内容简介:golang实现摘要签名和验证的过程:两个步骤:下面是代码原文:
golang实现摘要签名和验证的过程:
两个步骤:
- 利用私钥对一个摘要进行签名。
$ ./test -command sign -key ./privatekey.pem -text "12345" MEUCIE7DsGmTHJ3VGZec2UF9hRX7jq9Yd7F2kS7kEL132js8AiEA/ZlyIpo86Rn3waR8m2c4BtQPu8cNjYAnroibK+ujslY=
- 利用公钥验证签名是否有效。
$ ./test -command verify -cert ./publickey.pem -text "12345" -sign "MEQCIFuvcVHlztAN7YVehgCDYzVSo1Q10iTKeJE5ydxzfih5AiAC2ETt/8XuE1VHaGkLsiJkRSueh65Leq2VKkmFKxB/sQ==" Successed to verify Signature and nonce
下面是代码原文:
package main import ( "fmt" "flag" "io/ioutil" "math/big" "crypto/ecdsa" "crypto/rand" "crypto/sha256" "crypto/x509" "encoding/asn1" "encoding/base64" "encoding/pem" ) type ECDSASignature struct { R, S *big.Int } var ( command string certfile string keyfile string text string sign string ) func main() { flag.StringVar(&command, "command", "", "Command: sign/verify") flag.StringVar(&keyfile, "key", "", "Private key file") flag.StringVar(&certfile, "cert", "", "Public key file") flag.StringVar(&text, "text", "", "Text content to be signed") flag.StringVar(&sign, "sign", "", "Signed content to be verifed") flag.Parse() switch command { case "sign": if keyfile == "" || text == "" { fmt.Printf("ERROR: either key file or text is empty\n") return } Sign(keyfile, text) case "verify": if certfile == "" || text == "" || sign == "" { fmt.Printf("ERROR: either key file or text or sign is empty\n") return } Verify(certfile, text, sign) default: fmt.Printf("ERROR: unknown command\n") return } } func Sign(keyFile, text string) { keyBuff, err := ioutil.ReadFile(keyFile) if err != nil { fmt.Printf("ERROR: failed to read keystore file: %s, error: %v\n", keyFile, err) return } block, _ := pem.Decode(keyBuff) if block == nil { fmt.Printf("ERROR: block of decoded private key is nil\n") return } privKey, err := x509.ParsePKCS8PrivateKey(block.Bytes) if err != nil { fmt.Printf("ERROR: failed get ECDSA private key, %v\n", err) return } ecPrivKey := privKey.(*ecdsa.PrivateKey) hash := sha256.Sum256([]byte(text)) r, s, err := ecdsa.Sign(rand.Reader, ecPrivKey, hash[:]) if err != nil { fmt.Printf("ERROR: failed to get signature, %v\n", err) return } // asn1 output DER format signature, err := asn1.Marshal(ECDSASignature{ R: r, S: s, }) if err != nil { fmt.Printf("ERROR: asn1.Marshal ECDSA signature: %v\n", err) return } fmt.Printf("%s\n", base64.StdEncoding.EncodeToString(signature)) } func Verify(certFile, text string, sign string) { certBuff, err := ioutil.ReadFile(certFile) if err != nil { fmt.Printf("ERROR: failed to read keystore file: %s, error: %s\n", certFile, err) return } block, _ := pem.Decode(certBuff) if block == nil { fmt.Printf("ERROR: block of decoded private key is nil\n") return } cert, err := x509.ParseCertificate(block.Bytes) if err != nil { fmt.Printf("ERROR: failed get ECDSA private key, error: %v\n", err) return } arr := []byte(text) h := sha256.New() h.Write(arr) hashed := h.Sum(nil) signatureDec, _ := base64.StdEncoding.DecodeString(sign) sig := new(ECDSASignature) _, err = asn1.Unmarshal(signatureDec, sig) if err != nil { fmt.Printf("ERROR: failed unmashalling signature, error: %v", err) return } pub, _ := cert.PublicKey.(*ecdsa.PublicKey) if !ecdsa.Verify(pub, hashed[:], sig.R, sig.S) { fmt.Printf("ERROR: Failed to verify Signature: %v\n", err) return } fmt.Printf("Successed to verify Signature and nonce\n") return }
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持 码农网
猜你喜欢:本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
中国制造2025:产业互联网开启新工业革命
夏妍娜、赵胜 / 机械工业出版社 / 2016-2-22 / 49.00
过去20年,是中国消费互联网肆意生长的"黄金20年",诞生了诸如BAT等互联网巨头,而时至今日,风口正逐渐转向了产业互联网。互联网这一摧枯拉朽的飓风,在改造了消费服务业之后,正快速而坚定地横扫工业领域,拉开了产业互联网"关键30年"的大幕。 "中国制造2025"规划,恰是中国政府在新一轮产业革命浪潮中做出的积极举措,是在"新常态"和"供给侧改革"的背景下,强调制造业在中国经济中的基础作用,认......一起来看看 《中国制造2025:产业互联网开启新工业革命》 这本书的介绍吧!