Skip to content

Commit 6f60cee

Browse files
CandyMiCandyMi
committed
优化rsa库
1 parent 1842a70 commit 6f60cee

File tree

1 file changed

+146
-90
lines changed

1 file changed

+146
-90
lines changed

lualib/crypt/rsa.lua

Lines changed: 146 additions & 90 deletions
Original file line numberDiff line numberDiff line change
@@ -1,134 +1,190 @@
1-
local CRYPT = require "lcrypt"
1+
local CRYPTO = require "lcrypt"
22

3-
local hexencode = CRYPT.hexencode
4-
local hexdecode = CRYPT.hexdecode
5-
local base64encode = CRYPT.base64encode
6-
local base64decode = CRYPT.base64decode
3+
local hexencode = CRYPTO.hexencode
4+
local hexdecode = CRYPTO.hexdecode
5+
local base64encode = CRYPTO.base64encode
6+
local base64decode = CRYPTO.base64decode
77

88
-- 填充方式
9-
local RSA_NO_PADDING = CRYPT.RSA_NO_PADDING
10-
local RSA_PKCS1_PADDING = CRYPT.RSA_PKCS1_PADDING
11-
local RSA_PKCS1_OAEP_PADDING = CRYPT.RSA_PKCS1_OAEP_PADDING
9+
local RSA_NO_PADDING = CRYPTO.RSA_NO_PADDING
10+
local RSA_PKCS1_PADDING = CRYPTO.RSA_PKCS1_PADDING
11+
local RSA_PKCS1_OAEP_PADDING = CRYPTO.RSA_PKCS1_OAEP_PADDING
1212

13-
local rsa_public_key_encode = CRYPT.rsa_public_key_encode
14-
local rsa_private_key_decode = CRYPT.rsa_private_key_decode
15-
16-
local rsa_private_key_encode = CRYPT.rsa_private_key_encode
17-
local rsa_public_key_decode = CRYPT.rsa_public_key_decode
13+
local rsa_public_key_encode = CRYPTO.rsa_public_key_encode
14+
local rsa_private_key_encode = CRYPTO.rsa_private_key_encode
15+
local rsa_private_key_decode = CRYPTO.rsa_private_key_decode
1816

1917
-- 当前支持的签名与验签方法
20-
local rsa_sign = CRYPT.rsa_sign
21-
local rsa_verify = CRYPT.rsa_verify
18+
local rsa_sign = CRYPTO.rsa_sign
19+
local rsa_verify = CRYPTO.rsa_verify
2220

2321
-- 当前支持的签名与验签
2422
local rsa_algorithms = {
25-
["md5"] = CRYPT.nid_md5,
26-
["sha1"] = CRYPT.nid_sha1,
27-
["sha128"] = CRYPT.nid_sha1,
28-
["sha256"] = CRYPT.nid_sha256,
29-
["sha512"] = CRYPT.nid_sha512,
23+
["md5"] = CRYPTO.nid_md5,
24+
["sha1"] = CRYPTO.nid_sha1,
25+
["sha128"] = CRYPTO.nid_sha1,
26+
["sha224"] = CRYPTO.nid_sha224,
27+
["sha256"] = CRYPTO.nid_sha256,
28+
["sha384"] = CRYPTO.nid_sha384,
29+
["sha512"] = CRYPTO.nid_sha512,
3030
}
3131

32-
local RSA = {}
32+
-- 加密后的格式
33+
local rsa_padding = {
34+
["oaep"] = RSA_PKCS1_OAEP_PADDING,
35+
["pkcs1"] = RSA_PKCS1_PADDING,
36+
["nopadding"] = RSA_NO_PADDING,
37+
}
3338

34-
-- `text` 为原始文本内容, `public_key_path` 为公钥路径, `b64` 为是否为结果进行`base64`编码
35-
function RSA.rsa_public_key_encode(text, public_key_path, b64)
36-
local hash = rsa_public_key_encode(text, public_key_path, RSA_PKCS1_PADDING)
37-
if hash and b64 then
38-
return base64encode(hash)
39+
local function rsa_pub_enc(text, pkey, b64, padding)
40+
local cipher = rsa_public_key_encode(text, pkey, rsa_padding[padding] or rsa_padding['pkcs1'])
41+
if cipher and b64 then
42+
return base64encode(cipher)
3943
end
40-
return hash
44+
return cipher
4145
end
4246

43-
-- `text` 为原始文本内容, `public_key_path` 为公钥路径, `b64` 为是否为结果进行`base64`编码
44-
function RSA.rsa_public_key_no_padding_encode(text, public_key_path, b64)
45-
local hash = rsa_public_key_encode(text, public_key_path, RSA_NO_PADDING)
46-
if hash and b64 then
47-
return base64encode(hash)
47+
local function rsa_pri_enc(text, pkey, b64, padding, pw)
48+
local cipher = rsa_private_key_encode(text, pkey, rsa_padding[padding] or rsa_padding['pkcs1'], pw)
49+
if cipher and b64 then
50+
return base64encode(cipher)
4851
end
49-
return hash
52+
return cipher
5053
end
5154

52-
-- `text` 为原始文本内容, `public_key_path` 为公钥路径, `b64` 为是否为结果进行`base64`编码
53-
function RSA.rsa_public_key_oaep_padding_encode(text, public_key_path, b64)
54-
local hash = rsa_public_key_encode(text, public_key_path, RSA_PKCS1_OAEP_PADDING)
55-
if hash and b64 then
56-
return base64encode(hash)
55+
local function rsa_pri_dec(cipher, pkey, b64, padding, pw)
56+
if b64 then
57+
cipher = base64decode(cipher)
5758
end
58-
return hash
59+
return rsa_private_key_decode(cipher, pkey, rsa_padding[padding] or rsa_padding['pkcs1'], pw)
5960
end
6061

61-
-- `text` 为加密后的内容, `private_key_path` 为私钥路径, `b64` 为是否为`text`先进行`base64`解码
62-
function RSA.rsa_private_key_decode(text, private_key_path, b64)
63-
return rsa_private_key_decode(b64 and base64decode(text) or text, private_key_path, RSA_PKCS1_PADDING)
64-
end
62+
-- local function rsa_pub_dec(cipher, pkey, b64, padding)
63+
-- if b64 then
64+
-- cipher = base64decode(cipher)
65+
-- end
66+
-- return rsa_public_key_decode(cipher, pkey, rsa_padding[padding] or rsa_padding['pkcs1'])
67+
-- end
6568

66-
-- `text` 为加密后的内容, `private_key_path` 为私钥路径, `b64` 为是否为`text`先进行`base64`解码
67-
function RSA.rsa_private_key_no_padding_decode(text, private_key_path, b64)
68-
return rsa_private_key_decode(b64 and base64decode(text) or text, private_key_path, RSA_NO_PADDING)
69+
---@class crypto
70+
local RSA = {}
71+
72+
---------------- 私钥加密/解密 --------------------
73+
74+
---comment `RSA`私钥加密(`pkcs1`格式); 成功返回加密后的文本, 失败返回`false`与错误信息.
75+
---@param text string @待加密的文本
76+
---@param prikey string @私钥内容或者私钥所在路径
77+
---@param b64? boolean @将加密后的内容进行`BASE64`编码
78+
---@param pw? string @如果有密码则填入.
79+
function RSA.rsa_private_key_encode(text, prikey, b64, pw)
80+
return rsa_pri_enc(text, prikey, b64 and true or false, 'pkcs1', pw)
6981
end
7082

71-
-- `text` 为加密后的内容, `private_key_path` 为私钥路径, `b64` 为是否为`text`先进行`base64`解码
72-
function RSA.rsa_private_key_oaep_padding_decode(text, private_key_path, b64)
73-
return rsa_private_key_decode(b64 and base64decode(text) or text, private_key_path, RSA_PKCS1_OAEP_PADDING)
83+
---comment `RSA`私钥加密(`oaep`格式); 成功返回加密后的文本, 失败返回`false`与错误信息.
84+
---@param text string @待加密的文本
85+
---@param prikey string @私钥内容或者私钥所在路径
86+
---@param b64? boolean @将加密后的内容进行`BASE64`编码
87+
---@param pw? string @如果有密码则填入.
88+
function RSA.rsa_private_key_oaep_padding_encode(text, prikey, b64, pw)
89+
return rsa_pri_enc(text, prikey, b64 and true or false, 'oaep', pw)
7490
end
7591

92+
---comment `RSA`私钥加密(`nopadding`); 成功返回加密后的文本, 失败返回`false`与错误信息.
93+
---@param text string @待加密的文本
94+
---@param prikey string @私钥内容或者私钥所在路径
95+
---@param b64 boolean @将加密后的内容进行`BASE64`编码
96+
---@param pw? string @如果有密码则填入.
97+
function RSA.rsa_private_key_no_padding_encode(text, prikey, b64, pw)
98+
return rsa_pri_enc(text, prikey, b64 and true or false, 'nopadding', pw)
99+
end
76100

77-
-- `text` 为原始文本内容, `private_key_path` 为公钥路径, `b64` 为是否为结果进行`base64`编码
78-
function RSA.rsa_private_key_encode(text, private_key_path, b64)
79-
local hash = rsa_private_key_encode(text, private_key_path, RSA_PKCS1_PADDING)
80-
if hash and b64 then
81-
return base64encode(hash)
82-
end
83-
return hash
101+
---comment `RSA`私钥解密(`pkcs1`格式); 成功返回解密后的明文, 失败返回`false`与错误信息.
102+
---@param cipher string @已加密的文本
103+
---@param prikey string @私钥内容或者私钥所在路径
104+
---@param b64? boolean @内容进行`BASE64`解码
105+
---@param pw? string @如果有密码则填入.
106+
function RSA.rsa_private_key_decode(cipher, prikey, b64, pw)
107+
return rsa_pri_dec(cipher, prikey, b64 and true or false, 'pkcs1', pw)
84108
end
85109

86-
-- `text` 为原始文本内容, `private_key_path` 为公钥路径, `b64` 为是否为结果进行`base64`编码
87-
function RSA.rsa_private_key_no_padding_encode(text, private_key_path, b64)
88-
local hash = rsa_private_key_encode(text, private_key_path, RSA_NO_PADDING)
89-
if hash and b64 then
90-
return base64encode(hash)
91-
end
92-
return hash
110+
---comment `RSA`私钥解密(`oaep`格式); 成功返回解密后的明文, 失败返回`false`与错误信息.
111+
---@param cipher string @已加密的文本
112+
---@param prikey string @私钥内容或者私钥所在路径
113+
---@param b64? boolean @内容进行`BASE64`解码
114+
---@param pw? string @如果有密码则填入.
115+
function RSA.rsa_private_key_oaep_padding_decode(cipher, prikey, b64, pw)
116+
return rsa_pri_dec(cipher, prikey, b64 and true or false, 'oaep', pw)
93117
end
94118

95-
-- `text` 为原始文本内容, `private_key_path` 为公钥路径, `b64` 为是否为结果进行`base64`编码
96-
function RSA.rsa_private_key_oaep_padding_encode(text, private_key_path, b64)
97-
local hash = rsa_private_key_encode(text, private_key_path, RSA_PKCS1_OAEP_PADDING)
98-
if hash and b64 then
99-
return base64encode(hash)
100-
end
101-
return hash
119+
---comment `RSA`私钥解密(`nopadding`); 成功返回解密后的明文, 失败返回`false`与错误信息.
120+
---@param cipher string @已加密的文本
121+
---@param prikey string @私钥内容或者私钥所在路径
122+
---@param b64? boolean @内容进行`BASE64`解码
123+
---@param pw? string @如果有密码则填入.
124+
function RSA.rsa_private_key_no_padding_decode(cipher, prikey, b64, pw)
125+
return rsa_pri_dec(cipher, prikey, b64 and true or false, 'nopadding', pw)
102126
end
103127

104-
-- -- `text` 为加密后的内容, `public_key_path` 为公钥路径, `b64`为是否为`text·先进行`base64`解码
105-
-- function RSA.rsa_public_key_decode(text, public_key_path, b64)
106-
-- return rsa_public_key_decode(b64 and base64decode(text) or text, public_key_path, RSA_PKCS1_PADDING)
107-
-- end
128+
---------------- 公钥加密/解密 --------------------
108129

109-
-- function RSA.rsa_public_key_no_padding_decode(text, public_key_path, b64)
110-
-- return rsa_public_key_decode(b64 and base64decode(text) or text, public_key_path, RSA_NO_PADDING)
111-
-- end
130+
---comment `RSA`公钥加密(`pkcs1`格式); 成功返回加密后的文本, 失败返回`false`与错误信息.
131+
---@param text string @待加密的文本
132+
---@param pubkey string @公钥内容或者公钥所在路径
133+
---@param b64? boolean @将加密后的内容进行`BASE64`编码
134+
function RSA.rsa_public_key_encode(text, pubkey, b64)
135+
return rsa_pub_enc(text, pubkey, b64 and true or false, 'pkcs1')
136+
end
112137

113-
-- function RSA.rsa_public_key_oaep_padding_decode(text, public_key_path, b64)
114-
-- return rsa_public_key_decode(b64 and base64decode(text) or text, public_key_path, RSA_PKCS1_OAEP_PADDING)
115-
-- end
138+
---comment `RSA`公钥加密(`oaep`格式); 成功返回加密后的文本, 失败返回`false`与错误信息.
139+
---@param text string @待加密的文本
140+
---@param pubkey string @公钥内容或者公钥所在路径
141+
---@param b64? boolean @将加密后的内容进行`BASE64`编码
142+
function RSA.rsa_public_key_oaep_padding_encode(text, pubkey, b64)
143+
return rsa_pub_enc(text, pubkey, b64 and true or false, 'oaep')
144+
end
145+
146+
---comment `RSA`公钥加密(`nopadding`); 成功返回加密后的文本, 失败返回`false`与错误信息.
147+
---@param text string @待加密的文本
148+
---@param pubkey string @公钥内容或者公钥所在路径
149+
---@param b64? boolean @将加密后的内容进行`BASE64`编码
150+
function RSA.rsa_public_key_no_padding_encode(text, pubkey, b64)
151+
return rsa_pub_enc(text, pubkey, b64 and true or false, 'nopadding')
152+
end
116153

117-
-- RSA签名函数: 第一个参数是等待签名的明文, 第二个参数是私钥所在路径, 第三个参数是算法名称, 第四个参数决定是否以hex输出
118-
function RSA.rsa_sign(text, private_key_path, algorithm, hex)
119-
local hash = rsa_sign(text, private_key_path, rsa_algorithms[(algorithm or ""):lower()] or rsa_algorithms["md5"])
120-
if hash and hex then
121-
return hexencode(hash)
154+
----------------------------------------------------------------------------------------------------
155+
156+
---comment `RSA`签名函数(目前支持:`md5`、`sha128` ~ `sha512`)
157+
---@param text string @待签名的明文
158+
---@param prikey string @私钥内容或者所在路径
159+
---@param alg "md5"|"sha128"|"sha224"|"sha256"|"sha384"|"sha512" @签名算法(例如: `"md5"`)
160+
---@param hex? 'base64' | boolean @签名是否编码(可选)
161+
function RSA.rsa_sign(text, prikey, alg, hex)
162+
local sign = rsa_sign(text, prikey, rsa_algorithms[alg] or rsa_algorithms['md5'])
163+
if sign and hex then
164+
if hex == 'base64' then
165+
sign = base64encode(sign)
166+
else
167+
sign = hexencode(sign)
168+
end
122169
end
123-
return hash
170+
return sign
124171
end
125172

126-
-- RSA验签函数: 第一个参数是等待签名的明文, 第二个参数是私钥所在路径, 第三个参数为签名sign密文, 第四个参数是算法名称, 第五个参数决定是否对sign进行unhex
127-
function RSA.rsa_verify(text, public_key_path, sign, algorithm, hex)
173+
---comment `RSA`验签函数(目前支持:`md5`、`sha128` ~ `sha512`)
174+
---@param text string @待签名的明文
175+
---@param pubkey string @公钥内容或者所在路径
176+
---@param sign string @待对比的签名内容
177+
---@param alg "md5"|"sha128"|"sha224"|"sha256"|"sha384"|"sha512" @签名算法(例如: `"md5"`)
178+
---@param hex? 'base64' | boolean @`sign`是否解码(可选)
179+
function RSA.rsa_verify(text, pubkey, sign, alg, hex)
128180
if hex then
129-
sign = hexdecode(sign)
181+
if hex == 'base64' then
182+
sign = base64decode(sign)
183+
else
184+
sign = hexdecode(sign)
185+
end
130186
end
131-
return rsa_verify(text, public_key_path, sign, rsa_algorithms[(algorithm or ""):lower()] or rsa_algorithms["md5"])
187+
return rsa_verify(text, pubkey, sign, rsa_algorithms[alg] or rsa_algorithms['md5'])
132188
end
133189

134190
-- 初始化函数

0 commit comments

Comments
 (0)