicKey *ecgdsa.PublicKey

// 生成类型
curve elliptic.Curve

// 签名验证类型
signHash HashFunc

// 数据编码方式
encoding EncodingType

// [私钥/公钥]数据
keyData []byte

// 传入数据
data []byte

// 解析后的数据
parsedData []byte

// 验证结果
verify bool

// 错误
Errors []error
}

// 构造函数
func NewECGDSA() ECGDSA {
return ECGDSA{
curve: elliptic.P256(),
signHash: sha256.New,
verify: false,
Errors: make([]error, 0),
}
}

// 构造函数
func New() ECGDSA {
return NewECGDSA()
}

var (
// 默认
defaultECGDSA = NewECGDSA()
)
Loading

0 comments on commit aad439f

Please sign in to comment.