crypto

package module
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 18, 2026 License: MIT Imports: 23 Imported by: 0

README

加解密算法

主要接口

本包统一定义了如下接口,便于不同算法的无缝切换和组合:

  • Cipher:对称/非对称加密接口
  • Signer:签名接口(如SM2、ECDSA等)
  • Verifier:验签接口
  • Hasher:哈希接口(如SM3、SHA256等)
  • KeyExchanger:密钥协商接口(如ECDH、SM2密钥交换)

接口定义见 interface.go,如:

// Cipher
Encrypt(plain []byte) ([]byte, error)
Decrypt(cipher []byte) ([]byte, error)
Name() string

// Signer
Sign(data []byte) (string, error)
Name() string

// Verifier
Verify(data []byte, signature string) (bool, error)
Name() string

SM2Cipher 用法示例

cipher, _ := NewSM2Cipher()
plain := []byte("hello, sm2!")

// 加解密
crypted, _ := cipher.Encrypt(plain)
decrypted, _ := cipher.Decrypt(crypted)

// 签名/验签
sig, _ := cipher.Sign(plain)
ok, _ := cipher.Verify(plain, sig)

AES 用法示例

key := []byte("1234567890abcdef") // 16字节
cipher, _ := NewAESCipher(key, nil)
plain := []byte("hello, aes!")
crypted, _ := cipher.Encrypt(plain)
decrypted, _ := cipher.Decrypt(crypted)

RSA 用法示例

cipher, _ := NewRSACipher(2048)
plain := []byte("hello, rsa!")
crypted, _ := cipher.Encrypt(plain)
decrypted, _ := cipher.Decrypt(crypted)

SM4 用法示例

key := []byte("1234567890abcdef") // 16字节
cipher, _ := NewSM4Cipher(key)
plain := []byte("hello, sm4!")
crypted, _ := cipher.Encrypt(plain)
decrypted, _ := cipher.Decrypt(crypted)

HMAC/SM3 用法示例

h := NewHMAC([]byte("key"))
mac := h.Sum([]byte("hello"))

h2 := NewSM3Hasher()
hash := h2.Sum([]byte("hello"))

其它说明

  • AES/SM4:对称加密,均实现 Cipher 接口
  • RSA:非对称加密,Cipher 接口
  • HMAC/SM3/SHA256:哈希算法,实现 Hasher 接口
  • ECDSA/SM2:签名验签,Signer/Verifier 接口
  • ECDH/SM2:密钥协商,实现 KeyExchanger 接口

所有算法均可通过接口组合和替换,便于扩展和测试。

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var DefaultAESKey = []byte("f51d66a73d8a0927")

DefaultAESKey 默认AES密钥(16字节)

Functions

func AesDecrypt 

func AesDecrypt(cryptedText, key, iv []byte) ([]byte, error)

AesDecrypt AES解密

func AesEncrypt 

func AesEncrypt(plainText, key, iv []byte) ([]byte, error)

AesEncrypt AES加密

func GenerateAESKey 

func GenerateAESKey(length int) ([]byte, error)

GenerateAESKey 生成AES密钥

func GenerateSM4Key 

func GenerateSM4Key() ([]byte, error)

GenerateSM4Key 生成随机SM4密钥

func PKCS5Padding 

func PKCS5Padding(plaintext []byte, blockSize int) []byte

PKCS5Padding 填充明文

func PKCS5UnPadding 

func PKCS5UnPadding(origData []byte) []byte

PKCS5UnPadding 去除填充数据

func SHA256Sum 

func SHA256Sum(data []byte) []byte

SHA256Sum 计算SHA-256哈希

func SHA512Sum 

func SHA512Sum(data []byte) []byte

SHA512Sum 计算SHA-512哈希

Types

type AESCipher 

type AESCipher struct {
	// contains filtered or unexported fields
}

func NewAESCipher 

func NewAESCipher(key, iv []byte) *AESCipher

func (*AESCipher) Decrypt 

func (a *AESCipher) Decrypt(cipher []byte) ([]byte, error)

func (*AESCipher) Encrypt 

func (a *AESCipher) Encrypt(plain []byte) ([]byte, error)

func (*AESCipher) Name 

func (a *AESCipher) Name() string

type AESGCMCipher added in v0.0.2 

type AESGCMCipher struct {
	// contains filtered or unexported fields
}

func NewAESGCMCipher added in v0.0.2 

func NewAESGCMCipher(key []byte) (*AESGCMCipher, error)

NewAESGCMCipher 创建AES-GCM模式的Cipher

func (*AESGCMCipher) Decrypt added in v0.0.2 

func (a *AESGCMCipher) Decrypt(ciphertext []byte) ([]byte, error)

Decrypt 使用AES-GCM解密

func (*AESGCMCipher) Encrypt added in v0.0.2 

func (a *AESGCMCipher) Encrypt(plain []byte) ([]byte, error)

Encrypt 使用AES-GCM加密

func (*AESGCMCipher) Name added in v0.0.2 

func (a *AESGCMCipher) Name() string

type Cipher 

type Cipher interface {
	// Encrypt 使用指定的密钥和初始化向量(IV)加密明文数据,返回加密后的数据
	Encrypt(plain []byte) ([]byte, error)

	// Decrypt 使用指定的密钥和初始化向量(IV)解密密文数据,返回解密后的数据
	Decrypt(cipher []byte) ([]byte, error)

	// Name 返回算法名称
	Name() string
}

Cipher 定义了加密算法的接口,支持加密和解密操作

type ECDHCipher 

type ECDHCipher struct {
	// contains filtered or unexported fields
}

func NewECDHCipher 

func NewECDHCipher() (*ECDHCipher, error)

NewECDHCipher 生成新的ECDH密钥对

func (*ECDHCipher) DeriveSharedSecret 

func (e *ECDHCipher) DeriveSharedSecret(peerPubBytes []byte) ([]byte, error)

DeriveSharedSecret 计算共享密钥

func (*ECDHCipher) Name 

func (e *ECDHCipher) Name() string

Name 返回算法名称

func (*ECDHCipher) PrivateKey 

func (e *ECDHCipher) PrivateKey() *ecdh.PrivateKey

PrivateKey 获取私钥(仅用于安全存储,禁止对外泄露)

func (*ECDHCipher) PublicKey 

func (e *ECDHCipher) PublicKey() *ecdh.PublicKey

PublicKey 获取公钥(用于导出、传输给对方)

func (*ECDHCipher) PublicKeyBytes 

func (e *ECDHCipher) PublicKeyBytes() []byte

PublicKeyBytes 获取公钥字节

type ECDSACipher 

type ECDSACipher struct {
	// contains filtered or unexported fields
}

func NewECDSACipher 

func NewECDSACipher() (*ECDSACipher, error)

NewECDSACipher 生成新的ECDSA密钥对

func (*ECDSACipher) Name 

func (e *ECDSACipher) Name() string

Name 返回算法名称

func (*ECDSACipher) PrivateKey 

func (e *ECDSACipher) PrivateKey() *ecdsa.PrivateKey

func (*ECDSACipher) PublicKeyBytes 

func (e *ECDSACipher) PublicKeyBytes() []byte

PublicKeyBytes 公钥/私钥导出

func (*ECDSACipher) Sign 

func (e *ECDSACipher) Sign(data []byte) (string, error)

Sign 签名

func (*ECDSACipher) Verify 

func (e *ECDSACipher) Verify(data []byte, signature string) (bool, error)

Verify 验签

type HMAC 

type HMAC struct {
	// contains filtered or unexported fields
}

func NewHMAC 

func NewHMAC(key []byte) *HMAC

NewHMAC 创建HMAC实例

func (*HMAC) SetKey 

func (h *HMAC) SetKey(key []byte)

SetKey 变更密钥

func (*HMAC) Sum 

func (h *HMAC) Sum(data []byte) string

Sum 计算HMAC-SHA256

func (*HMAC) Verify 

func (h *HMAC) Verify(data []byte, expected string) bool

Verify 校验HMAC

type Hasher 

type Hasher interface {
	// Sum 计算输入数据的哈希值,返回哈希结果
	Sum(data []byte) ([]byte, error)

	// Name 返回哈希算法名称
	Name() string
}

Hasher 定义了哈希算法的接口,支持计算数据的哈希值

type KeyExchanger 

type KeyExchanger interface {
	// DeriveSharedSecret 计算共享密钥,用于根据对方公钥字节计算共享密钥
	DeriveSharedSecret(peerPubBytes []byte) ([]byte, error)

	// PublicKeyBytes 获取本地公钥字节
	PublicKeyBytes() []byte
}

KeyExchanger 定义了密钥协商算法的接口 适用于ECDH、SM2密钥交换等场景

type RSACipher 

type RSACipher struct {
	// contains filtered or unexported fields
}

func NewRSACipher 

func NewRSACipher(bits int) (*RSACipher, error)

NewRSACipher 生成新的RSA密钥对

func NewRSACipherFromKey 

func NewRSACipherFromKey(priv *rsa.PrivateKey, pub *rsa.PublicKey) *RSACipher

NewRSACipherFromKey 用已有密钥初始化

func (*RSACipher) Decrypt 

func (r *RSACipher) Decrypt(ciphertext []byte) ([]byte, error)

Decrypt 使用RSA私钥解密

func (*RSACipher) Encrypt 

func (r *RSACipher) Encrypt(plain []byte) ([]byte, error)

Encrypt 使用RSA公钥加密

func (*RSACipher) ExportPrivateKey 

func (r *RSACipher) ExportPrivateKey() (string, error)

ExportPrivateKey 导出私钥PEM

func (*RSACipher) ExportPublicKey 

func (r *RSACipher) ExportPublicKey() (string, error)

ExportPublicKey 导出公钥PEM

func (*RSACipher) Name 

func (r *RSACipher) Name() string

func (*RSACipher) PrivateKey 

func (r *RSACipher) PrivateKey() *rsa.PrivateKey

PrivateKey 获取私钥

func (*RSACipher) PublicKey 

func (r *RSACipher) PublicKey() *rsa.PublicKey

PublicKey 获取公钥

type SHA256Hasher 

type SHA256Hasher struct{}

func (*SHA256Hasher) Name 

func (h *SHA256Hasher) Name() string

func (*SHA256Hasher) Sum 

func (h *SHA256Hasher) Sum(data []byte) ([]byte, error)

type SHA512Hasher 

type SHA512Hasher struct{}

func (*SHA512Hasher) Name 

func (h *SHA512Hasher) Name() string

func (*SHA512Hasher) Sum 

func (h *SHA512Hasher) Sum(data []byte) ([]byte, error)

type SM2Cipher 

type SM2Cipher struct {
	// contains filtered or unexported fields
}

SM2Cipher 实现 Cipher 接口,支持国密SM2加解密 仅适用于小数据块加密(如密钥交换),不适合大数据流 生产环境请妥善管理私钥

func NewSM2Cipher 

func NewSM2Cipher() (*SM2Cipher, error)

NewSM2Cipher 生成新的SM2密钥对

func NewSM2CipherFromKey 

func NewSM2CipherFromKey(priv *sm2.PrivateKey, pub *sm2.PublicKey) *SM2Cipher

NewSM2CipherFromKey 用已有密钥初始化

func (*SM2Cipher) Decrypt 

func (s *SM2Cipher) Decrypt(ciphertext []byte) ([]byte, error)

Decrypt 使用SM2私钥解密

func (*SM2Cipher) DecryptAsn1 

func (s *SM2Cipher) DecryptAsn1(ciphertext []byte) ([]byte, error)

DecryptAsn1 解密ASN.1格式密文

func (*SM2Cipher) Encrypt 

func (s *SM2Cipher) Encrypt(plain []byte) ([]byte, error)

Encrypt 使用SM2公钥加密

func (*SM2Cipher) EncryptAsn1 

func (s *SM2Cipher) EncryptAsn1(plain []byte) ([]byte, error)

EncryptAsn1 加密并输出ASN.1格式(更通用,兼容多数平台)

func (*SM2Cipher) Name 

func (s *SM2Cipher) Name() string

Name 返回加密算法名称

func (*SM2Cipher) PrivateKey 

func (s *SM2Cipher) PrivateKey() *sm2.PrivateKey

PrivateKey 获取私钥(仅用于安全存储,禁止对外泄露)

func (*SM2Cipher) PublicKey 

func (s *SM2Cipher) PublicKey() *sm2.PublicKey

PublicKey 获取公钥(用于导出、传输给对方)

func (*SM2Cipher) Sign 

func (s *SM2Cipher) Sign(digest []byte) (string, error)

Sign 使用SM2私钥签名(ASN.1编码)

func (*SM2Cipher) Verify 

func (s *SM2Cipher) Verify(data []byte, signature string) (bool, error)

Verify 使用SM2公钥验证签名(ASN.1编码)

type SM3Hasher 

type SM3Hasher struct{}

func NewSM3Hasher 

func NewSM3Hasher() *SM3Hasher

NewSM3Hasher 构造SM3哈希器

func (*SM3Hasher) Name 

func (h *SM3Hasher) Name() string

Name 返回哈希算法的名称

func (*SM3Hasher) Sum 

func (h *SM3Hasher) Sum(data []byte) []byte

Sum 计算数据的SM3哈希值

type SM4Cipher 

type SM4Cipher struct {
	// contains filtered or unexported fields
}

SM4Cipher 实现国密SM4对称加密算法(ECB模式,适合小数据块)

func NewSM4Cipher 

func NewSM4Cipher(key []byte) (*SM4Cipher, error)

NewSM4Cipher 创建SM4加密器

func (*SM4Cipher) Decrypt 

func (s *SM4Cipher) Decrypt(ciphertext []byte) ([]byte, error)

Decrypt ECB模式解密

func (*SM4Cipher) Encrypt 

func (s *SM4Cipher) Encrypt(plain []byte) ([]byte, error)

Encrypt ECB模式加密

func (*SM4Cipher) Name 

func (s *SM4Cipher) Name() string

type Signer 

type Signer interface {
	// Sign 返回签名字符串
	Sign(data []byte) (string, error)

	// Name 返回算法名称
	Name() string
}

Signer 定义了签名算法的接口 适用于ECDSA、SM2等签名场景

type Verifier 

type Verifier interface {
	// Verify 验证签名
	Verify(data []byte, signature string) (bool, error)

	// Name 返回算法名称
	Name() string
}

Verifier 定义了验签算法的接口 适用于ECDSA、SM2等签名场景

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.