github.com/bigzoro/my_simplechain@v0.0.0-20240315012955-8ad0a2a29bb9/core/access_contoller/crypto/crypto.go (about) 1 /* 2 Copyright (C) BABEC. All rights reserved. 3 Copyright (C) THL A29 Limited, a Tencent company. All rights reserved. 4 5 SPDX-License-Identifier: Apache-2.0 6 */ 7 8 package crypto 9 10 import ( 11 "crypto" 12 ) 13 14 const ( 15 // 密码算法默认值,若是此项,将采用配置文件中配置的密码算法 16 CRYPTO_ALGO_HASH_DEFAULT = "" 17 CRYPTO_ALGO_SYM_DEFAULT = "" 18 CRYPTO_ALGO_ASYM_DEFAULT = "" 19 20 // 哈希算法 21 CRYPTO_ALGO_SHA256 = "SHA256" 22 CRYPTO_ALGO_SHA3_256 = "SHA3_256" 23 CRYPTO_ALGO_SM3 = "SM3" 24 25 // 对称加密 26 CRYPTO_ALGO_AES = "AES" 27 CRYPTO_ALGO_AES128 = "AES128" 28 CRYPTO_ALGO_AES192 = "AES192" 29 CRYPTO_ALGO_AES256 = "AES256" 30 CRYPTO_ALGO_SM4 = "SM4" 31 32 // 非对称秘钥 33 CRYPTO_ALGO_RSA512 = "RSA512" 34 CRYPTO_ALGO_RSA1024 = "RSA1024" 35 CRYPTO_ALGO_RSA2048 = "RSA2048" 36 CRYPTO_ALGO_RSA3072 = "RSA3072" 37 CRYPTO_ALGO_SM2 = "SM2" 38 CRYPTO_ALGO_ECC_P256 = "ECC_P256" 39 CRYPTO_ALGO_ECC_P384 = "ECC_P384" 40 CRYPTO_ALGO_ECC_P521 = "ECC_P521" 41 CRYPTO_ALGO_ECC_Ed25519 = "ECC_Ed25519" 42 CRYPTO_ALGO_ECC_Secp256k1 = "ECC_Secp256k1" 43 ) 44 45 type HashType uint 46 47 const ( 48 HASH_TYPE_SM3 HashType = 20 49 HASH_TYPE_SHA256 HashType = HashType(crypto.SHA256) 50 HASH_TYPE_SHA3_256 HashType = HashType(crypto.SHA3_256) 51 ) 52 53 const ( 54 SM3 = crypto.Hash(HASH_TYPE_SM3) 55 ) 56 57 // constant UID for SM2-SM3 58 const CRYPTO_DEFAULT_UID = "1234567812345678" 59 60 // 秘钥类型 61 type KeyType int 62 63 const ( 64 // 对称秘钥 65 AES KeyType = iota 66 SM4 67 // 非对称秘钥 68 RSA512 69 RSA1024 70 RSA2048 71 RSA3072 72 SM2 73 ECC_Secp256k1 74 ECC_NISTP256 75 ECC_NISTP384 76 ECC_NISTP521 77 ECC_Ed25519 78 ) 79 80 var KeyType2NameMap = map[KeyType]string{ 81 AES: CRYPTO_ALGO_AES, 82 SM4: CRYPTO_ALGO_SM4, 83 RSA512: CRYPTO_ALGO_RSA512, 84 RSA1024: CRYPTO_ALGO_RSA1024, 85 RSA2048: CRYPTO_ALGO_RSA2048, 86 RSA3072: CRYPTO_ALGO_RSA3072, 87 SM2: CRYPTO_ALGO_SM2, 88 ECC_Secp256k1: CRYPTO_ALGO_ECC_Secp256k1, 89 ECC_NISTP256: "ECC_NISTP256", 90 ECC_NISTP384: "ECC_NISTP384", 91 ECC_NISTP521: "ECC_NISTP521", 92 ECC_Ed25519: CRYPTO_ALGO_ECC_Ed25519, 93 } 94 var Name2KeyTypeMap = map[string]KeyType{ 95 CRYPTO_ALGO_AES: AES, 96 CRYPTO_ALGO_SM4: SM4, 97 CRYPTO_ALGO_RSA512: RSA512, 98 CRYPTO_ALGO_RSA1024: RSA1024, 99 CRYPTO_ALGO_RSA2048: RSA2048, 100 CRYPTO_ALGO_RSA3072: RSA3072, 101 CRYPTO_ALGO_SM2: SM2, 102 CRYPTO_ALGO_ECC_Secp256k1: ECC_Secp256k1, 103 "ECC_NISTP256": ECC_NISTP256, 104 "ECC_NISTP384": ECC_NISTP384, 105 "ECC_NISTP521": ECC_NISTP521, 106 CRYPTO_ALGO_ECC_Ed25519: ECC_Ed25519, 107 } 108 109 type BitsSize int 110 111 const ( 112 BITS_SIZE_128 BitsSize = 128 113 BITS_SIZE_192 BitsSize = 192 114 BITS_SIZE_256 BitsSize = 256 115 BITS_SIZE_512 BitsSize = 512 116 BITS_SIZE_1024 BitsSize = 1024 117 BITS_SIZE_2048 BitsSize = 2048 118 BITS_SIZE_3072 BitsSize = 3072 119 ) 120 121 var HashAlgoMap = map[string]HashType{ 122 CRYPTO_ALGO_SHA256: HASH_TYPE_SHA256, 123 CRYPTO_ALGO_SHA3_256: HASH_TYPE_SHA3_256, 124 CRYPTO_ALGO_SM3: HASH_TYPE_SM3, 125 } 126 127 var SymAlgoMap = map[string]KeyType{ 128 // 对称秘钥 129 CRYPTO_ALGO_AES: AES, 130 CRYPTO_ALGO_AES128: AES, 131 CRYPTO_ALGO_AES192: AES, 132 CRYPTO_ALGO_AES256: AES, 133 CRYPTO_ALGO_SM4: SM4, 134 } 135 136 var AsymAlgoMap = map[string]KeyType{ 137 // 非对称秘钥 138 CRYPTO_ALGO_RSA512: RSA512, 139 CRYPTO_ALGO_RSA1024: RSA1024, 140 CRYPTO_ALGO_RSA2048: RSA2048, 141 CRYPTO_ALGO_RSA3072: RSA3072, 142 CRYPTO_ALGO_SM2: SM2, 143 CRYPTO_ALGO_ECC_P256: ECC_NISTP256, 144 CRYPTO_ALGO_ECC_P384: ECC_NISTP384, 145 CRYPTO_ALGO_ECC_P521: ECC_NISTP521, 146 CRYPTO_ALGO_ECC_Ed25519: ECC_Ed25519, 147 CRYPTO_ALGO_ECC_Secp256k1: ECC_Secp256k1, 148 } 149 150 // Signing options 151 type SignOpts struct { 152 Hash HashType 153 UID string 154 EncodingType string 155 } 156 157 // Encryption options 158 type EncOpts struct { 159 EncodingType string 160 BlockMode string 161 EnableMAC bool 162 Hash HashType 163 Label []byte 164 EnableASN1 bool 165 } 166 167 // === 秘钥接口 === 168 type Key interface { 169 // 获取秘钥字节数组 170 Bytes() ([]byte, error) 171 172 // 获取秘钥类型 173 Type() KeyType 174 175 // 获取编码后秘钥(PEM格式) 176 String() (string, error) 177 } 178 179 // === 对称秘钥加解密接口 === 180 type SymmetricKey interface { 181 Key 182 183 // 加密接口 184 Encrypt(plain []byte) ([]byte, error) 185 EncryptWithOpts(plain []byte, opts *EncOpts) ([]byte, error) 186 187 // 解密接口 188 Decrypt(ciphertext []byte) ([]byte, error) 189 DecryptWithOpts(ciphertext []byte, opts *EncOpts) ([]byte, error) 190 } 191 192 // === 非对称秘钥签名+验签接口 === 193 // 私钥签名接口 194 type PrivateKey interface { 195 Key 196 197 // 私钥签名 198 Sign(data []byte) ([]byte, error) 199 200 SignWithOpts(data []byte, opts *SignOpts) ([]byte, error) 201 202 // 返回公钥 203 PublicKey() PublicKey 204 205 // 转换为crypto包中的 PrivateKey 接口类 206 ToStandardKey() crypto.PrivateKey 207 } 208 209 // 公钥验签接口 210 type PublicKey interface { 211 Key 212 213 // 公钥验签 214 Verify(data []byte, sig []byte) (bool, error) 215 216 VerifyWithOpts(data []byte, sig []byte, opts *SignOpts) (bool, error) 217 218 // 转换为crypto包中的 PublicKey 接口类 219 ToStandardKey() crypto.PublicKey 220 } 221 222 // Encryption interface 223 224 type DecryptKey interface { 225 Key 226 227 Decrypt(ciphertext []byte) ([]byte, error) 228 229 DecryptWithOpts(ciphertext []byte, opts *EncOpts) ([]byte, error) 230 231 EncryptKey() EncryptKey 232 } 233 234 type EncryptKey interface { 235 Key 236 237 Encrypt(data []byte) ([]byte, error) 238 239 EncryptWithOpts(data []byte, opts *EncOpts) ([]byte, error) 240 } 241 242 type Encryptor interface { 243 Encrypt(data []byte) ([]byte, error) 244 Decrypt(ciphertext []byte) ([]byte, error) 245 }