Web安全：密码学基础详解

Web安全密码学基础详解1. 密码学概述密码学是研究信息加密、解密的技术科学包括对称加密、非对称加密、哈希函数、数字签名等。2. 对称加密2.1 AES加密import crypto/aes import crypto/cipher func AESEncrypt(plaintext, key []byte) ([]byte, error) { block, err : aes.NewCipher(key) if err ! nil { return nil, err } ciphertext : make([]byte, aes.BlockSizelen(plaintext)) iv : ciphertext[:aes.BlockSize] if _, err : io.ReadFull(rand.Reader, iv); err ! nil { return nil, err } stream : cipher.NewCFBEncrypter(block, iv) stream.XORKeyStream(ciphertext[aes.BlockSize:], plaintext) return ciphertext, nil } func AESDecrypt(ciphertext, key []byte) ([]byte, error) { block, err : aes.NewCipher(key) if err ! nil { return nil, err } if len(ciphertext) aes.BlockSize { return nil, errors.New(ciphertext too short) } iv : ciphertext[:aes.BlockSize] ciphertext ciphertext[aes.BlockSize:] stream : cipher.NewCFBDecrypter(block, iv) stream.XORKeyStream(ciphertext, ciphertext) return ciphertext, nil }2.2 ChaCha20-Poly1305import golang.org/x/crypto/chacha20poly1305 func EncryptAead(plaintext, key []byte) ([]byte, error) { aead, err : chacha20poly1305.NewX(key) if err ! nil { return nil, err } nonce : make([]byte, aead.NonceSize()) if _, err : io.ReadFull(rand.Reader, nonce); err ! nil { return nil, err } return aead.Seal(nonce, nonce, plaintext, nil), nil }3. 非对称加密3.1 RSA加密import crypto/rsa import crypto/rand func GenerateRSAKey(bits int) (*rsa.PrivateKey, *rsa.PublicKey, error) { privateKey, err : rsa.GenerateKey(rand.Reader, bits) if err ! nil { return nil, nil, err } return privateKey, privateKey.PublicKey, nil } func RSAEncrypt(plaintext []byte, publicKey *rsa.PublicKey) ([]byte, error) { ciphertext, err : rsa.EncryptOAEP( sha256.New(), rand.Reader, publicKey, plaintext, nil, ) return ciphertext, err } func RSADecrypt(ciphertext []byte, privateKey *rsa.PrivateKey) ([]byte, error) { plaintext, err : rsa.DecryptOAEP( sha256.New(), rand.Reader, privateKey, ciphertext, nil, ) return plaintext, err }3.2 ECDSA签名import crypto/ecdsa import crypto/elliptic import crypto/sha256 func GenerateECDSAKey() (*ecdsa.PrivateKey, error) { return ecdsa.GenerateKey(elliptic.P256(), rand.Reader) } func SignECDSA(privateKey *ecdsa.PrivateKey, message []byte) ([]byte, error) { hash : sha256.Sum256(message) r, s, err : ecdsa.Sign(rand.Reader, privateKey, hash[:]) if err ! nil { return nil, err } return append(r.Bytes(), s.Bytes()...), nil } func VerifyECDSA(publicKey *ecdsa.PublicKey, message, signature []byte) bool { hash : sha256.Sum256(message) r : new(big.Int).SetBytes(signature[:32]) s : new(big.Int).SetBytes(signature[32:]) return ecdsa.Verify(publicKey, hash[:], r, s) }4. 哈希函数4.1 SHA-256import crypto/sha256 func HashSHA256(data []byte) []byte { hash : sha256.Sum256(data) return hash[:] }4.2 bcrypt密码哈希import golang.org/x/crypto/bcrypt func HashPassword(password string) (string, error) { bytes, err : bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost) return string(bytes), err } func CheckPassword(password, hash string) bool { err : bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)) return err nil }5. 密钥派生5.1 PBKDF2import golang.org/x/crypto/pbkdf2 func DeriveKey(password, salt []byte) []byte { return pbkdf2.Key(password, salt, 100000, 32, sha256.New) }5.2 Argon2import github.com/alexedwards/argon2 func HashPasswordArgon2(password string) (string, error) { return argon2.IDHash(password) }6. 总结密码学是Web安全的基础对称加密用于数据加密非对称加密用于密钥交换和数字签名哈希函数用于数据完整性校验。在实际应用中应使用标准的加密算法和库避免自行实现加密逻辑。