更新

VernHe · Oct 18, 2023 · 91441a1 · 91441a1
1 parent b27129c
commit 91441a1
Show file tree

Hide file tree

Showing 12 changed files with 728 additions and 112 deletions.
diff --git a/app/example/cmd/make_key.go b/app/example/cmd/make_key.go
@@ -35,12 +35,14 @@ var MakeKeyCmd = &cobra.Command{
 
         // key.NewEcdh().Make()
 
-        // key.ShowTorrent()
-
-        key.ShowBerP12()
+        // key.ShowBerP12()
 
         // key.NewGoEcdh().Make()
 
+        // key.NewSM2().Make()
+
+        key.ShowTorrent()
+
         fmt.Println("生成各种证书成功")
     },
 }

diff --git a/app/example/key/key_ecdsa.go b/app/example/key/key_ecdsa.go
@@ -57,21 +57,6 @@ func (this Ecdsa) pkcs1(obj cryptobin_ecdsa.Ecdsa, dir string) {
     this.fs.Put(file + ".pub", pubKey)
 }
 
-func (this Ecdsa) pkcs8(obj cryptobin_ecdsa.Ecdsa, dir string) {
-    // 生成证书
-    priKey := obj.
-        CreatePKCS8PrivateKey().
-        ToKeyString()
-    pubKey := obj.
-        CreatePublicKey().
-        ToKeyString()
-
-    file := fmt.Sprintf("%s/%s/%s-pkcs8", this.path, dir, this.name)
-
-    this.fs.Put(file, priKey)
-    this.fs.Put(file + ".pub", pubKey)
-}
-
 func (this Ecdsa) pkcs1En(obj cryptobin_ecdsa.Ecdsa, dir string) {
     for _, c := range Pkcs1Ciphers {
         // 生成证书
@@ -89,6 +74,24 @@ func (this Ecdsa) pkcs1En(obj cryptobin_ecdsa.Ecdsa, dir string) {
     }
 }
 
+// ============
+
+func (this Ecdsa) pkcs8(obj cryptobin_ecdsa.Ecdsa, dir string) {
+    // 生成证书
+    priKey := obj.
+        CreatePKCS8PrivateKey().
+        ToKeyString()
+    pubKey := obj.
+        CreatePublicKey().
+        ToKeyString()
+
+    file := fmt.Sprintf("%s/%s/%s-pkcs8", this.path, dir, this.name)
+
+    this.fs.Put(file, priKey)
+    this.fs.Put(file + ".pub", pubKey)
+}
+
+
 func (this Ecdsa) pkcs8En(obj cryptobin_ecdsa.Ecdsa, dir string) {
     for _, c := range Pkcs8Ciphers {
         for _, h := range Pkcs8Hashes {

diff --git a/app/example/key/key_sm2.go b/app/example/key/key_sm2.go
@@ -27,10 +27,49 @@ type SM2 struct {
 func (this SM2) Make() {
     obj := cryptobin_sm2.New().GenerateKey()
 
+    this.pkcs1(obj)
+    this.pkcs1En(obj)
+
     this.pkcs8(obj)
     this.pkcs8En(obj)
 }
 
+// ===============
+
+func (this SM2) pkcs1(obj cSM2) {
+    // 生成证书
+    priKey := obj.
+        CreatePKCS1PrivateKey().
+        ToKeyString()
+    pubKey := obj.
+        CreatePublicKey().
+        ToKeyString()
+
+    file := fmt.Sprintf("%s/%s-pkcs1", this.path, this.name)
+
+    this.fs.Put(file, priKey)
+    this.fs.Put(file + ".pub", pubKey)
+}
+
+func (this SM2) pkcs1En(obj cSM2) {
+    for _, c := range Pkcs1Ciphers {
+        // 生成证书
+        priKey := obj.
+            CreatePKCS1PrivateKeyWithPassword(this.pass, c).
+            ToKeyString()
+        pubKey := obj.
+            CreatePublicKey().
+            ToKeyString()
+
+        file := fmt.Sprintf("%s/%s-pkcs1-en-%s", this.path, this.name, c)
+
+        this.fs.Put(file, priKey)
+        this.fs.Put(file + ".pub", pubKey)
+    }
+}
+
+// ===============
+
 func (this SM2) pkcs8(obj cSM2) {
     // 生成证书
     priKey := obj.

diff --git a/pkg/lakego-pkg/go-cryptobin/cryptobin/ecdh/with.go b/pkg/lakego-pkg/go-cryptobin/cryptobin/ecdh/with.go
@@ -27,8 +27,8 @@ func (this Ecdh) WithCurve(data ecdh.Curve) Ecdh {
 
 // 设置散列方式
 // 可用参数 [P521 | P384 | P256 | X25519]
-func (this Ecdh) SetCurve(name string) Ecdh {
-    switch name {
+func (this Ecdh) SetCurve(curve string) Ecdh {
+    switch curve {
         case "P521":
             this.curve = ecdh.P521()
         case "P384":

diff --git a/pkg/lakego-pkg/go-cryptobin/cryptobin/sm2/create.go b/pkg/lakego-pkg/go-cryptobin/cryptobin/sm2/create.go
@@ -4,9 +4,12 @@ import (
     "errors"
     "crypto/rand"
     "encoding/pem"
+    crypto_x509 "crypto/x509"
 
     "github.com/tjfoc/gmsm/x509"
 
+    cryptobin_sm2 "github.com/deatil/go-cryptobin/sm2"
+    cryptobin_tool "github.com/deatil/go-cryptobin/tool"
     cryptobin_pkcs8 "github.com/deatil/go-cryptobin/pkcs8"
     cryptobin_pkcs8s "github.com/deatil/go-cryptobin/pkcs8s"
 )
@@ -27,43 +30,99 @@ var (
     GetHashFromName   = cryptobin_pkcs8.GetHashFromName
 )
 
-// 生成私钥 pem 数据
+// 生成私钥 pem 数据，默认使用 PKCS8 编码
 // 使用:
 // obj := New().GenerateKey()
 // priKey := obj.CreatePrivateKey().ToKeyString()
 func (this SM2) CreatePrivateKey() SM2 {
+    return this.CreatePKCS8PrivateKey()
+}
+
+// 生成私钥带密码 pem 数据
+func (this SM2) CreatePrivateKeyWithPassword(password string, opts ...any) SM2 {
+    if len(opts) == 0 {
+        return this.CreateSM2PrivateKeyWithPassword(password)
+    }
+
+    return this.CreatePKCS8PrivateKeyWithPassword(password, opts...)
+}
+
+// ====================
+
+// 生成私钥 pem 数据
+func (this SM2) CreatePKCS1PrivateKey() SM2 {
     if this.privateKey == nil {
         err := errors.New("SM2: privateKey error.")
         return this.AppendError(err)
     }
 
-    keyData, err := x509.WritePrivateKeyToPem(this.privateKey, nil)
+    privateKeyBytes, err := cryptobin_sm2.MarshalSM2PrivateKey(this.privateKey)
     if err != nil {
         return this.AppendError(err)
     }
 
-    this.keyData = keyData
+    privateBlock := &pem.Block{
+        Type:  "SM2 PRIVATE KEY",
+        Bytes: privateKeyBytes,
+    }
+
+    this.keyData = pem.EncodeToMemory(privateBlock)
 
     return this
 }
 
 // 生成私钥带密码 pem 数据
-func (this SM2) CreatePrivateKeyWithPassword(password string, opts ...any) SM2 {
-    if len(opts) == 0 {
-        return this.CreateSM2PrivateKeyWithPassword(password)
+func (this SM2) CreatePKCS1PrivateKeyWithPassword(password string, opts ...string) SM2 {
+    if this.privateKey == nil {
+        err := errors.New("SM2: privateKey error.")
+        return this.AppendError(err)
     }
 
-    return this.CreatePKCS8PrivateKeyWithPassword(password, opts...)
+    opt := "AES256CBC"
+    if len(opts) > 0 {
+        opt = opts[0]
+    }
+
+    // 加密方式
+    cipher, err := cryptobin_tool.GetPEMCipher(opt)
+    if err != nil {
+        err := errors.New("SM2: PEMCipher not exists.")
+        return this.AppendError(err)
+    }
+
+    // 生成私钥
+    privateKeyBytes, err := cryptobin_sm2.MarshalSM2PrivateKey(this.privateKey)
+    if err != nil {
+        return this.AppendError(err)
+    }
+
+    // 生成加密数据
+    privateBlock, err := crypto_x509.EncryptPEMBlock(
+        rand.Reader,
+        "SM2 PRIVATE KEY",
+        privateKeyBytes,
+        []byte(password),
+        cipher,
+    )
+    if err != nil {
+        return this.AppendError(err)
+    }
+
+    this.keyData = pem.EncodeToMemory(privateBlock)
+
+    return this
 }
 
-// 生成私钥带密码 pem 数据
-func (this SM2) CreateSM2PrivateKeyWithPassword(password string) SM2 {
+// ====================
+
+// 生成私钥 pem 数据
+func (this SM2) CreatePKCS8PrivateKey() SM2 {
     if this.privateKey == nil {
         err := errors.New("SM2: privateKey error.")
         return this.AppendError(err)
     }
 
-    keyData, err := x509.WritePrivateKeyToPem(this.privateKey, []byte(password))
+    keyData, err := x509.WritePrivateKeyToPem(this.privateKey, nil)
     if err != nil {
         return this.AppendError(err)
     }
@@ -74,6 +133,7 @@ func (this SM2) CreateSM2PrivateKeyWithPassword(password string) SM2 {
 }
 
 // 生成 PKCS8 私钥带密码 pem 数据
+// eg:
 // CreatePKCS8PrivateKeyWithPassword("123", "AES256CBC", "SHA256")
 func (this SM2) CreatePKCS8PrivateKeyWithPassword(password string, opts ...any) SM2 {
     if this.privateKey == nil {
@@ -109,6 +169,25 @@ func (this SM2) CreatePKCS8PrivateKeyWithPassword(password string, opts ...any)
     return this
 }
 
+// 生成私钥带密码 pem 数据，sm2 库自带
+func (this SM2) CreateSM2PrivateKeyWithPassword(password string) SM2 {
+    if this.privateKey == nil {
+        err := errors.New("SM2: privateKey error.")
+        return this.AppendError(err)
+    }
+
+    keyData, err := x509.WritePrivateKeyToPem(this.privateKey, []byte(password))
+    if err != nil {
+        return this.AppendError(err)
+    }
+
+    this.keyData = keyData
+
+    return this
+}
+
+// ====================
+
 // 生成公钥 pem 数据
 func (this SM2) CreatePublicKey() SM2 {
     if this.publicKey == nil {