init

utils/rsa.go

@@ -0,0 +1,56 @@
+package utils
+
+import (
+	"crypto/rsa"
+	"encoding/binary"
+	"errors"
+	"hash/crc64"
+	"math"
+	_ "unsafe"
+)
+
+//go:linkname encrypt crypto/rsa.encrypt
+func encrypt(pub *rsa.PublicKey, plaintext []byte) ([]byte, error)
+
+//go:linkname decrypt crypto/rsa.decrypt
+func decrypt(priv *rsa.PrivateKey, ciphertext []byte, check bool) ([]byte, error)
+
+// RSAPrivateKeyEncrypt use the method generally in sign
+func RSAPrivateKeyEncrypt(priv *rsa.PrivateKey, plaintext []byte) ([]byte, error) {
+	if len(plaintext) > math.MaxUint16 {
+		return nil, errors.New("plaintext too large")
+	}
+	h := crc64.New(crc64.MakeTable(crc64.ECMA))
+	_, err := h.Write(plaintext)
+	if err != nil {
+		return nil, err
+	}
+	data := make([]byte, len(plaintext)+8+2)
+	n := copy(data[:], plaintext)
+	binary.LittleEndian.PutUint64(data[n:n+8], h.Sum64())
+	binary.LittleEndian.PutUint16(data[n+8:n+8+2], uint16(len(plaintext)))
+	return decrypt(priv, data, false)
+}
+
+// RSAPublicKeyDecrypt use the method generally in sign
+func RSAPublicKeyDecrypt(pub *rsa.PublicKey, ciphertext []byte) ([]byte, error) {
+	data, err := encrypt(pub, ciphertext)
+	if err != nil {
+		return nil, err
+	}
+	n := binary.LittleEndian.Uint16(data[len(data)-2:])
+	p := len(data) - int(n) - 8 - 2
+	if p < 0 || p > len(data) {
+		return nil, errors.New("invalid ciphertext length")
+	}
+	data = data[p:]
+	h := crc64.New(crc64.MakeTable(crc64.ECMA))
+	_, err = h.Write(data[:len(data)-8-2])
+	if err != nil {
+		return nil, err
+	}
+	if h.Sum64() != binary.LittleEndian.Uint64(data[len(data)-8-2:len(data)-2]) {
+		return nil, errors.New("invalid ciphertext")
+	}
+	return data[:len(data)-8-2], nil
+}