README
¶
Crypto - 加密工具
一个功能强大的Go加密工具包,提供常用的加密、解密、哈希和签名功能。
🚀 特性
- 🔐 AES加密: 支持AES-128/192/256加密解密
- 🔑 RSA加密: 支持RSA公钥/私钥加密解密
- 🔒 哈希算法: 支持MD5、SHA1、SHA256、SHA512
- 🛡️ 密码哈希: 支持bcrypt密码加盐哈希
- 📝 数字签名: 支持RSA/ECDSA数字签名
- 🎯 简洁API: 类似其他helwd工具的简洁设计
- ⚡ 高性能: 优化的加密算法实现
📦 安装
go get github.com/fastgox/utils/crypto
🎯 快速开始
AES加密
package main
import (
"fmt"
"github.com/fastgox/utils/crypto"
)
func main() {
// AES加密
plaintext := "Hello, World!"
key := "my-secret-key-32-bytes-long!!"
encrypted, err := crypto.AESEncrypt(plaintext, key)
if err != nil {
panic(err)
}
fmt.Printf("加密结果: %s\n", encrypted)
// AES解密
decrypted, err := crypto.AESDecrypt(encrypted, key)
if err != nil {
panic(err)
}
fmt.Printf("解密结果: %s\n", decrypted)
}
RSA加密
func main() {
// 生成RSA密钥对
privateKey, publicKey, err := crypto.GenerateRSAKeyPair(2048)
if err != nil {
panic(err)
}
// RSA加密
plaintext := "Hello, RSA!"
encrypted, err := crypto.RSAEncrypt(plaintext, publicKey)
if err != nil {
panic(err)
}
// RSA解密
decrypted, err := crypto.RSADecrypt(encrypted, privateKey)
if err != nil {
panic(err)
}
fmt.Printf("解密结果: %s\n", decrypted)
}
哈希算法
func main() {
data := "Hello, Hash!"
// MD5哈希
md5Hash := crypto.MD5(data)
fmt.Printf("MD5: %s\n", md5Hash)
// SHA256哈希
sha256Hash := crypto.SHA256(data)
fmt.Printf("SHA256: %s\n", sha256Hash)
// SHA512哈希
sha512Hash := crypto.SHA512(data)
fmt.Printf("SHA512: %s\n", sha512Hash)
}
密码哈希
func main() {
password := "my-password"
// 生成密码哈希
hashedPassword, err := crypto.HashPassword(password)
if err != nil {
panic(err)
}
fmt.Printf("密码哈希: %s\n", hashedPassword)
// 验证密码
isValid := crypto.CheckPassword(password, hashedPassword)
fmt.Printf("密码验证: %v\n", isValid)
}
数字签名
func main() {
// 生成密钥对
privateKey, publicKey, err := crypto.GenerateRSAKeyPair(2048)
if err != nil {
panic(err)
}
data := "Hello, Signature!"
// 生成签名
signature, err := crypto.RSASign(data, privateKey)
if err != nil {
panic(err)
}
// 验证签名
isValid, err := crypto.RSAVerify(data, signature, publicKey)
if err != nil {
panic(err)
}
fmt.Printf("签名验证: %v\n", isValid)
}
📚 API 文档
AES加密函数
// AES加密解密
crypto.AESEncrypt(plaintext, key string) (string, error)
crypto.AESDecrypt(ciphertext, key string) (string, error)
// AES加密解密(字节)
crypto.AESEncryptBytes(plaintext, key []byte) ([]byte, error)
crypto.AESDecryptBytes(ciphertext, key []byte) ([]byte, error)
// 生成AES密钥
crypto.GenerateAESKey(keySize int) ([]byte, error) // 16, 24, 32
RSA加密函数
// RSA密钥生成
crypto.GenerateRSAKeyPair(keySize int) (privateKey, publicKey string, err error)
crypto.GenerateRSAKeyPairToFile(keySize int, privateKeyFile, publicKeyFile string) error
// RSA加密解密
crypto.RSAEncrypt(plaintext, publicKey string) (string, error)
crypto.RSADecrypt(ciphertext, privateKey string) (string, error)
// RSA签名验证
crypto.RSASign(data, privateKey string) (string, error)
crypto.RSAVerify(data, signature, publicKey string) (bool, error)
哈希函数
// 基本哈希
crypto.MD5(data string) string
crypto.SHA1(data string) string
crypto.SHA256(data string) string
crypto.SHA512(data string) string
// 字节哈希
crypto.MD5Bytes(data []byte) []byte
crypto.SHA256Bytes(data []byte) []byte
// HMAC
crypto.HMACSHA256(data, key string) string
crypto.HMACSHA512(data, key string) string
密码哈希函数
// bcrypt密码哈希
crypto.HashPassword(password string) (string, error)
crypto.CheckPassword(password, hashedPassword string) bool
// 自定义成本
crypto.HashPasswordWithCost(password string, cost int) (string, error)
工具函数
// 随机数生成
crypto.GenerateRandomBytes(length int) ([]byte, error)
crypto.GenerateRandomString(length int) (string, error)
// Base64编码
crypto.Base64Encode(data []byte) string
crypto.Base64Decode(data string) ([]byte, error)
// Hex编码
crypto.HexEncode(data []byte) string
crypto.HexDecode(data string) ([]byte, error)
🔧 高级功能
配置选项
// 设置默认AES密钥
crypto.SetDefaultAESKey("your-default-key-32-bytes!!")
// 使用默认密钥加密
encrypted, err := crypto.AESEncryptDefault("Hello, World!")
// 设置默认bcrypt成本
crypto.SetDefaultBcryptCost(12)
文件加密
// 加密文件
err := crypto.EncryptFile("input.txt", "output.enc", "my-key")
// 解密文件
err := crypto.DecryptFile("output.enc", "decrypted.txt", "my-key")
🛡️ 安全建议
- 密钥管理: 不要在代码中硬编码密钥,使用环境变量或配置文件
- 密钥长度: AES使用32字节密钥,RSA使用至少2048位
- 随机性: 使用加密安全的随机数生成器
- 密码哈希: 使用bcrypt等安全的密码哈希算法
- 定期更新: 定期更新密钥和算法
🎮 运行示例
# 克隆项目
git clone https://github.com/fastgox/utils.git
cd utils
# 运行加密演示
go run main.go
🌟 特色
- 🎯 专注实用: 只包含最常用的加密功能
- 📝 简洁API: 链式调用,代码简洁优雅
- ⚡ 开箱即用: 无需复杂配置,直接使用
- 🔧 灵活配置: 支持自定义参数和选项
- 💡 最佳实践: 遵循加密安全最佳实践
🤝 贡献
欢迎提交Issue和Pull Request!
📄 许可证
MIT License
Documentation
¶
Index ¶
- Constants
- Variables
- func AESDecrypt(ciphertext, key string) (string, error)
- func AESDecryptBytes(ciphertext, key []byte) ([]byte, error)
- func AESDecryptCBC(ciphertext, key []byte) ([]byte, error)
- func AESDecryptDefault(ciphertext string) (string, error)
- func AESDecryptWithPassword(ciphertext, password string) (string, error)
- func AESEncrypt(plaintext, key string) (string, error)
- func AESEncryptBytes(plaintext, key []byte) ([]byte, error)
- func AESEncryptCBC(plaintext, key []byte) ([]byte, error)
- func AESEncryptDefault(plaintext string) (string, error)
- func AESEncryptWithPassword(plaintext, password string) (string, error)
- func AESKeyFromPassword(password, salt string, keySize int) ([]byte, error)
- func Base64Decode(data string) ([]byte, error)
- func Base64Encode(data []byte) string
- func Base64URLDecode(data string) ([]byte, error)
- func Base64URLEncode(data []byte) string
- func Benchmark()
- func CheckPassword(password, hashedPassword string) bool
- func CheckPasswordWithError(password, hashedPassword string) error
- func CompareHash(hash1, hash2 string) bool
- func DecryptFile(inputFile, outputFile, password string) error
- func DecryptFileWithOptions(inputFile, outputFile, password string, options *FileEncryptionOptions) error
- func DecryptStream(reader io.Reader, writer io.Writer, password string) error
- func EncryptFile(inputFile, outputFile, password string) error
- func EncryptFileWithOptions(inputFile, outputFile, password string, options *FileEncryptionOptions) error
- func EncryptStream(reader io.Reader, writer io.Writer, password string) error
- func FileExists(filename string) bool
- func FileHash(filename string, algorithm HashAlgorithm) (string, error)
- func FileMD5(filename string) (string, error)
- func FileSHA256(filename string) (string, error)
- func FileSHA512(filename string) (string, error)
- func GenerateAESKey(keySize int) ([]byte, error)
- func GenerateKeyPair() (privateKey, publicKey string, err error)
- func GeneratePassword(length int, includeSymbols bool) (string, error)
- func GenerateRSAKeyPair(keySize int) (privateKey, publicKey string, err error)
- func GenerateRSAKeyPairToFile(keySize int, privateKeyFile, publicKeyFile string) error
- func GenerateRandomBase64(length int) (string, error)
- func GenerateRandomBytes(length int) ([]byte, error)
- func GenerateRandomHex(length int) (string, error)
- func GenerateRandomString(length int) (string, error)
- func GenerateRandomStringFromChars(length int, charset string) (string, error)
- func GenerateSecretKey() ([]byte, error)
- func GenerateSecretKeyString() (string, error)
- func GenerateStrongPassword(length int) (string, error)
- func GenerateUUID() (string, error)
- func GetPasswordHashCost(hashedPassword string) (int, error)
- func GetRSAPublicKeyFromPrivate(privateKeyPEM string) (string, error)
- func HMAC(data, key []byte, algorithm HashAlgorithm) []byte
- func HMACMD5(data, key string) string
- func HMACMD5Bytes(data, key []byte) []byte
- func HMACSHA256(data, key string) string
- func HMACSHA256Bytes(data, key []byte) []byte
- func HMACSHA512(data, key string) string
- func HMACSHA512Bytes(data, key []byte) []byte
- func HMACString(data, key string, algorithm HashAlgorithm) string
- func Hash(data []byte, algorithm HashAlgorithm) []byte
- func HashMultiple(data [][]byte, algorithm HashAlgorithm) []byte
- func HashMultipleString(data []string, algorithm HashAlgorithm) string
- func HashPassword(password string) (string, error)
- func HashPasswordWithCost(password string, cost int) (string, error)
- func HashString(data string, algorithm HashAlgorithm) string
- func HexDecode(data string) ([]byte, error)
- func HexEncode(data []byte) string
- func Info() map[string]interface{}
- func Init()
- func InitWithConfig(config *Config)
- func IsValidBase64(s string) bool
- func IsValidHex(s string) bool
- func IsValidPasswordHash(hashedPassword string) bool
- func JoinBytes(chunks [][]byte) []byte
- func LoadRSAPrivateKeyFromFile(filename string) (string, error)
- func LoadRSAPublicKeyFromFile(filename string) (string, error)
- func MD5(data string) string
- func MD5Bytes(data []byte) []byte
- func PBKDF2(password, salt []byte, iterations, keyLength int, hashFunc func([]byte) []byte) []byte
- func PadBytes(data []byte, length int, padByte byte) []byte
- func QuickDecrypt(encryptedData, password string) (string, error)
- func QuickEncrypt(data, password string) (string, error)
- func QuickHMAC(data, key string) string
- func QuickHash(data string) string
- func QuickSign(data, privateKey string) (string, error)
- func QuickVerify(data, signature, publicKey string) (bool, error)
- func RSADecrypt(ciphertext, privateKeyPEM string) (string, error)
- func RSADecryptBytes(ciphertext []byte, privateKeyPEM string) ([]byte, error)
- func RSAEncrypt(plaintext, publicKeyPEM string) (string, error)
- func RSAEncryptBytes(plaintext []byte, publicKeyPEM string) ([]byte, error)
- func RSAKeyInfo(keyPEM string) (keySize int, keyType string, err error)
- func RSASign(data, privateKeyPEM string) (string, error)
- func RSAVerify(data, signature, publicKeyPEM string) (bool, error)
- func RotateLeft(data []byte, positions int) []byte
- func RotateRight(data []byte, positions int) []byte
- func SHA1(data string) string
- func SHA1Bytes(data []byte) []byte
- func SHA256(data string) string
- func SHA256Bytes(data []byte) []byte
- func SHA512(data string) string
- func SHA512Bytes(data []byte) []byte
- func SecureCompare(a, b []byte) bool
- func SecureCompareString(a, b string) bool
- func SecureDeleteFile(filename string) error
- func SetDefaultAESKey(key string)
- func SetDefaultBcryptCost(cost int)
- func SetDefaultRSAKeySize(keySize int)
- func SetGlobalConfig(config *Config)
- func SplitBytes(data []byte, chunkSize int) [][]byte
- func UnpadBytes(data []byte, padByte byte) []byte
- func ValidateAESKeySize(keySize int) error
- func ValidateBcryptCost(cost int) error
- func ValidateHash(hashStr string, algorithm HashAlgorithm) bool
- func ValidatePassword(password string, policy *PasswordPolicy) error
- func ValidateRSAKeySize(keySize int) error
- func VerifyHMAC(data, key []byte, expectedMAC []byte, algorithm HashAlgorithm) bool
- func VerifyHMACString(data, key, expectedMAC string, algorithm HashAlgorithm) bool
- func Version() string
- func XORBytes(a, b []byte) []byte
- func ZeroBytes(data []byte)
- func ZeroString(s *string)
- type Config
- type EncryptionMode
- type FileEncryptionOptions
- type HashAlgorithm
- type PasswordHashOptions
- type PasswordPolicy
- type PasswordStrength
- type RSAKeyPair
- type RandomOptions
- type SignatureAlgorithm
Constants ¶
View Source
const ( AES128KeySize = 16 // AES-128 AES192KeySize = 24 // AES-192 AES256KeySize = 32 // AES-256 RSA1024KeySize = 1024 // RSA-1024 (不推荐) RSA2048KeySize = 2048 // RSA-2048 (推荐) RSA3072KeySize = 3072 // RSA-3072 RSA4096KeySize = 4096 // RSA-4096 DefaultBcryptCost = 12 // bcrypt默认成本 )
常用的密钥长度
Variables ¶
View Source
var ( ErrInvalidKeySize = errors.New("无效的密钥长度") ErrInvalidKey = errors.New("无效的密钥") ErrInvalidCiphertext = errors.New("无效的密文") ErrInvalidPlaintext = errors.New("无效的明文") ErrInvalidSignature = errors.New("无效的签名") ErrKeyGenerationFailed = errors.New("密钥生成失败") ErrEncryptionFailed = errors.New("加密失败") ErrDecryptionFailed = errors.New("解密失败") ErrSigningFailed = errors.New("签名失败") ErrVerificationFailed = errors.New("验证失败") )
常见错误
Functions ¶
func AESDecryptBytes ¶
AESDecryptBytes AES解密(字节)
func AESDecryptCBC ¶
AESDecryptCBC AES-CBC模式解密
func AESDecryptDefault ¶
AESDecryptDefault 使用默认密钥解密
func AESDecryptWithPassword ¶
AESDecryptWithPassword 使用密码解密
func AESEncryptBytes ¶
AESEncryptBytes AES加密(字节)
func AESEncryptCBC ¶
AESEncryptCBC AES-CBC模式加密
func AESEncryptDefault ¶
AESEncryptDefault 使用默认密钥加密
func AESEncryptWithPassword ¶
AESEncryptWithPassword 使用密码加密
func AESKeyFromPassword ¶
AESKeyFromPassword 从密码生成AES密钥
func Base64URLDecode ¶
Base64URLDecode Base64 URL安全解码
func CheckPasswordWithError ¶
CheckPasswordWithError 验证密码(返回错误信息)
func DecryptFileWithOptions ¶
func DecryptFileWithOptions(inputFile, outputFile, password string, options *FileEncryptionOptions) error
DecryptFileWithOptions 使用选项解密文件
func DecryptStream ¶
DecryptStream 解密数据流
func EncryptFileWithOptions ¶
func EncryptFileWithOptions(inputFile, outputFile, password string, options *FileEncryptionOptions) error
EncryptFileWithOptions 使用选项加密文件
func EncryptStream ¶
EncryptStream 加密数据流
func FileHash ¶
func FileHash(filename string, algorithm HashAlgorithm) (string, error)
FileHash 计算文件哈希
func GenerateKeyPair ¶
GenerateKeyPair 生成密钥对(默认RSA-2048)
func GeneratePassword ¶
GeneratePassword 生成随机密码
func GenerateRSAKeyPair ¶
GenerateRSAKeyPair 生成RSA密钥对(返回PEM格式字符串)
func GenerateRSAKeyPairToFile ¶
GenerateRSAKeyPairToFile 生成RSA密钥对并保存到文件
func GenerateRandomBase64 ¶
GenerateRandomBase64 生成随机Base64字符串
func GenerateRandomBytes ¶
GenerateRandomBytes 生成随机字节
func GenerateRandomHex ¶
GenerateRandomHex 生成随机十六进制字符串
func GenerateRandomString ¶
GenerateRandomString 生成随机字符串(字母数字)
func GenerateRandomStringFromChars ¶
GenerateRandomStringFromChars 从指定字符集生成随机字符串
func GenerateSecretKeyString ¶
GenerateSecretKeyString 生成密钥字符串(默认AES-256)
func GenerateStrongPassword ¶
GenerateStrongPassword 生成强密码
func GetPasswordHashCost ¶
GetPasswordHashCost 获取密码哈希的成本
func GetRSAPublicKeyFromPrivate ¶
GetRSAPublicKeyFromPrivate 从私钥提取公钥
func HMACSHA256Bytes ¶
HMACSHA256Bytes 计算HMAC-SHA256(字节)
func HMACSHA512Bytes ¶
HMACSHA512Bytes 计算HMAC-SHA512(字节)
func HMACString ¶
func HMACString(data, key string, algorithm HashAlgorithm) string
HMACString 通用HMAC函数(字符串)
func HashMultiple ¶
func HashMultiple(data [][]byte, algorithm HashAlgorithm) []byte
HashMultiple 计算多个数据的组合哈希
func HashMultipleString ¶
func HashMultipleString(data []string, algorithm HashAlgorithm) string
HashMultipleString 计算多个字符串的组合哈希
func HashPasswordWithCost ¶
HashPasswordWithCost 使用指定成本哈希密码
func HashString ¶
func HashString(data string, algorithm HashAlgorithm) string
HashString 通用哈希函数(字符串)
func IsValidPasswordHash ¶
IsValidPasswordHash 检查是否为有效的bcrypt哈希
func LoadRSAPrivateKeyFromFile ¶
LoadRSAPrivateKeyFromFile 从文件加载RSA私钥
func LoadRSAPublicKeyFromFile ¶
LoadRSAPublicKeyFromFile 从文件加载RSA公钥
func QuickDecrypt ¶
QuickDecrypt 快速解密(使用默认设置)
func QuickEncrypt ¶
QuickEncrypt 快速加密(使用默认设置)
func QuickVerify ¶
QuickVerify 快速验证签名(使用RSA)
func RSADecrypt ¶
RSADecrypt RSA私钥解密
func RSADecryptBytes ¶
RSADecryptBytes RSA私钥解密(字节)
func RSAEncrypt ¶
RSAEncrypt RSA公钥加密
func RSAEncryptBytes ¶
RSAEncryptBytes RSA公钥加密(字节)
func RSAKeyInfo ¶
RSAKeyInfo 获取RSA密钥信息
func SecureCompareString ¶
SecureCompareString 安全比较两个字符串(防止时序攻击)
func ValidateHash ¶
func ValidateHash(hashStr string, algorithm HashAlgorithm) bool
ValidateHash 验证哈希格式
func ValidatePassword ¶
func ValidatePassword(password string, policy *PasswordPolicy) error
ValidatePassword 根据策略验证密码
func VerifyHMAC ¶
func VerifyHMAC(data, key []byte, expectedMAC []byte, algorithm HashAlgorithm) bool
VerifyHMAC 验证HMAC
func VerifyHMACString ¶
func VerifyHMACString(data, key, expectedMAC string, algorithm HashAlgorithm) bool
VerifyHMACString 验证HMAC(字符串)
Types ¶
type Config ¶
type Config struct {
DefaultAESKey string // 默认AES密钥
DefaultBcryptCost int // 默认bcrypt成本
DefaultRSAKeySize int // 默认RSA密钥长度
}
Config 加密工具配置
type EncryptionMode ¶
type EncryptionMode int
EncryptionMode 加密模式
const ( CBC EncryptionMode = iota // CBC模式 GCM // GCM模式 CFB // CFB模式 OFB // OFB模式 )
type FileEncryptionOptions ¶
type FileEncryptionOptions struct {
Algorithm string // 加密算法 (AES)
Mode EncryptionMode // 加密模式
KeySize int // 密钥长度
BufferSize int // 缓冲区大小
Compress bool // 是否压缩
IncludeHeader bool // 是否包含文件头
}
FileEncryptionOptions 文件加密选项
func DefaultFileEncryptionOptions ¶
func DefaultFileEncryptionOptions() *FileEncryptionOptions
DefaultFileEncryptionOptions 返回默认文件加密选项
type HashAlgorithm ¶
type HashAlgorithm int
HashAlgorithm 哈希算法类型
const ( HashMD5 HashAlgorithm = iota HashSHA1 HashSHA224 HashSHA256 HashSHA384 HashSHA512 )
type PasswordHashOptions ¶
type PasswordHashOptions struct {
Algorithm string // 哈希算法 (bcrypt, scrypt, argon2)
Cost int // 成本参数
SaltSize int // 盐长度
}
PasswordHashOptions 密码哈希选项
func DefaultPasswordHashOptions ¶
func DefaultPasswordHashOptions() *PasswordHashOptions
DefaultPasswordHashOptions 返回默认密码哈希选项
type PasswordPolicy ¶
type PasswordPolicy struct {
MinLength int // 最小长度
RequireLower bool // 需要小写字母
RequireUpper bool // 需要大写字母
RequireDigit bool // 需要数字
RequireSpecial bool // 需要特殊字符
}
ValidatePasswordPolicy 验证密码策略
func DefaultPasswordPolicy ¶
func DefaultPasswordPolicy() *PasswordPolicy
DefaultPasswordPolicy 返回默认密码策略
type PasswordStrength ¶
type PasswordStrength int
PasswordStrength 密码强度评估
const ( Weak PasswordStrength = iota Fair Good Strong VeryStrong )
func CheckPasswordStrength ¶
func CheckPasswordStrength(password string) PasswordStrength
CheckPasswordStrength 检查密码强度
type RSAKeyPair ¶
type RSAKeyPair struct {
PrivateKey *rsa.PrivateKey
PublicKey *rsa.PublicKey
PrivatePEM string // PEM格式私钥
PublicPEM string // PEM格式公钥
}
RSAKeyPair RSA密钥对
type RandomOptions ¶
type RandomOptions struct {
Length int // 长度
UseNumbers bool // 使用数字
UseLetters bool // 使用字母
UseSymbols bool // 使用符号
CustomChars string // 自定义字符集
}
RandomOptions 随机数生成选项
func DefaultRandomOptions ¶
func DefaultRandomOptions() *RandomOptions
DefaultRandomOptions 返回默认随机数选项
type SignatureAlgorithm ¶
type SignatureAlgorithm int
SignatureAlgorithm 签名算法类型
const ( RSA_PKCS1v15 SignatureAlgorithm = iota // RSA PKCS#1 v1.5 RSA_PSS // RSA PSS ECDSA_P256 // ECDSA P-256 ECDSA_P384 // ECDSA P-384 ECDSA_P521 // ECDSA P-521 )
Source Files
Click to show internal directories.
Click to hide internal directories.