需要
首先在golang中生成keypair,javascript向golang发送数据前,先申请publickey API获取publickey,而后基于publickey加密数据,最初将被加密的数据发送给golang。
实现
一、golang生成keypair
var ( privateKey *rsa.PrivateKey publicKey *rsa.PublicKey publicKeyString string)if pri, err := rsa.GenerateKey(rand.Reader, 32); err != nil { panic(err)} else { privateKey = pri publicKey = &pri.PublicKey}// 将publicKey转换为PKIX, ASN.1 DER格局if derPkix, err := x509.MarshalPKIXPublicKey(publicKey); err != nil { return err} else { // 设置PEM编码构造 block := pem.Block{ Type: "RSA PUBLIC KEY", Bytes: derPkix, } // 将publicKey以字符串模式返回给javascript publicKeyString = string(pem.EncodeToMemory(&block))}二、javascript应用publickey加密数据
装置
jsencryptnpm install jsencrypt获取
publickeyconst [pk, setPK] = useState('')useEffect(() => { fetch(`${url}`, {method: 'GET'}) .then(r => r.json()) .then(d => { if (d.hasOwnProperty('public_key')) setPK(d.public_key) else alert('API返回值短少必要字段!') }) .catch(e => {alert(e)})}, [])加密用户数据
let encryptor = new JSEncrypt() // 新建JSEncrypt对象encryptor.setPublicKey(pk) // 设置publickeylet ciphertext = encryptor.encrypt(data) // 加密data
三、golang应用privatekey解密数据
// 解码base64字符串bytes, err := base64.StdEncoding.DecodeString(ciphertext)if err != nil { panic(err)}// 解密plaintext, e := rsa.DecryptPKCS1v15( rand.Reader, privateKey, bytes,)if err != nil { panic(e)}