RSA to RSA-OAEP

This commit is contained in:
Ke Zhu 2015-08-13 22:37:29 -04:00
parent ddef26a310
commit 016b032d0a
2 changed files with 50 additions and 7 deletions

View file

@ -4,7 +4,9 @@ import (
"crypto/rand" "crypto/rand"
"crypto/rsa" "crypto/rsa"
"crypto/x509" "crypto/x509"
"encoding/base64"
"encoding/pem" "encoding/pem"
"hash"
"github.com/drone/drone/Godeps/_workspace/src/code.google.com/p/go.crypto/ssh" "github.com/drone/drone/Godeps/_workspace/src/code.google.com/p/go.crypto/ssh"
) )
@ -38,15 +40,23 @@ func MarshalPrivateKey(privkey *rsa.PrivateKey) []byte {
return privateKeyPEM return privateKeyPEM
} }
// helper function to encrypt a plain-text string using // Encrypt is helper function to encrypt a plain-text string using
// an RSA public key. // an RSA public key.
func Encrypt(pubkey *rsa.PublicKey, msg string) ([]byte, error) { func Encrypt(hash hash.Hash, pubkey *rsa.PublicKey, msg string) (string, error) {
return rsa.EncryptPKCS1v15(rand.Reader, pubkey, []byte(msg)) src, err := rsa.EncryptOAEP(hash, rand.Reader, pubkey, []byte(msg), nil)
return base64.StdEncoding.EncodeToString(src), err
} }
// helper function to encrypt a plain-text string using // Decrypt is helper function to encrypt a plain-text string using
// an RSA public key. // an RSA public key.
func Decrypt(privkey *rsa.PrivateKey, secret string) (string, error) { func Decrypt(hash hash.Hash, privkey *rsa.PrivateKey, secret string) (string, error) {
msg, err := rsa.DecryptPKCS1v15(rand.Reader, privkey, []byte(secret)) decoded, err := base64.StdEncoding.DecodeString(secret)
return string(msg), err if err != nil {
return "", err
}
out, err := rsa.DecryptOAEP(hash, rand.Reader, privkey, decoded, nil)
return string(out), err
} }

View file

@ -0,0 +1,33 @@
package sshutil
import (
"crypto/sha256"
"testing"
"github.com/drone/drone/Godeps/_workspace/src/github.com/franela/goblin"
)
func TestSSHUtil(t *testing.T) {
g := goblin.Goblin(t)
g.Describe("sshutil", func() {
var encrypted, testMsg string
privkey, err := GeneratePrivateKey()
g.Assert(err == nil).IsTrue()
pubkey := privkey.PublicKey
sha256 := sha256.New()
testMsg = "foo=bar"
g.Before(func() {
encrypted, err = Encrypt(sha256, &pubkey, testMsg)
g.Assert(err == nil).IsTrue()
})
g.It("Can decrypt encrypted msg", func() {
decrypted, err := Decrypt(sha256, privkey, encrypted)
g.Assert(err == nil).IsTrue()
g.Assert(decrypted == testMsg).IsTrue()
})
})
}