添加 EC-GDSA 文档

deatil · Sep 25, 2024 · aad439f · aad439f
1 parent 770b91b
commit aad439f
Show file tree

Hide file tree

Showing 18 changed files with 2,008 additions and 2 deletions.
diff --git a/cryptobin/ecdsa/parse.go b/cryptobin/ecdsa/parse.go
@@ -2,8 +2,8 @@ package ecdsa
 
 import (
     "errors"
-    "crypto/ecdsa"
     "crypto/x509"
+    "crypto/ecdsa"
     "encoding/pem"
 
     "github.com/deatil/go-cryptobin/pkcs1"

diff --git a/cryptobin/ecgdsa/check.go b/cryptobin/ecgdsa/check.go
@@ -0,0 +1,22 @@
+package ecgdsa
+
+// 检测公钥私钥是否匹配
+func (this ECGDSA) CheckKeyPair() bool {
+    // 私钥导出的公钥
+    pubKeyFromPriKey := this.MakePublicKey().
+        CreatePublicKey().
+        ToKeyString()
+
+    // 公钥数据
+    pubKeyFromPubKey := this.CreatePublicKey().ToKeyString()
+
+    if pubKeyFromPriKey == "" || pubKeyFromPubKey == "" {
+        return false
+    }
+
+    if pubKeyFromPriKey == pubKeyFromPubKey {
+        return true
+    }
+
+    return false
+}
diff --git a/cryptobin/ecgdsa/create.go b/cryptobin/ecgdsa/create.go
@@ -0,0 +1,192 @@
+package ecgdsa
+
+import (
+    "errors"
+    "crypto/rand"
+    "encoding/pem"
+
+    "github.com/deatil/go-cryptobin/pkcs1"
+    "github.com/deatil/go-cryptobin/pkcs8"
+    "github.com/deatil/go-cryptobin/pubkey/ecgdsa"
+)
+
+type (
+    // 配置
+    Opts       = pkcs8.Opts
+    // PBKDF2 配置
+    PBKDF2Opts = pkcs8.PBKDF2Opts
+    // Scrypt 配置
+    ScryptOpts = pkcs8.ScryptOpts
+)
+
+var (
+    // 获取 Cipher 类型
+    GetCipherFromName = pkcs8.GetCipherFromName
+    // 获取 hash 类型
+    GetHashFromName   = pkcs8.GetHashFromName
+)
+
+// 生成私钥 pem 数据, PKCS1 别名
+// 使用:
+// obj := New().WithCurve("P521").GenerateKey()
+// priKey := obj.CreatePrivateKey().ToKeyString()
+func (this ECGDSA) CreatePrivateKey() ECGDSA {
+    return this.CreatePKCS1PrivateKey()
+}
+
+// 生成私钥带密码 pem 数据, PKCS1 别名
+// CreatePrivateKeyWithPassword("123", "AES256CBC")
+// PEMCipher: DESCBC | DESEDE3CBC | AES128CBC | AES192CBC | AES256CBC
+func (this ECGDSA) CreatePrivateKeyWithPassword(password string, opts ...string) ECGDSA {
+    return this.CreatePKCS1PrivateKeyWithPassword(password, opts...)
+}
+
+// ====================
+
+// 生成私钥 pem 数据
+func (this ECGDSA) CreatePKCS1PrivateKey() ECGDSA {
+    if this.privateKey == nil {
+        err := errors.New("privateKey empty.")
+        return this.AppendError(err)
+    }
+
+    publicKeyBytes, err := ecgdsa.MarshalECPrivateKey(this.privateKey)
+    if err != nil {
+        return this.AppendError(err)
+    }
+
+    privateBlock := &pem.Block{
+        Type:  "EC PRIVATE KEY",
+        Bytes: publicKeyBytes,
+    }
+
+    this.keyData = pem.EncodeToMemory(privateBlock)
+
+    return this
+}
+
+// 生成私钥带密码 pem 数据
+func (this ECGDSA) CreatePKCS1PrivateKeyWithPassword(password string, opts ...string) ECGDSA {
+    if this.privateKey == nil {
+        err := errors.New("privateKey empty.")
+        return this.AppendError(err)
+    }
+
+    opt := "AES256CBC"
+    if len(opts) > 0 {
+        opt = opts[0]
+    }
+
+    // 加密方式
+    cipher := pkcs1.GetPEMCipher(opt)
+    if cipher == nil {
+        err := errors.New("PEMCipher not exists.")
+        return this.AppendError(err)
+    }
+
+    // 生成私钥
+    publicKeyBytes, err := ecgdsa.MarshalECPrivateKey(this.privateKey)
+    if err != nil {
+        return this.AppendError(err)
+    }
+
+    // 生成加密数据
+    privateBlock, err := pkcs1.EncryptPEMBlock(
+        rand.Reader,
+        "EC PRIVATE KEY",
+        publicKeyBytes,
+        []byte(password),
+        cipher,
+    )
+    if err != nil {
+        return this.AppendError(err)
+    }
+
+    this.keyData = pem.EncodeToMemory(privateBlock)
+
+    return this
+}
+
+// ====================
+
+// 生成 PKCS8 私钥 pem 数据
+func (this ECGDSA) CreatePKCS8PrivateKey() ECGDSA {
+    if this.privateKey == nil {
+        err := errors.New("privateKey empty.")
+        return this.AppendError(err)
+    }
+
+    publicKeyBytes, err := ecgdsa.MarshalPrivateKey(this.privateKey)
+    if err != nil {
+        return this.AppendError(err)
+    }
+
+    privateBlock := &pem.Block{
+        Type:  "PRIVATE KEY",
+        Bytes: publicKeyBytes,
+    }
+
+    this.keyData = pem.EncodeToMemory(privateBlock)
+
+    return this
+}
+
+// 生成 PKCS8 私钥带密码 pem 数据
+// CreatePKCS8PrivateKeyWithPassword("123", "AES256CBC", "SHA256")
+func (this ECGDSA) CreatePKCS8PrivateKeyWithPassword(password string, opts ...any) ECGDSA {
+    if this.privateKey == nil {
+        err := errors.New("privateKey empty.")
+        return this.AppendError(err)
+    }
+
+    opt, err := pkcs8.ParseOpts(opts...)
+    if err != nil {
+        return this.AppendError(err)
+    }
+
+    // 生成私钥
+    publicKeyBytes, err := ecgdsa.MarshalPrivateKey(this.privateKey)
+    if err != nil {
+        return this.AppendError(err)
+    }
+
+    // 生成加密数据
+    privateBlock, err := pkcs8.EncryptPEMBlock(
+        rand.Reader,
+        "ENCRYPTED PRIVATE KEY",
+        publicKeyBytes,
+        []byte(password),
+        opt,
+    )
+    if err != nil {
+        return this.AppendError(err)
+    }
+
+    this.keyData = pem.EncodeToMemory(privateBlock)
+
+    return this
+}
+
+// ====================
+
+// 生成公钥 pem 数据
+func (this ECGDSA) CreatePublicKey() ECGDSA {
+    if this.publicKey == nil {
+        err := errors.New("publicKey empty.")
+        return this.AppendError(err)
+    }
+
+    publicKeyBytes, err := ecgdsa.MarshalPublicKey(this.publicKey)
+    if err != nil {
+        return this.AppendError(err)
+    }
+
+    publicBlock := &pem.Block{
+        Type:  "PUBLIC KEY",
+        Bytes: publicKeyBytes,
+    }
+
+    this.keyData = pem.EncodeToMemory(publicBlock)
+
+    return this
+}
diff --git a/cryptobin/ecgdsa/ecgdsa.go b/cryptobin/ecgdsa/ecgdsa.go
@@ -0,0 +1,81 @@
+package ecgdsa
+
+import (
+    "hash"
+    "crypto/elliptic"
+    "crypto/sha256"
+
+    "github.com/deatil/go-cryptobin/pubkey/ecgdsa"
+)
+
+type (
+    // HashFunc
+    HashFunc = func() hash.Hash
+)
+
+// 数据编码方式
+// marshal data type
+type EncodingType uint
+
+const (
+    EncodingASN1 EncodingType = 1 + iota
+    EncodingBytes
+)
+
+/**
+ * EC-GDSA
+ *
+ * @create 2024-9-26
+ * @author deatil
+ */
+type ECGDSA struct {
+    // 私钥
+    privateKey *ecgdsa.PrivateKey
+
+    // 公钥
+    publicKey *ecgdsa.PublicKey
+
+    // 生成类型
+    curve elliptic.Curve
+
+    // 签名验证类型
+    signHash HashFunc
+
+    // 数据编码方式
+    encoding EncodingType
+
+    // [私钥/公钥]数据
+    keyData []byte
+
+    // 传入数据
+    data []byte
+
+    // 解析后的数据
+    parsedData []byte
+
+    // 验证结果
+    verify bool
+
+    // 错误
+    Errors []error
+}
+
+// 构造函数
+func NewECGDSA() ECGDSA {
+    return ECGDSA{
+        curve:    elliptic.P256(),
+        signHash: sha256.New,
+        verify:   false,
+        Errors:   make([]error, 0),
+    }
+}
+
+// 构造函数
+func New() ECGDSA {
+    return NewECGDSA()
+}
+
+var (
+    // 默认
+    defaultECGDSA = NewECGDSA()
+)