Skip to content

Commit 56b437c

Browse files
author
hujs888
committed
升级
1 parent 652a3a7 commit 56b437c

File tree

1 file changed

+72
-91
lines changed

1 file changed

+72
-91
lines changed

crypto/openpgp/default.go

Lines changed: 72 additions & 91 deletions
Original file line numberDiff line numberDiff line change
@@ -51,12 +51,11 @@ func LoadPublicKey(keyValue interface{}) (*crypto.Key, error) {
5151
if _, ok := keyValue.(*crypto.Key); ok {
5252
publicKey = keyValue.(*crypto.Key)
5353
}
54-
//bytePublicKey, err = publicKey.GetPublicKey()
5554
if _, ok := keyValue.([]byte); ok {
5655
bytePublicKey = keyValue.([]byte)
5756
publicKey, err = crypto.NewKey(bytePublicKey)
5857
}
59-
if err == nil {
58+
if err == nil && publicKey != nil {
6059
if !publicKey.IsPrivate() {
6160
return publicKey, nil
6261
} else {
@@ -110,10 +109,7 @@ func LoadPrivateKey(keyValue interface{}, password string) (*crypto.Key, error)
110109
*
111110
* @return
112111
*/
113-
func GenerateKeyPair(keyType string, passphrase []byte, name string, email string) interface{} {
114-
var keypair interface{}
115-
var err error
116-
112+
func GenerateKeyPair(keyType string, passphrase []byte, name string, email string) (keypair interface{}, err error) {
117113
if name == "" {
118114
name, _ = config.GetString("server.name")
119115
}
@@ -127,36 +123,29 @@ func GenerateKeyPair(keyType string, passphrase []byte, name string, email strin
127123
keyGenHandle := pgp4880.KeyGeneration().AddUserId(name, email).New()
128124

129125
if keyType == "RSA" {
130-
131-
// RSA, Key struct
132126
keypair, err = keyGenHandle.GenerateKeyWithSecurity(constants.HighSecurity)
133127
} else if keyType == "Ed25519" || keyType == "x25519" {
134128
keyGenHandle = pgpDefault.KeyGeneration().AddUserId(name, email).New()
135-
136129
keypair, err = keyGenHandle.GenerateKey()
137130
} else {
138131
keyGenHandle = pgpCryptoRefresh.KeyGeneration().AddUserId(name, email).New()
139-
140132
keypair, err = keyGenHandle.GenerateKeyWithSecurity(constants.HighSecurity)
141133
}
142-
if err != nil {
143-
panic(err)
144-
}
145-
return keypair
134+
135+
return keypair, err
146136
}
147137

148-
func GetPrivateKey(keyPair *crypto.Key, password []byte) *crypto.Key {
149-
var err error
138+
func GetPrivateKey(keyPair *crypto.Key, password []byte) (key *crypto.Key, err error) {
150139
if keyPair.IsPrivate() {
151140
if !keyPair.IsExpired(time.Now().Unix()) {
152141
locked, err := keyPair.IsLocked()
153142
if err != nil {
154-
panic(err)
143+
return nil, err
155144
}
156145
if locked {
157146
_, err := keyPair.Unlock(password)
158147
if err != nil {
159-
return nil
148+
return nil, err
160149
}
161150
defer keyPair.ClearPrivateParams()
162151
}
@@ -167,54 +156,44 @@ func GetPrivateKey(keyPair *crypto.Key, password []byte) *crypto.Key {
167156
err = errors.New("")
168157
}
169158
if err != nil {
170-
panic(err)
159+
return nil, err
171160
}
172161

173-
return keyPair
162+
return keyPair, nil
174163
}
175164

176-
func GetPublicKey(keyPair *crypto.Key) (key *crypto.Key) {
165+
func GetPublicKey(keyPair *crypto.Key) (key *crypto.Key, err error) {
177166
b, err := keyPair.GetPublicKey()
178167
if err != nil {
179-
panic(err)
168+
return nil, err
180169
}
181170
key, err = crypto.NewKey(b)
182171
if err != nil {
183-
panic(err)
172+
return nil, err
184173
}
185174

186-
return key
175+
return key, nil
187176
}
188177

189-
func BytePublicKey(key *crypto.Key) []byte {
190-
bs, err := key.GetPublicKey()
191-
if err != nil {
192-
panic(err)
193-
}
194-
195-
return bs
178+
func BytePublicKey(key *crypto.Key) (bs []byte, err error) {
179+
return key.GetPublicKey()
196180
}
197181

198-
func BytePrivateKey(key *crypto.Key, password []byte) []byte {
182+
func BytePrivateKey(key *crypto.Key, password []byte) (bs []byte, err error) {
199183
pgp := crypto.PGP()
200184
if key.IsPrivate() {
201185
unlocked, err := key.IsUnlocked()
202186
if err != nil {
203-
187+
return nil, err
204188
} else if unlocked {
205189
key, err = pgp.LockKey(key, password)
206190
if err != nil {
207-
panic(err)
191+
return nil, err
208192
}
209193
}
210194
}
211195

212-
bs, err := key.Serialize()
213-
if err != nil {
214-
panic(err)
215-
}
216-
217-
return bs
196+
return key.Serialize()
218197
}
219198

220199
/**
@@ -225,20 +204,17 @@ func BytePrivateKey(key *crypto.Key, password []byte) []byte {
225204
* @return 加密后的数据
226205
* @throws EncryptException
227206
*/
228-
func Encrypt(key *crypto.Key, plaintext []byte) (ciphertext []byte) {
229-
var err error
207+
func Encrypt(key *crypto.Key, plaintext []byte) (ciphertext []byte, err error) {
230208
pgp := crypto.PGP()
231209
encHandle, err := pgp.Encryption().Recipient(key).New()
232210
if err != nil {
233-
panic(err)
211+
return nil, err
234212
}
235213
pgpMessage, err := encHandle.Encrypt(plaintext)
236-
ciphertext, err = pgpMessage.ArmorBytes()
237214
if err != nil {
238-
panic(err)
215+
return nil, err
239216
}
240-
241-
return ciphertext
217+
return pgpMessage.ArmorBytes()
242218
}
243219

244220
/**
@@ -249,21 +225,20 @@ func Encrypt(key *crypto.Key, plaintext []byte) (ciphertext []byte) {
249225
* @return 解密后的明文
250226
* @throws EncryptException
251227
*/
252-
func Decrypt(key *crypto.Key, ciphertext []byte) []byte {
253-
var err error
228+
func Decrypt(key *crypto.Key, ciphertext []byte) (decrypted []byte, err error) {
254229
pgp := crypto.PGP()
255230
decHandle, err := pgp.Decryption().DecryptionKey(key).New()
256231
if err != nil {
257-
panic(err)
232+
return nil, err
258233
}
259-
decrypted, err := decHandle.Decrypt(ciphertext, crypto.Armor)
234+
result, err := decHandle.Decrypt(ciphertext, crypto.Armor)
260235
if err != nil {
261-
panic(err)
236+
return nil, err
262237
}
263238

264239
decHandle.ClearPrivateParams()
265240

266-
return decrypted.Bytes()
241+
return result.Bytes(), nil
267242
}
268243

269244
/**
@@ -274,23 +249,18 @@ func Decrypt(key *crypto.Key, ciphertext []byte) []byte {
274249
* @return 加密后的数据
275250
* @throws EncryptException
276251
*/
277-
func EncryptSymmetrical(password []byte, plaintext []byte) []byte {
278-
var err error
252+
func EncryptSymmetrical(password []byte, plaintext []byte) (armored []byte, err error) {
279253
pgp := crypto.PGP()
280254
// Encrypt data with a password
281255
encHandle, err := pgp.Encryption().Password(password).New()
282256
if err != nil {
283-
panic(err)
257+
return nil, err
284258
}
285259
pgpMessage, err := encHandle.Encrypt(plaintext)
286260
if err != nil {
287-
panic(err)
288-
}
289-
armored, err := pgpMessage.ArmorBytes()
290-
if err != nil {
291-
panic(err)
261+
return nil, err
292262
}
293-
return armored
263+
return pgpMessage.ArmorBytes()
294264
}
295265

296266
/**
@@ -301,58 +271,69 @@ func EncryptSymmetrical(password []byte, plaintext []byte) []byte {
301271
* @return 解密后的明文
302272
* @throws EncryptException
303273
*/
304-
func DecryptSymmetrical(password []byte, ciphertext []byte) []byte {
305-
var err error
274+
func DecryptSymmetrical(password []byte, ciphertext []byte) (decrypted []byte, err error) {
306275
pgp := crypto.PGP()
307276
decHandle, err := pgp.Decryption().Password(password).New()
308277
if err != nil {
309-
return nil
278+
return nil, err
310279
}
311-
decrypted, err := decHandle.Decrypt(ciphertext, crypto.Auto)
280+
result, err := decHandle.Decrypt(ciphertext, crypto.Auto)
312281
if err != nil {
313-
panic(err)
282+
return nil, err
314283
}
315-
return decrypted.Bytes()
284+
return result.Bytes(), nil
316285
}
317286

318-
func ValidateKey(keyPair *crypto.Key, password []byte) bool {
319-
unlockedKey := GetPrivateKey(keyPair, password)
320-
321-
isVerified, _ := unlockedKey.Check()
322-
if !isVerified {
323-
return false
287+
func ValidateKey(keyPair *crypto.Key, password []byte) (result bool, err error) {
288+
_, err = GetPrivateKey(keyPair, password)
289+
if err != nil {
290+
return false, err
324291
}
325292

326-
return true
293+
return true, nil
327294
}
328295

329-
func Sign(key *crypto.Key, plaintext []byte) (ciphertext []byte, err error) {
296+
func Sign(key *crypto.Key, plaintext []byte) (signature []byte, err error) {
330297
pgp := crypto.PGP()
331-
signer, err := pgp.Sign().SigningKey(key).New()
332-
ciphertext, err = signer.Sign(plaintext, crypto.Auto)
298+
signer, err := pgp.Sign().SigningKey(key).Detached().New()
299+
if err != nil {
300+
return nil, err
301+
}
302+
signature, err = signer.Sign(plaintext, crypto.Armor)
333303
signer.ClearPrivateParams()
304+
334305
return
335306
}
336307

337-
func Verify(publicKey *crypto.Key, ciphertext []byte) (success bool, err error) {
308+
func Verify(publicKey *crypto.Key, data []byte, signature []byte) (success bool, err error) {
338309
pgp := crypto.PGP()
339310
verifier, err := pgp.Verify().VerificationKey(publicKey).New()
340-
verifyResult, err := verifier.VerifyInline(ciphertext, crypto.Auto)
341-
if sigErr := verifyResult.SignatureError(); sigErr == nil {
342-
return true, nil
311+
if err != nil {
312+
return false, err
343313
}
344-
345-
return false, err
314+
verifyResult, err := verifier.VerifyDetached(data, signature, crypto.Armor)
315+
if err != nil {
316+
return false, err
317+
}
318+
err = verifyResult.SignatureError()
319+
if err != nil {
320+
return false, err
321+
}
322+
return true, nil
346323
}
347324

348-
func WritePublicKey(publicKey *crypto.Key) string {
349-
b := BytePublicKey(publicKey)
350-
351-
return std.EncodeBase64(b)
325+
func EncryptKey(key []byte, publicKey *crypto.Key) (ciphertext []byte, err error) {
326+
return Encrypt(publicKey, key)
352327
}
353328

354-
func WritePrivateKey(privateKey *crypto.Key, password []byte) string {
355-
b := BytePrivateKey(privateKey, password)
329+
func DecryptKey(keyValue []byte, privateKey *crypto.Key) (decrypted []byte, err error) {
330+
return Decrypt(privateKey, keyValue)
331+
}
356332

357-
return std.EncodeBase64(b)
333+
func WritePublicKey(publicKey *crypto.Key) (base64 string, err error) {
334+
bs, err := BytePublicKey(publicKey)
335+
if err != nil {
336+
return "", err
337+
}
338+
return std.EncodeBase64(bs), nil
358339
}

0 commit comments

Comments
 (0)