-
Star
(152)
You must be signed in to star a gist -
Fork
(37)
You must be signed in to fork a gist
-
-
Save miguelmota/3ea9286bd1d3c2a985b67cac4ba2130a to your computer and use it in GitHub Desktop.
| package ciphers | |
| import ( | |
| "crypto/rand" | |
| "crypto/rsa" | |
| "crypto/sha512" | |
| "crypto/x509" | |
| "encoding/pem" | |
| "log" | |
| ) | |
| // GenerateKeyPair generates a new key pair | |
| func GenerateKeyPair(bits int) (*rsa.PrivateKey, *rsa.PublicKey) { | |
| privkey, err := rsa.GenerateKey(rand.Reader, bits) | |
| if err != nil { | |
| log.Error(err) | |
| } | |
| return privkey, &privkey.PublicKey | |
| } | |
| // PrivateKeyToBytes private key to bytes | |
| func PrivateKeyToBytes(priv *rsa.PrivateKey) []byte { | |
| privBytes := pem.EncodeToMemory( | |
| &pem.Block{ | |
| Type: "RSA PRIVATE KEY", | |
| Bytes: x509.MarshalPKCS1PrivateKey(priv), | |
| }, | |
| ) | |
| return privBytes | |
| } | |
| // PublicKeyToBytes public key to bytes | |
| func PublicKeyToBytes(pub *rsa.PublicKey) []byte { | |
| pubASN1, err := x509.MarshalPKIXPublicKey(pub) | |
| if err != nil { | |
| log.Error(err) | |
| } | |
| pubBytes := pem.EncodeToMemory(&pem.Block{ | |
| Type: "RSA PUBLIC KEY", | |
| Bytes: pubASN1, | |
| }) | |
| return pubBytes | |
| } | |
| // BytesToPrivateKey bytes to private key | |
| func BytesToPrivateKey(priv []byte) *rsa.PrivateKey { | |
| block, _ := pem.Decode(priv) | |
| enc := x509.IsEncryptedPEMBlock(block) | |
| b := block.Bytes | |
| var err error | |
| if enc { | |
| log.Println("is encrypted pem block") | |
| b, err = x509.DecryptPEMBlock(block, nil) | |
| if err != nil { | |
| log.Error(err) | |
| } | |
| } | |
| key, err := x509.ParsePKCS1PrivateKey(b) | |
| if err != nil { | |
| log.Error(err) | |
| } | |
| return key | |
| } | |
| // BytesToPublicKey bytes to public key | |
| func BytesToPublicKey(pub []byte) *rsa.PublicKey { | |
| block, _ := pem.Decode(pub) | |
| enc := x509.IsEncryptedPEMBlock(block) | |
| b := block.Bytes | |
| var err error | |
| if enc { | |
| log.Println("is encrypted pem block") | |
| b, err = x509.DecryptPEMBlock(block, nil) | |
| if err != nil { | |
| log.Error(err) | |
| } | |
| } | |
| ifc, err := x509.ParsePKIXPublicKey(b) | |
| if err != nil { | |
| log.Error(err) | |
| } | |
| key, ok := ifc.(*rsa.PublicKey) | |
| if !ok { | |
| log.Error("not ok") | |
| } | |
| return key | |
| } | |
| // EncryptWithPublicKey encrypts data with public key | |
| func EncryptWithPublicKey(msg []byte, pub *rsa.PublicKey) []byte { | |
| hash := sha512.New() | |
| ciphertext, err := rsa.EncryptOAEP(hash, rand.Reader, pub, msg, nil) | |
| if err != nil { | |
| log.Error(err) | |
| } | |
| return ciphertext | |
| } | |
| // DecryptWithPrivateKey decrypts data with private key | |
| func DecryptWithPrivateKey(ciphertext []byte, priv *rsa.PrivateKey) []byte { | |
| hash := sha512.New() | |
| plaintext, err := rsa.DecryptOAEP(hash, rand.Reader, priv, ciphertext, nil) | |
| if err != nil { | |
| log.Error(err) | |
| } | |
| return plaintext | |
| } |
I created a new gist that works with chunks and replaced deprecated methods: https://gist.github.com/dadencukillia/db8e9d0080b5d44bdafa5190d8c04758
Do note that:
x509.IsEncryptedPEMBlockandx509.DecryptPEMBlockhas both been flagged asinsecured by design.
If you have any secure alternative, I'm in!Just remove the -----BEGIN PRIVATE KEY----- and -----END PRIVATE KEY------ People are so lazy to read and to understand
lol you cleary don't understand shit.
Do note that:
x509.IsEncryptedPEMBlockandx509.DecryptPEMBlockhas both been flagged asinsecured by design.
If you have any secure alternative, I'm in!Just remove the -----BEGIN PRIVATE KEY----- and -----END PRIVATE KEY------ People are so lazy to read and to understand
read this, get educated, newbie.
Great work! 👍