OtherProject
/
XinYeYouKu
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
XinYeYouKu/app/third/dfpOpenSdk/util/signature.go

168 lines
4.4 KiB
Go
Raw Normal View History

SM2-兴业对接基础
2024-07-08 18:01:02 +08:00
package util
import (
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha256"
"encoding/asn1"
"encoding/base64"
"encoding/hex"
"github.com/tjfoc/gmsm/sm2"
"github.com/tjfoc/gmsm/x509"
"math/big"
"qteam/app/third/dfpOpenSdk/config"
)
// SignatureByRSA RSA签名
func SignatureByRSA(content string, privateKey string) string {
decodeString, err := base64.StdEncoding.DecodeString(privateKey)
if err != nil {
return ""
}
hash := sha256.New()
hash.Write([]byte(content))
//Step3获得明文的散列值
hashText := hash.Sum(nil)
private, err := x509.ParsePKCS1PrivateKey(decodeString)
sign, err := rsa.SignPKCS1v15(
rand.Reader,
private,
crypto.SHA256,
hashText,
)
return base64.StdEncoding.EncodeToString(sign)
}
type sm2Signature struct {
R, S *big.Int
}
// SignatureBySM2 SM2签名
func SignatureBySM2(content string, privateKey string) (string, error) {
decodeString, _ := base64.StdEncoding.DecodeString(privateKey)
pri, err := FormatPri(decodeString)
if err != nil {
return "", err
}
sign, _ := pri.Sign(rand.Reader, []byte(content), nil)
signature := sm2Signature{}
_, err = asn1.Unmarshal(sign, &signature)
if err != nil {
return "", err
}
rbytes := signature.R.Bytes()
sbytes := signature.S.Bytes()
resultbytes := append(rbytes, sbytes...)
return base64.StdEncoding.EncodeToString(resultbytes), nil
}
func VerifyBySM2(contentBytes []byte, sign string, publicKey string) (bool, error) {
pubKey := FromPublicKey(publicKey)
//pri, err := FormatPri(decodeString)
//if err != nil {
// log.Fatal(err)
// return false, err
//}
bytes, _ := base64.StdEncoding.DecodeString(sign)
verify := pubKey.Verify(contentBytes, bytes)
//verify := pri.Verify(contentBytes, bytes)
return verify, nil
}
// EncryptBySM2PublicKey sm2公钥加密, 结果为base64格式
func EncryptBySM2PublicKey(encodedPublicKey string, contentBytes []byte) (string, error) {
decodeString, err2 := base64.StdEncoding.DecodeString(encodedPublicKey)
if err2 != nil {
return "", nil
}
public, err := x509.ReadPublicKeyFromHex(hex.EncodeToString(decodeString))
if err != nil {
return "", err
}
//
asn1Encrypt, err := public.EncryptAsn1(contentBytes, rand.Reader)
if err != nil {
return "", err
}
unmarshal, err := sm2.CipherUnmarshal(asn1Encrypt)
return base64.StdEncoding.EncodeToString(unmarshal), nil
}
// DecryptBySM2PrivateKey sm2私钥解密
func DecryptBySM2PrivateKey(encodedPrivateKey string, contentBytes []byte) ([]byte, error) {
privateKeyBytes, err := base64.StdEncoding.DecodeString(encodedPrivateKey)
if err != nil {
return nil, err
}
privateKey, err := x509.ReadPrivateKeyFromHex(hex.EncodeToString(privateKeyBytes))
if err != nil {
return nil, err
}
plaintext, err := privateKey.Decrypt(rand.Reader, contentBytes, nil)
if err != nil {
return nil, err
}
return plaintext, nil
}
// FormatPri 从私钥base64格式生成对应私钥格式
func FormatPri(priByte []byte) (*sm2.PrivateKey, error) {
// 椭圆曲线
c := sm2.P256Sm2()
// k倍点
k := new(big.Int).SetBytes(priByte)
priv := new(sm2.PrivateKey)
priv.PublicKey.Curve = c
priv.D = k
priv.PublicKey.X, priv.PublicKey.Y = c.ScalarBaseMult(k.Bytes())
return priv, nil
}
func FromPublicKey(publicKey string) *sm2.PublicKey {
decodeKey, _ := base64.StdEncoding.DecodeString(publicKey)
hexPublic := hex.EncodeToString(decodeKey)
pubKey, _ := x509.ReadPublicKeyFromHex(hexPublic)
return pubKey
}
func SM2_GenerateKeyPair() (publicKey string, privateKey string, err error) {
privKey, err := sm2.GenerateKey(nil) // 生成密钥对
if err != nil {
return
}
privateKey = x509.WritePrivateKeyToHex(privKey)
publicKey = x509.WritePublicKeyToHex(&privKey.PublicKey)
return
}
func SM4_GenerateKeyPair() string {
str := "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM1234567890"
buffer := make([]byte, 16)
for i := 0; i < 16; i++ {
nextInt, _ := rand.Int(rand.Reader, big.NewInt(int64(len(str))))
buffer[i] = str[nextInt.Int64()]
}
return string(buffer)
}
func encryptBody(bodyParamString string, keyConfigure config.KeyConfigure, flag bool) {
encryptBodyParamMap := make(map[string]string, 10)
var encData string
var encPassword string
if keyConfigure.RespSignAlgorithm == "sm4" {
pwd := SM4_GenerateKeyPair()
encData, _ = Sm4Encrypt(bodyParamString, pwd)
encPassword, _ = SignatureBySM2(bodyParamString, keyConfigure.PriKey)
}
encryptBodyParamMap["encData"] = encData
encryptBodyParamMap["encPassword"] = encPassword
}