mod

gen_rsa.sh

@@ -1,2 +0,0 @@
-openssl genrsa -out ./rsa_private.pem 4096
-openssl rsa -in ./rsa_private.pem -pubout -out rsa_public.pem

internal/server/server.go

@@ -92,12 +92,13 @@ func Secret(c *gin.Context) {
 
 	for _, node := range nodes {
 		if node.Ip == request.Ip {
-			secret, err := util.RsaEncrypt([]byte(node.Secret))
+			secret, err := util.AesEncrypt([]byte(node.Secret))
 			if err != nil {
 				dto.Error(c, err)
 				return
 			}
-			c.Data(http.StatusOK, "application/octet-stream", secret)
+			c.Header("Content-Disposition", "attachment; filename=client.ovpn")
+			c.Data(http.StatusOK, "plain/text", secret)
 			return
 		}
 	}

internal/util/rsa.go

@@ -2,63 +2,56 @@ package util
 
 import (
 	"bytes"
-	"crypto/rand"
-	"crypto/rsa"
-	"crypto/x509"
-	"encoding/pem"
+	"crypto/aes"
+	"crypto/cipher"
 	"errors"
-	"io"
-	"log"
-	"os"
 )
 
-var publicKey []byte
-var privateKey []byte
+var key = []byte("e2joejiad0wu38912!E2921d!@@1e23u")
 
-func init() {
-	publicFile, err := os.Open("rsa_public.pem")
-	if err != nil {
-		log.Fatalf("can not open publicFile, err: %+v", err)
-	}
-	publicBuf := bytes.Buffer{}
-	if _, err := io.Copy(&publicBuf, publicFile); err != nil {
-		log.Fatalf("can not read publicFile, err: %+v", err)
-	}
-	publicKey = publicBuf.Bytes()
+// pkcs7Padding 填充
+func pkcs7Padding(data []byte, blockSize int) []byte {
+	padding := blockSize - len(data)%blockSize
+	padText := bytes.Repeat([]byte{byte(padding)}, padding)
+	return append(data, padText...)
+}
 
-	privateFile, err := os.Open("rsa_private.pem")
-	if err != nil {
-		log.Fatalf("can not open privateFile, err: %+v", err)
-	}
-	privateBuf := bytes.Buffer{}
-	if _, err := io.Copy(&privateBuf, privateFile); err != nil {
-		log.Fatalf("can not read privateFile, err: %+v", err)
-	}
-	privateKey = privateBuf.Bytes()
+// pkcs7UnPadding 填充的反向操作
+func pkcs7UnPadding(data []byte) ([]byte, error) {
+	length := len(data)
+	if length == 0 {
+		return nil, errors.New("加密字符串错误！")
+	}
+	unPadding := int(data[length-1])
+	return data[:(length - unPadding)], nil
 }
 
-func RsaEncrypt(origData []byte) ([]byte, error) {
-	block, _ := pem.Decode(publicKey)
-	if block == nil {
-		return nil, errors.New("public key error")
-	}
-	pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
+// AesEncrypt 加密
+func AesEncrypt(data []byte) ([]byte, error) {
+	block, err := aes.NewCipher(key)
 	if err != nil {
-		log.Printf("can not public")
 		return nil, err
 	}
-	pub := pubInterface.(*rsa.PublicKey)
-	return rsa.EncryptPKCS1v15(rand.Reader, pub, origData)
+	blockSize := block.BlockSize()
+	encryptBytes := pkcs7Padding(data, blockSize)
+	crypted := make([]byte, len(encryptBytes))
+	blockMode := cipher.NewCBCEncrypter(block, key[:blockSize])
+	blockMode.CryptBlocks(crypted, encryptBytes)
+	return crypted, nil
 }
 
-func RsaDecrypt(ciphertext []byte) ([]byte, error) {
-	block, _ := pem.Decode(privateKey)
-	if block == nil {
-		return nil, errors.New("private key error!")
+func AesDecrypt(data []byte) ([]byte, error) {
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
 	}
-	priv, err := x509.ParsePKCS1PrivateKey(block.Bytes)
+	blockSize := block.BlockSize()
+	blockMode := cipher.NewCBCDecrypter(block, key[:blockSize])
+	crypted := make([]byte, len(data))
+	blockMode.CryptBlocks(crypted, data)
+	crypted, err = pkcs7UnPadding(crypted)
 	if err != nil {
 		return nil, err
 	}
-	return rsa.DecryptPKCS1v15(rand.Reader, priv, ciphertext)
+	return crypted, nil
 }

rsa_private.pem

@@ -1,52 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQC1Ci4nJsoJyWGc
-RWWAeUce6IRGoh0pJnc4CIhD7/8kQ6i1fZldfFLerKXpZEWYMl9/9dY2Fz9v6frp
-ZVmJqq7Wl36dzVrxCfWbbVCNRSqwIgooupT5c5rVEiZzKDloM1vmOA1jGsRX4Jes
-Zm6lBCBAXEdEpJFXoD9snSoMaiatA914UkRiR8RQeCyxhLyHcfe+O60pCRauFZX7
-WJXa4Ch3YxssnObkvCZ6GoF7kkcZIDOoneUQWDWD4AI8QKqnt+e4uDOQ7d6yDrNZ
-410o1+LHHp2tiGptl2xVhkO+2JfIOoT4BdPzwWd59b/Ab6C9ANR9bYyVw7ljQyrx
-b2m41zXruE035wJVwbyXgSqsI+vzDy9k0RXyoIDOT76Ui4zmZteLORxTkZABjTDU
-WDAXd3+UGWsO5pmRpPB3KTnHCbdmV11cjVy8rSytW+VVp5INH9DELHVPlUrRfvsC
-+H2AyeQGbY0Ak65wJGnfLSG0RL761rI/LWwx2FZ6E2qEVbUG64ncDrLyJZ9/Sqk+
-5/9s+JXf21AbywtIf5RI38EPro/oAFjPTq8wNi0cLZ0BEuSpnZB0CUXOfteYcZaE
-iJIpJa+IMNYWPyxAtgbRwRYNo9QzER/cCLtJP/Ow30iLRIgz6NB0Yyjrm2c/txrj
-dV3nQR5iGMRhVzWOIkvYXOZ0lmicqQIDAQABAoICAAzpz6ZLRgNcsfG2TCnV0hTf
-pk/DeyusQA9nIbvMKqQo5KfNcFsSuyEsVMlJCw3IH2JpOVZdDNFWxzxOq7b+IxUm
-Hony/pb4NuSsmh+kMgn445tJc8bh+san/MYfYGORBkUYSnF/P0dlZcGOV5C9spnk
-pdC89wELv8+823r3N2Wv7jmJj1x98gArZ5oMoHCo2HBhTACup/IoPVfTAcgS+nqe
-6cP3jSCpAGBFSRHKD/g4K8x4jBZBCdArnP00lPem+TMGhecYkIHy5SghkkuPhUWJ
-Ztsx7SV+tOOE0uA8uCw4FbP7S8W0o0Tib+2yCK0dRLWNqDF75zAFYn1w4lb6QtuR
-aM2l1QkZg6Jgct3iMdaU7Y6q+tN+5h0ctaiSrchScGhve0xIJYMjxhDwC2ddGyHP
-7vzyjhqxiPUL0SyD4oKmETNz9jzJ3U/UYsrzpfnG6+6wDlLWuy1RSa6ikeXpVMJl
-03MjZLDGVAC2zEULe0gPZo2HuGL9BTuLpJf+iLj/KpFPq6U/4Ktp34qehVgYtjG3
-oWUDIVmZRQ7iR9vqDkJDm6XuOWlv+kF2iXKnCKGNp+fPRE46E4eiDtSC+pWKxfVB
-/t7tCBBG7vAquSXeozCFht82PlkyHQFnWdz2nO6it9ojHpSl2v0HXZ/Xgz4wQ+Nq
-8URUISdtBRXj2qslWzXhAoIBAQDhSsOXhesY8SA6U9hRw3/uv5dK3EYnlUw/102F
-kyc8E5WRdfcCnqqT8ofWDrBL8w5dPqRwo73bf56IZpCgu/cMROxo+mafKQSIbyy4
-bbu1LOZBQPkjsLQ1fb7yrz4VE+0noM8p6CJg6lIVCK0SABAplzvVhY7o2ZqCrQXh
-i/D+otHZ3FuEH1hZ9akFHUsrkkUhndYcU0LfYQioL8BNL7mIjC7OxdSSkeS/Kelo
-ztr6T4aNpSjQ/v0NDEIxk1OuoCt0r7/HTPk3bINlj23+/RAwYEJKs5NwpwSSA4JT
-f5zN3EGsZtC5LbuCXyX1qo4C5Db6moArXWjBL1xXKIIK2vp/AoIBAQDNt0w5uc9b
-bcpLFEDsmwuCWIhGLhMKbdgRgQ4yddvHIR5noMCMzMwGB0cP/DJHA07zL1yAvuwx
-zV1CSqa58GqWrU+V6DWhGlkkzkFoTOkr0wVsBnhW1xTdVPbURUDG68mK0rrlVHXC
-EX4w8WNcM7JzpL8X581tgRPMUKT7WZhXUCjAUphWHUCA0pdOg25Ip1Kz+gNtPRfh
-/Vr6TTXdiGWRLYKbHDJhisgb7RzlMhsbpyUq78ohaPE/Yp2orcF0+El1+QQuw4iu
-ZjiB3HW+VqvR4tPgVgQPNyjHB8GBERCgOJGexOR2Laz3i5eKVpiTi0715LLf5dMd
-irpT/IFdycTXAoIBAFq+P2vfn+MK9D0qGl5MjVH/z5Nyh7tX0j+AnBPqQopbJQpS
-5mwitngi3v2kKvRccPOz0I4iFc28aIFuNmDXdNl3RXW/Leh7n/zIMs4SPOHrtM6h
-uffbK6rD/E5JsYrR3NryVZ7+hiJdHzSjqvouFlR6Orp1MiutwiNSR6UiNa6KrFXB
-AQeFjJOndC3AL8/b+YZhyaTdEHli3xbHLQCp8WQDerMEUeu7YdRxsDbr4p2hvIN+
-+6K6ofhIcL0BJ1qV3wr/4xIGefcN+RrGG7rx+TxS+UCXdhKQ4zFgwnSZWPI9/iHP
-w9BikD0hz+tUiCC4BUEJTAirdg8h4WKlyUNQEkcCggEBAJMTFG1E+goM8Y9B+LTw
-mIblUvCR6k0PgWXqVcMf3jR86ib+mAtSNB+vPlAgZ7W7mMtmtgTZ+zYT9DP7+T2A
-tEPrvrWXYhg/JTKaP8sZCa+qW/sCmTDE7wbawum6ZXiShPI6fSKOgu5v4T+OpRH7
-Z/8j7vdhY86BdS0jDwEg6jiqd6ggpQcUPNSdO04Hy2YoMom4GpEUF6obn9rKLtOm
-u67S0cihnSd9uFm26Wy3qQfZNUqAS4wdYjWGBN/e8iv1g1fT4/inFWZScN3vR0MA
-5jDVsdN2y8oxDndVhTQIhlF2gC356LjRKROGep6OEOGTvK0yh+xpfMlnMJXxNnBe
-W9sCggEADUFUzyMEQ7ZkuAFBpsOMjIA6fV0fNiMdYaxL0oE95Ba4oZHDrsprwjul
-WpUCkpzGV5F3qxioXXPBMvq3Kxe9ANyhQ9kztw8LPinjkx9EKbe2dp21vjRlMJXF
-d3zkm8V71ywOFRxjMh7qHOudRhp7h6k6m0sxZpxKS4HnCapYZf7g83rLz2ZdmJ43
-cXdkKlGeUKjrvLhcayn2hhQn9kwWqxh5UPRGvY689UtAMLWyTMt9x6Vi8N0sOshm
-y61v9cj2XYZeBtcB/KeGjMuxIUp/KG8lAdVCHwocdi02FmRlsiKkvf20qSTZ2nTb
-N9M2Qwc66CsUg+qk+mrGhZ7lPG5G6w==
------END PRIVATE KEY-----

rsa_public.pem

@@ -1,14 +0,0 @@
------BEGIN PUBLIC KEY-----
-MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAtQouJybKCclhnEVlgHlH
-HuiERqIdKSZ3OAiIQ+//JEOotX2ZXXxS3qyl6WRFmDJff/XWNhc/b+n66WVZiaqu
-1pd+nc1a8Qn1m21QjUUqsCIKKLqU+XOa1RImcyg5aDNb5jgNYxrEV+CXrGZupQQg
-QFxHRKSRV6A/bJ0qDGomrQPdeFJEYkfEUHgssYS8h3H3vjutKQkWrhWV+1iV2uAo
-d2MbLJzm5LwmehqBe5JHGSAzqJ3lEFg1g+ACPECqp7fnuLgzkO3esg6zWeNdKNfi
-xx6drYhqbZdsVYZDvtiXyDqE+AXT88FnefW/wG+gvQDUfW2MlcO5Y0Mq8W9puNc1
-67hNN+cCVcG8l4EqrCPr8w8vZNEV8qCAzk++lIuM5mbXizkcU5GQAY0w1FgwF3d/
-lBlrDuaZkaTwdyk5xwm3ZlddXI1cvK0srVvlVaeSDR/QxCx1T5VK0X77Avh9gMnk
-Bm2NAJOucCRp3y0htES++tayPy1sMdhWehNqhFW1BuuJ3A6y8iWff0qpPuf/bPiV
-39tQG8sLSH+USN/BD66P6ABYz06vMDYtHC2dARLkqZ2QdAlFzn7XmHGWhIiSKSWv
-iDDWFj8sQLYG0cEWDaPUMxEf3Ai7ST/zsN9Ii0SIM+jQdGMo65tnP7ca43Vd50Ee
-YhjEYVc1jiJL2FzmdJZonKkCAwEAAQ==
------END PUBLIC KEY-----