cryptoutil

func AESDecrypt ¶

func AESDecrypt(crypted, key []byte) ([]byte, error)

AESDecrypt decrypts data using AES-CBC mode with a fixed IV.

⚠️ WARNING: This function uses the first 16 bytes of the key as the IV, which is cryptographically insecure. Use AESDecryptCBC_HMAC instead.

Parameters:

crypted []byte - The ciphertext to be decrypted.
key     []byte - The AES key (must be 16, 24, or 32 bytes).

Returns:

[]byte - The decrypted plaintext data.
error  - An error if decryption fails, padding is invalid, or the key length is invalid.

Security Issues:

• Uses key[:16] as IV, matching the insecure encryption
• No authentication/integrity verification
• Vulnerable to padding oracle attacks

Recommended Alternative: Use AESDecryptCBC_HMAC for secure decryption

func AESDecryptCBC_HMAC ¶ added in v1.20.0

func AESDecryptCBC_HMAC(crypted, encKey []byte, macKey []byte) ([]byte, error)

AESDecryptCBC_HMAC decrypts the given ciphertext using AES-CBC mode with HMAC verification.

This function performs authenticated decryption by first verifying the HMAC-SHA256 authentication tag, then decrypting the ciphertext using AES-CBC mode.

Expected Format: IV (16 bytes) || Ciphertext || HMAC-SHA256 Tag (32 bytes)

Parameters:

crypted []byte - The encrypted data with IV prepended and HMAC tag appended.
                 Minimum length: 48 bytes (16-byte IV + 32-byte HMAC tag).
encKey  []byte - The AES decryption key (must be 16, 24, or 32 bytes for AES-128/192/256).
macKey  []byte - The HMAC-SHA256 key used during encryption. If empty, encKey will be used.

Returns:

[]byte - The decrypted plaintext data (PKCS#5 padding removed).
error  - An error if decryption fails, authentication fails, or the key length is invalid.

Technical Details:

• IV: First 16 bytes of crypted data
• HMAC Tag: Last 32 bytes of crypted data (verified using constant-time comparison)
• Ciphertext: Middle portion, must be multiple of 16 bytes
• Minimum input size: 48 bytes
• Authentication is verified BEFORE decryption (secure against padding oracle attacks)

func AESDecryptCBC_HMAC_PEM ¶ added in v1.20.0

func AESDecryptCBC_HMAC_PEM(data, key []byte, macKey []byte) ([]byte, error)

AESDecryptCBC_HMAC_PEM decrypts the given ciphertext using AES-CBC with HMAC and a PEM-encoded key.

This function decodes a PEM-formatted AES key and uses it for authenticated decryption. The PEM block should contain the raw AES key bytes.

Expected Format: IV (16 bytes) || Ciphertext || HMAC-SHA256 Tag (32 bytes)

Parameters:

data   []byte - The encrypted data with IV and HMAC tag (minimum 48 bytes).
key    []byte - The PEM-encoded AES decryption key (containing 16/24/32 raw bytes).
macKey []byte - The HMAC key used during encryption. If empty, the decoded key will be used.

Returns:

[]byte - The decrypted plaintext data.
error  - An error if decryption fails, PEM decoding fails, authentication fails, or the key is invalid.

Technical Details:

• Minimum input size: 48 bytes
• Authentication is verified before decryption

func AESDecryptGCM ¶ added in v1.20.0

func AESDecryptGCM(crypted, key []byte, aad []byte) ([]byte, error)

AESDecryptGCM decrypts the given ciphertext using AES-GCM mode.

This function performs authenticated decryption by extracting the nonce, verifying the authentication tag, and decrypting the ciphertext.

Expected Format: Nonce (12 bytes) || Ciphertext || Authentication Tag (16 bytes)

Parameters:

crypted []byte - The encrypted data with nonce prepended and auth tag appended.
                 Minimum length: 28 bytes (12-byte nonce + 16-byte tag).
key     []byte - The AES key (must be 16, 24, or 32 bytes for AES-128/192/256).
aad     []byte - Additional authenticated data (AAD) used during encryption.
                 Must match exactly what was used during encryption.

Returns:

[]byte - The decrypted plaintext data.
error  - An error if decryption fails, authentication fails, or the key length is invalid.

Technical Details:

• Nonce: First 12 bytes of crypted data
• Authentication Tag: Last 16 bytes (verified automatically by GCM)
• Minimum input size: 28 bytes

func AESDecryptGCMPEM ¶ added in v1.20.0

func AESDecryptGCMPEM(data, key []byte, aad []byte) ([]byte, error)

AESDecryptGCMPEM decrypts the given ciphertext using AES-GCM mode with a PEM-encoded key.

This function decodes a PEM-formatted AES key and uses it for GCM decryption. The PEM block should contain the raw AES key bytes.

Expected Format: Nonce (12 bytes) || Ciphertext || Authentication Tag (16 bytes)

Parameters:

data []byte - The encrypted data with nonce and auth tag (minimum 28 bytes).
key  []byte - The PEM-encoded AES key (containing 16/24/32 raw bytes).
aad  []byte - Additional authenticated data (AAD) used during encryption.

Returns:

[]byte - The decrypted plaintext data.
error  - An error if decryption fails, PEM decoding fails, authentication fails, or the key is invalid.

Technical Details:

• Minimum input size: 28 bytes
• Authentication is verified automatically during decryption

func AESDecryptPEM ¶

func AESDecryptPEM(data, key []byte) ([]byte, error)

AESDecryptPEM decrypts data using AES-CBC mode with a PEM-encoded key.

⚠️ WARNING: This function inherits the security issues from AESDecrypt. Use AESDecryptCBC_HMAC_PEM for secure decryption.

Parameters:

data []byte - The ciphertext to be decrypted.
key  []byte - The PEM-encoded AES key.

Returns:

[]byte - The decrypted plaintext data.
error  - An error if decryption fails, PEM decoding fails, padding is invalid, or the key is invalid.

PEM Format Expected:

-----BEGIN AES KEY-----
[base64-encoded key bytes]
-----END AES KEY-----

Recommended Alternative: Use AESDecryptCBC_HMAC_PEM for secure decryption

func AESEncrypt ¶

func AESEncrypt(data, key []byte) ([]byte, error)

AESEncrypt encrypts data using AES-CBC mode with a fixed IV.

⚠️ WARNING: This function uses the first 16 bytes of the key as the IV, which is cryptographically insecure. Use AESEncryptCBC_HMAC instead.

Parameters:

data []byte - The plaintext data to be encrypted.
key  []byte - The AES key (must be 16, 24, or 32 bytes).

Returns:

[]byte - The encrypted ciphertext (without IV).
error  - An error if encryption fails or the key length is invalid.

Security Issues:

• Uses key[:16] as IV, which is predictable and reused
• No authentication/integrity protection
• Vulnerable to chosen-ciphertext attacks

Recommended Alternative: Use AESEncryptCBC_HMAC for secure encryption

func AESEncryptCBC_HMAC ¶ added in v1.20.0

func AESEncryptCBC_HMAC(data, encKey []byte, macKey []byte) ([]byte, error)

AESEncryptCBC_HMAC encrypts the given data using AES-CBC mode with HMAC authentication.

This function provides authenticated encryption by combining AES-CBC encryption with HMAC-SHA256 authentication using the Encrypt-then-MAC approach.

Output Format: IV (16 bytes) || Ciphertext || HMAC-SHA256 Tag (32 bytes)

Parameters:

data   []byte - The plaintext data to be encrypted.
encKey []byte - The AES encryption key (must be 16, 24, or 32 bytes for AES-128/192/256).
macKey []byte - The HMAC-SHA256 key for authentication. If empty, encKey will be used.

Returns:

[]byte - The encrypted output: IV (16 bytes) + Ciphertext + HMAC Tag (32 bytes).
error  - An error if encryption fails or the key length is invalid.

Technical Details:

• IV: 16 bytes (128 bits) - randomly generated for each encryption, equals AES block size
• Padding: PKCS#5 padding applied to plaintext before encryption
• HMAC: SHA256-based, 32 bytes (256 bits) tag over IV + Ciphertext
• Total overhead: 48 bytes (16-byte IV + 32-byte HMAC tag)
• Ciphertext length: Padded to multiple of 16 bytes

func AESEncryptCBC_HMAC_PEM ¶ added in v1.20.0

func AESEncryptCBC_HMAC_PEM(data, key []byte, macKey []byte) ([]byte, error)

AESEncryptCBC_HMAC_PEM encrypts the given data using AES-CBC with HMAC and a PEM-encoded key.

This function decodes a PEM-formatted AES key and uses it for authenticated encryption. The PEM block should contain the raw AES key bytes.

Output Format: IV (16 bytes) || Ciphertext || HMAC-SHA256 Tag (32 bytes)

Parameters:

data   []byte - The plaintext data to be encrypted.
key    []byte - The PEM-encoded AES encryption key (containing 16/24/32 raw bytes).
macKey []byte - The HMAC key for authentication. If empty, the decoded key will be used.

Returns:

[]byte - The encrypted output: IV (16 bytes) + Ciphertext + HMAC Tag (32 bytes).
error  - An error if encryption fails, PEM decoding fails, or the key is invalid.

Technical Details:

• Total overhead: 48 bytes (16-byte IV + 32-byte HMAC tag)
• PEM block type can be any valid type containing raw AES key bytes

func AESEncryptGCM ¶ added in v1.20.0

func AESEncryptGCM(data, key []byte, aad []byte) ([]byte, error)

AESEncryptGCM encrypts the given data using AES-GCM mode.

This function provides authenticated encryption using AES-GCM mode. The nonce is randomly generated and prepended to the output.

Format: Nonce (12 bytes) || Ciphertext || Authentication Tag (16 bytes)

Parameters:

data []byte - The plaintext data to be encrypted.
key  []byte - The AES key (must be 16, 24, or 32 bytes for AES-128/192/256).
aad  []byte - Additional authenticated data (AAD) to be included in the authentication tag.
              Can be nil if no AAD is needed.

Returns:

[]byte - The encrypted output: Nonce (12 bytes) + Ciphertext + Auth Tag (16 bytes).
error  - An error if encryption fails or the key length is invalid.

Technical Details:

• Nonce: 12 bytes (96 bits) - randomly generated for each encryption
• Authentication Tag: 16 bytes (128 bits) - automatically appended by GCM
• Total overhead: 28 bytes (12-byte nonce + 16-byte tag)

func AESEncryptGCMPEM ¶ added in v1.20.0

func AESEncryptGCMPEM(data, key []byte, aad []byte) ([]byte, error)

AESEncryptGCMPEM encrypts the given data using AES-GCM mode with a PEM-encoded key.

This function decodes a PEM-formatted AES key and uses it for GCM encryption. The PEM block should contain the raw AES key bytes.

Output Format: Nonce (12 bytes) || Ciphertext || Authentication Tag (16 bytes)

Parameters:

data []byte - The plaintext data to be encrypted.
key  []byte - The PEM-encoded AES key (containing 16/24/32 raw bytes).
aad  []byte - Additional authenticated data (AAD). Can be nil.

Returns:

[]byte - The encrypted output: Nonce (12 bytes) + Ciphertext + Auth Tag (16 bytes).
error  - An error if encryption fails, PEM decoding fails, or the key is invalid.

Technical Details:

• Total overhead: 28 bytes (12-byte nonce + 16-byte tag)
• PEM block type can be any valid type containing raw AES key bytes

func AESEncryptPEM ¶

func AESEncryptPEM(data, key []byte) ([]byte, error)

AESEncryptPEM encrypts data using AES-CBC mode with a PEM-encoded key.

⚠️ WARNING: This function inherits the security issues from AESEncrypt. Use AESEncryptCBC_HMAC_PEM for secure encryption.

Parameters:

data []byte - The plaintext data to be encrypted.
key  []byte - The PEM-encoded AES key.

Returns:

[]byte - The encrypted ciphertext (without IV).
error  - An error if encryption fails, PEM decoding fails, or the key is invalid.

PEM Format Expected:

-----BEGIN AES KEY-----
[base64-encoded key bytes]
-----END AES KEY-----

Recommended Alternative: Use AESEncryptCBC_HMAC_PEM for secure encryption

func CipherSuites ¶ added in v1.15.5

func CipherSuites() (suites []uint16)

CipherSuites 获取安全的 tls 加密套件

func ECCSign ¶ added in v1.12.0

func ECCSign(data, priKey []byte) (string, error)

ECCSign 使用 ecc 私钥签名，接收 []byte 类型的公钥

func ECCSignPEM ¶ added in v1.12.0

func ECCSignPEM(data, priKey []byte) (string, error)

ECCSignPEM 使用 ecc 私钥签名，接收PEM格式的公钥

func ECCSign_ ¶ added in v1.12.0

func ECCSign_(data []byte, priKey *ecdsa.PrivateKey) (sigB64 string, err error)

ECCSign_ 使用 ecc 私钥签名，接收 *ecdsa.PrivateKey 公钥

func ECCVerify ¶ added in v1.12.0

func ECCVerify(data []byte, sigB64 string, pubKey []byte) error

ECCVerify 使用 ecc 公钥验签，接收 []byte 类型的公钥

func ECCVerifyPEM ¶ added in v1.12.0

func ECCVerifyPEM(data []byte, signStr string, pubKey []byte) error

ECCVerifyPEM 使用 ecc 公钥验签，接收PEM格式的公钥

func ECCVerify_ ¶ added in v1.12.0

func ECCVerify_(data []byte, sigB64 string, pubKey *ecdsa.PublicKey) error

ECCVerify_ 使用 ecc 公钥验签，接收 *ecdsa.PublicKey 公钥

func GenerateAESKey ¶

func GenerateAESKey() (key []byte)

GenerateAESKey generates a 256-bit (32 bytes) AES key using crypto/rand.

This function creates a cryptographically secure random AES-256 key suitable for encryption operations.

Returns:

[]byte - A 32-byte AES-256 key generated using crypto/rand.

Technical Details:

• Key length: 32 bytes (256 bits) for AES-256
• Uses crypto/rand.Reader for cryptographically secure randomness

func GenerateAESKeyWithSize ¶ added in v1.20.0

func GenerateAESKeyWithSize(bits int) (key []byte)

GenerateAESKeyWithSize generates an AES key of the specified bit size using crypto/rand.

This function creates a cryptographically secure random AES key of the specified bit length. Invalid bit sizes are automatically corrected to 256 bits.

Parameters:

bits int - The desired key size in bits (128, 192, or 256 for AES-128/192/256).
           Invalid bit sizes default to 256 bits.

Returns:

[]byte - An AES key of the specified size generated using crypto/rand.

Supported Bit Sizes:

• 128 bits: AES-128 (16 bytes)
• 192 bits: AES-192 (24 bytes)
• 256 bits: AES-256 (32 bytes) - default for invalid sizes

func GenerateECCKey ¶ added in v1.12.0

func GenerateECCKey(c elliptic.Curve) (priKey []byte, pubKey []byte, err error)

GenerateECCKey 生成 ecc 密钥，c 可以是

elliptic.P224()
elliptic.P256()
elliptic.P384()
elliptic.P521()

或其他椭圆曲线算法

func GeneratePEMAESKey ¶

func GeneratePEMAESKey() (key []byte)

GeneratePEMAESKey generates a 256-bit AES key in PEM format using crypto/rand.

This function creates a cryptographically secure random AES-256 key and encodes it in PEM format with the block type "AES KEY".

Returns:

[]byte - A PEM-encoded AES-256 key.

PEM Format:

-----BEGIN AES KEY-----
[base64-encoded 32-byte key]
-----END AES KEY-----

func GeneratePEMAESKeyWithSize ¶ added in v1.20.0

func GeneratePEMAESKeyWithSize(bits int) (key []byte)

GeneratePEMAESKeyWithSize generates an AES key of the specified bit size in PEM format.

This function creates a cryptographically secure random AES key of the specified bit length and encodes it in PEM format with the block type "AES KEY".

Parameters:

bits int - The desired key size in bits (128, 192, or 256 for AES-128/192/256).
           Invalid bit sizes default to 256 bits.

Returns:

[]byte - A PEM-encoded AES key of the specified size.

PEM Format:

-----BEGIN AES KEY-----
[base64-encoded key bytes]
-----END AES KEY-----

Key Sizes:

• 128 bits: 16-byte key
• 192 bits: 24-byte key
• 256 bits: 32-byte key (default)

func GeneratePEMECCKey ¶ added in v1.12.0

func GeneratePEMECCKey(c elliptic.Curve) (priKey []byte, pubKey []byte, err error)

GeneratePEMECCKey 生成 PEM格式 的 ecc 密钥，c 可以是

elliptic.P224()
elliptic.P256()
elliptic.P384()
elliptic.P521()

或其他椭圆曲线算法

func GeneratePEMRSAKey ¶

func GeneratePEMRSAKey(bits int) (priKey []byte, pubKey []byte, err error)

GeneratePEMRSAKey 生成 PEM格式 的 rsa 密钥，bits 可以给 2048

func GenerateRSAKey ¶

func GenerateRSAKey(bits int) (priKey []byte, pubKey []byte, err error)

GenerateRSAKey 生成 rsa 密钥，bits 可以给 2048

func InsecureCipherSuites ¶ added in v1.15.5

func InsecureCipherSuites() (suites []uint16)

InsecureCipherSuites 获取不安全的 tls 加密套件

func PKCS5Padding ¶

func PKCS5Padding(data []byte, blockSize int) []byte

PKCS5Padding applies PKCS#5 padding to the input data.

This function pads the input data to make its length a multiple of the specified block size. The padding bytes contain the padding length.

Parameters:

data      []byte - The data to be padded.
blockSize int    - The block size for padding (typically 16 for AES).

Returns:

[]byte - The padded data.

Padding Details:

• Each padding byte contains the number of padding bytes added
• Always adds at least 1 byte of padding (1-blockSize bytes total)
• Example: For 16-byte blocks, if data needs 3 bytes, adds [3,3,3]

func PKCS5UnPadding ¶

func PKCS5UnPadding(data []byte) ([]byte, error)

PKCS5UnPadding removes PKCS#5 padding from the input data.

This function validates and removes PKCS#5 padding from the input data. The last byte indicates the number of padding bytes to remove.

Parameters:

data []byte - The padded data to be unpadded.

Returns:

[]byte - The unpadded data.
error  - An error if the padding is invalid or corrupted.

Validation:

• Checks if padding length is valid (not exceeding data length)
• Empty data is returned as-is

func RSADecrypt ¶

func RSADecrypt(data, priKey []byte) ([]byte, error)

RSADecrypt 使用 RSA 私钥解密，接收 []byte 类型的私钥

OAEP: sha256

func RSADecryptPEM ¶

func RSADecryptPEM(data, priKey []byte) ([]byte, error)

RSADecryptPEM 使用 RSA 私钥解密，接收PEM格式的私钥

OAEP: sha256

func RSADecryptPKCS1v15 ¶ added in v1.7.3

func RSADecryptPKCS1v15(data, priKey []byte) ([]byte, error)

RSADecrypt 使用 RSA 私钥解密，接收 []byte 类型的私钥

PKCS1v15

func RSADecryptPKCS1v15PEM ¶ added in v1.7.3

func RSADecryptPKCS1v15PEM(data, priKey []byte) ([]byte, error)

RSADecryptPEM 使用 RSA 私钥解密，接收PEM格式的私钥

PKCS1v15

func RSADecryptPKCS1v15_ ¶ added in v1.7.3

func RSADecryptPKCS1v15_(crypted []byte, priKey *rsa.PrivateKey) ([]byte, error)

RSADecrypt_ 使用 RSA 私钥解密，接收 *rsa.PrivateKey 私钥

PKCS1v15

func RSADecrypt_ ¶

func RSADecrypt_(crypted []byte, priKey *rsa.PrivateKey) ([]byte, error)

RSADecrypt_ 使用 RSA 私钥解密，接收 *rsa.PrivateKey 私钥

OAEP: sha256

func RSAEncrypt ¶

func RSAEncrypt(data, pubKey []byte) ([]byte, error)

RSAEncrypt 使用 RSA 公钥加密，接收 []byte 类型的公钥

OAEP: sha256

func RSAEncryptPEM ¶

func RSAEncryptPEM(data, pubKey []byte) ([]byte, error)

RSAEncryptPEM 使用 RSA 公钥加密，接收PEM格式的公钥

OAEP: sha256

func RSAEncryptPKCS1v15 ¶ added in v1.7.3

func RSAEncryptPKCS1v15(data, pubKey []byte) ([]byte, error)

RSAEncrypt 使用 RSA 公钥加密，接收 []byte 类型的公钥

PKCS1v15

func RSAEncryptPKCS1v15PEM ¶ added in v1.7.3

func RSAEncryptPKCS1v15PEM(data, pubKey []byte) ([]byte, error)

RSAEncryptPEM 使用 RSA 公钥加密，接收PEM格式的公钥

PKCS1v15

func RSAEncryptPKCS1v15_ ¶ added in v1.7.3

func RSAEncryptPKCS1v15_(data []byte, pubKey *rsa.PublicKey) ([]byte, error)

RSAEncrypt_ 使用 RSA 公钥加密，接收 *rsa.PublicKey 公钥

PKCS1v15

func RSAEncrypt_ ¶

func RSAEncrypt_(data []byte, pubKey *rsa.PublicKey) ([]byte, error)

RSAEncrypt_ 使用 RSA 公钥加密，接收 *rsa.PublicKey 公钥

OAEP: sha256

func RSAHybridDecrypt ¶ added in v1.20.0

func RSAHybridDecrypt(crypted, priKey []byte, aad []byte) ([]byte, error)

RSAHybridDecrypt decrypts data using RSA-OAEP + AES-GCM hybrid decryption with byte key.

This function decrypts hybrid encrypted data using RSA-OAEP + AES-GCM.

Parameters:

crypted []byte - The hybrid encrypted data.
priKey  []byte - The RSA private key in PKCS#1 format.
aad     []byte - Additional authenticated data used during encryption.

Returns:

[]byte - The decrypted plaintext data.
error  - An error if decryption fails, key parsing fails, or authentication fails.

func RSAHybridDecryptPEM ¶ added in v1.20.0

func RSAHybridDecryptPEM(crypted, priKey []byte, aad []byte) ([]byte, error)

RSAHybridDecryptPEM decrypts data using RSA-OAEP + AES-GCM hybrid decryption with PEM key.

This function decrypts hybrid encrypted data using PEM-formatted keys.

Parameters:

crypted []byte - The hybrid encrypted data.
priKey  []byte - The RSA private key in PEM format.
aad     []byte - Additional authenticated data used during encryption.

Returns:

[]byte - The decrypted plaintext data.
error  - An error if decryption fails, PEM decoding fails, key parsing fails, or authentication fails.

Expected PEM Format:

-----BEGIN RSA PRIVATE KEY-----
[base64-encoded private key]
-----END RSA PRIVATE KEY-----

func RSAHybridDecryptWithoutAAD ¶ added in v1.20.0

func RSAHybridDecryptWithoutAAD(crypted, priKey []byte) ([]byte, error)

RSAHybridDecryptWithoutAAD decrypts data using RSA-OAEP + AES-GCM hybrid decryption without AAD.

This is a convenience function for hybrid decryption without additional authenticated data.

Parameters:

crypted []byte - The hybrid encrypted data.
priKey  []byte - The RSA private key in PKCS#1 format.

Returns:

[]byte - The decrypted plaintext data.
error  - An error if decryption fails, key parsing fails, or authentication fails.

func RSAHybridDecrypt_ ¶ added in v1.20.0

func RSAHybridDecrypt_(crypted []byte, priKey *rsa.PrivateKey, aad []byte) ([]byte, error)

RSAHybridDecrypt_ decrypts data using RSA-OAEP + AES-GCM hybrid decryption.

This function decrypts hybrid encrypted data by first extracting and decrypting the AES key with RSA-OAEP, then decrypting the data with AES-GCM.

Expected Format: RSA Key Length (4 bytes) || Encrypted AES Key || Encrypted Data

Parameters:

crypted []byte - The hybrid encrypted data.
priKey  *rsa.PrivateKey - The RSA private key for decrypting the AES key.
aad     []byte - Additional authenticated data used during encryption.

Returns:

[]byte - The decrypted plaintext data.
error  - An error if decryption fails or authentication fails.

Technical Details:

• Minimum input size: 32 bytes (4-byte length + RSA key + AES-GCM overhead)
• RSA Decryption: OAEP with SHA-256
• AES Decryption: GCM mode with authentication verification

func RSAHybridEncrypt ¶ added in v1.20.0

func RSAHybridEncrypt(data, pubKey []byte, aad []byte) ([]byte, error)

RSAHybridEncrypt encrypts data using RSA-OAEP + AES-GCM hybrid encryption with byte key.

This function provides secure encryption for data of any size using hybrid cryptography.

Parameters:

data   []byte - The plaintext data to be encrypted (any size).
pubKey []byte - The RSA public key in PKCS#1 format.
aad    []byte - Additional authenticated data for AES-GCM. Can be nil.

Returns:

[]byte - The hybrid encrypted data.
error  - An error if encryption fails or key parsing fails.

func RSAHybridEncryptPEM ¶ added in v1.20.0

func RSAHybridEncryptPEM(data, pubKey []byte, aad []byte) ([]byte, error)

RSAHybridEncryptPEM encrypts data using RSA-OAEP + AES-GCM hybrid encryption with PEM key.

This function provides secure encryption for data of any size using PEM-formatted keys.

Parameters:

data   []byte - The plaintext data to be encrypted (any size).
pubKey []byte - The RSA public key in PEM format.
aad    []byte - Additional authenticated data for AES-GCM. Can be nil.

Returns:

[]byte - The hybrid encrypted data.
error  - An error if encryption fails, PEM decoding fails, or key parsing fails.

Expected PEM Format:

-----BEGIN RSA PUBLIC KEY-----
[base64-encoded public key]
-----END RSA PUBLIC KEY-----

func RSAHybridEncryptWithoutAAD ¶ added in v1.20.0

func RSAHybridEncryptWithoutAAD(data, pubKey []byte) ([]byte, error)

RSAHybridEncryptWithoutAAD encrypts data using RSA-OAEP + AES-GCM hybrid encryption without AAD.

This is a convenience function for hybrid encryption without additional authenticated data.

Parameters:

data   []byte - The plaintext data to be encrypted (any size).
pubKey []byte - The RSA public key in PKCS#1 format.

Returns:

[]byte - The hybrid encrypted data.
error  - An error if encryption fails or key parsing fails.

func RSAHybridEncrypt_ ¶ added in v1.20.0

func RSAHybridEncrypt_(data []byte, pubKey *rsa.PublicKey, aad []byte) ([]byte, error)

RSAHybridEncrypt_ encrypts data using RSA-OAEP + AES-GCM hybrid encryption.

This function provides secure encryption for data of any size by combining RSA-OAEP (for key encryption) with AES-GCM (for data encryption).

Output Format: RSA Key Length (4 bytes) || Encrypted AES Key || Encrypted Data

Parameters:

data   []byte - The plaintext data to be encrypted (any size).
pubKey *rsa.PublicKey - The RSA public key for encrypting the AES key.
aad    []byte - Additional authenticated data for AES-GCM. Can be nil.

Returns:

[]byte - The hybrid encrypted data.
error  - An error if encryption fails.

Technical Details:

• AES Key: 32 bytes (AES-256) - randomly generated
• RSA Encryption: OAEP with SHA-256
• AES Encryption: GCM mode with 12-byte nonce and 16-byte tag
• Format: [4-byte key length][RSA-encrypted AES key][AES-GCM encrypted data]

func RSASignPKCS1v15 ¶ added in v1.12.0

func RSASignPKCS1v15(data, priKey []byte) (string, error)

RSASignPKCS1v15 使用 rsa 私钥签名（PKCS1v15），接收 []byte 类型的私钥

func RSASignPKCS1v15PEM ¶ added in v1.12.0

func RSASignPKCS1v15PEM(data, priKey []byte) (string, error)

RSASignPKCS1v15PEM 使用 rsa 私钥签名（PKCS1v15），接收PEM格式的私钥

func RSASignPKCS1v15_ ¶ added in v1.12.0

func RSASignPKCS1v15_(data []byte, priKey *rsa.PrivateKey) (string, error)

RSASignPKCS1v15_ 使用 rsa 私钥签名（PKCS1v15），接收 *rsa.PrivateKey 私钥

func RSASignPSS ¶ added in v1.12.0

func RSASignPSS(data, priKey []byte) (string, error)

RSASignPSS 使用 rsa 私钥签名（PSS），接收 []byte 类型的私钥

func RSASignPSSPEM ¶ added in v1.12.0

func RSASignPSSPEM(data, priKey []byte) (string, error)

RSASignPSSPEM 使用 rsa 私钥签名（PSS），接收PEM格式的私钥

func RSASignPSS_ ¶ added in v1.12.0

func RSASignPSS_(data []byte, priKey *rsa.PrivateKey) (string, error)

RSASignPSS_ 使用 rsa 私钥签名（PSS），接收 *rsa.PrivateKey 私钥

func RSAVerifyPKCS1v15 ¶ added in v1.12.0

func RSAVerifyPKCS1v15(data []byte, signStr string, pubKey []byte) error

RSAVerifyPKCS1v15 使用 rsa 公钥验签（PKCS1v15），接收 []byte 类型的公钥

func RSAVerifyPKCS1v15PEM ¶ added in v1.12.0

func RSAVerifyPKCS1v15PEM(data []byte, signStr string, pubKey []byte) error

RSAVerifyPKCS1v15PEM 使用 rsa 公钥验签（PKCS1v15），接收PEM格式的公钥

func RSAVerifyPKCS1v15_ ¶ added in v1.12.0

func RSAVerifyPKCS1v15_(data []byte, signStr string, pubKey *rsa.PublicKey) error

RSAVerifyPKCS1v15_ 使用 rsa 公钥验签（PKCS1v15），接收 *rsa.PublicKey 公钥

func RSAVerifyPSS ¶ added in v1.12.0

func RSAVerifyPSS(data []byte, signStr string, pubKey []byte) error

RSAVerifyPSS 使用 rsa 公钥验签（PSS），接收 []byte 类型的公钥

func RSAVerifyPSSPEM ¶ added in v1.12.0

func RSAVerifyPSSPEM(data []byte, signStr string, pubKey []byte) error

RSAVerifyPSSPEM 使用 rsa 公钥验签（PSS），接收PEM格式的公钥

func RSAVerifyPSS_ ¶ added in v1.12.0

func RSAVerifyPSS_(data []byte, signStr string, pubKey *rsa.PublicKey) error

RSAVerifyPSS_ 使用 rsa 公钥验签（PSS），接收 *rsa.PublicKey 公钥