github.com/aliyun/aliyun-oss-go-sdk@v3.0.2+incompatible/oss/crypto/master_rsa_cipher.go

github.com/aliyun/aliyun-oss-go-sdk@v3.0.2+incompatible/oss/crypto/master_rsa_cipher.go (about)

     1  package osscrypto
     2  
     3  import (
     4  	"crypto/rand"
     5  	"crypto/rsa"
     6  	"crypto/x509"
     7  	"encoding/asn1"
     8  	"encoding/json"
     9  	"encoding/pem"
    10  	"fmt"
    11  )
    12  
    13  // CreateMasterRsa Create master key interface implemented by rsa
    14  // matDesc will be converted to json string
    15  func CreateMasterRsa(matDesc map[string]string, publicKey string, privateKey string) (MasterCipher, error) {
    16  	var masterCipher MasterRsaCipher
    17  	var jsonDesc string
    18  	if len(matDesc) > 0 {
    19  		b, err := json.Marshal(matDesc)
    20  		if err != nil {
    21  			return masterCipher, err
    22  		}
    23  		jsonDesc = string(b)
    24  	}
    25  	masterCipher.MatDesc = jsonDesc
    26  	masterCipher.PublicKey = publicKey
    27  	masterCipher.PrivateKey = privateKey
    28  	return masterCipher, nil
    29  }
    30  
    31  // MasterRsaCipher rsa master key interface
    32  type MasterRsaCipher struct {
    33  	MatDesc    string
    34  	PublicKey  string
    35  	PrivateKey string
    36  }
    37  
    38  // GetWrapAlgorithm get master key wrap algorithm
    39  func (mrc MasterRsaCipher) GetWrapAlgorithm() string {
    40  	return RsaCryptoWrap
    41  }
    42  
    43  // GetMatDesc get master key describe
    44  func (mrc MasterRsaCipher) GetMatDesc() string {
    45  	return mrc.MatDesc
    46  }
    47  
    48  // Encrypt encrypt data by rsa public key
    49  // Mainly used to encrypt object's symmetric secret key and iv
    50  func (mrc MasterRsaCipher) Encrypt(plainData []byte) ([]byte, error) {
    51  	block, _ := pem.Decode([]byte(mrc.PublicKey))
    52  	if block == nil {
    53  		return nil, fmt.Errorf("pem.Decode public key error")
    54  	}
    55  
    56  	var pub *rsa.PublicKey
    57  	if block.Type == "PUBLIC KEY" {
    58  		// pks8 format
    59  		pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
    60  		if err != nil {
    61  			return nil, err
    62  		}
    63  		pub = pubInterface.(*rsa.PublicKey)
    64  	} else if block.Type == "RSA PUBLIC KEY" {
    65  		// pks1 format
    66  		pub = &rsa.PublicKey{}
    67  		_, err := asn1.Unmarshal(block.Bytes, pub)
    68  		if err != nil {
    69  			return nil, err
    70  		}
    71  	} else {
    72  		return nil, fmt.Errorf("not supported public key,type:%s", block.Type)
    73  	}
    74  	return rsa.EncryptPKCS1v15(rand.Reader, pub, plainData)
    75  }
    76  
    77  // Decrypt Decrypt data by rsa private key
    78  // Mainly used to decrypt object's symmetric secret key and iv
    79  func (mrc MasterRsaCipher) Decrypt(cryptoData []byte) ([]byte, error) {
    80  	block, _ := pem.Decode([]byte(mrc.PrivateKey))
    81  	if block == nil {
    82  		return nil, fmt.Errorf("pem.Decode private key error")
    83  	}
    84  
    85  	if block.Type == "PRIVATE KEY" {
    86  		// pks8 format
    87  		privInterface, err := x509.ParsePKCS8PrivateKey(block.Bytes)
    88  		if err != nil {
    89  			return nil, err
    90  		}
    91  		return rsa.DecryptPKCS1v15(rand.Reader, privInterface.(*rsa.PrivateKey), cryptoData)
    92  	} else if block.Type == "RSA PRIVATE KEY" {
    93  		// pks1 format
    94  		priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
    95  		if err != nil {
    96  			return nil, err
    97  		}
    98  		return rsa.DecryptPKCS1v15(rand.Reader, priv, cryptoData)
    99  	} else {
   100  		return nil, fmt.Errorf("not supported private key,type:%s", block.Type)
   101  	}
   102  }