ZBLOG

注册 原创投稿

golang HS,RS,ES,ED签名与验证

作者:golang云原生栏目:公开2023-07-06 03:10645

在Golang中,我们可以使用第三方库来进行HS、RS、ES和ED签名与验证。

  1. HS(HMAC-SHA)签名与验证

对于HS签名算法,我们可以使用crypto/hmac包生成HMAC,并结合hash函数生成消息认证码。下面是示例代码:

  1. package main
  3. import (
  4.     "crypto/hmac"
  5.     "crypto/sha256"
  6.     "encoding/base64"
  7.     "fmt"
  8. )
  10. func signHS(message string, key string) (string, error) {
  11. 	keyBytes, err := base64.StdEncoding.DecodeString(key)
  12. 	if err != nil {
  13. 		return "", err
  14. 	}
  15. 	
  16. 	hmac := hmac.New(sha256.New, keyBytes)
  17. 	hmac.Write([]byte(message))
  18. 	
  19. 	signature := hmac.Sum(nil)
  20. 	
  21. 	return base64.StdEncoding.EncodeToString(signature), nil
  22. }
  24. func verifyHS(message string, signature string, key string) bool {
  25. 	calculatedSignature, _ := signHS(message, key)
  26. 	
  27. 	return calculatedSignature == signature
  28. }
  30. func main() {
  31. 	message := "Hello World!"
  32. 	key := "MzQ0Njg5MjA2NDExMTIyNDMyMDAwMDAxODc3NTM4NzE="
  33. 	
  34. 	signature, err := signHS(message, key)
  35. 	if err != nil {
  36. 		panic(err)
  37. 	}
  38. 	fmt.Println("Signature:", signature)
  39. 	
  40. 	valid := verifyHS(message, signature, key)
  41. 	fmt.Println("Valid:", valid)
  42. }

在上面的代码中,我们使用crypto/hmac包生成了一个HMAC-SHA256签名,并将其编码为base64格式字符串返回。然后,我们可以使用verifyHS函数来验证签名是否有效。

  1. RS(RSA)签名与验证

对于RS签名算法,我们可以使用crypto/rsa包生成数字签名,并使用公钥验证签名。下面是示例代码:

  1. package main
  3. import (
  4.     "crypto/rand"
  5.     "crypto/rsa"
  6.     "crypto/sha256"
  7. 	"crypto/x509"
  8. 	"encoding/pem"
  9. 	"fmt"
  10. )
  12. func signRS(message string, privateKeyStr string) (string, error) {
  13. 	block, _ := pem.Decode([]byte(privateKeyStr))
  14. 	if block == nil || block.Type != "RSA PRIVATE KEY" {
  15. 	    return "", fmt.Errorf("invalid private key")
  16. 	}
  17. 	
  18. 	privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
  19. 	if err != nil {
  20. 	    return "", err
  21. 	}
  22. 	
  23. 	hashed := sha256.Sum256([]byte(message))
  24. 	signature, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, hashed[:])
  25. 	if err != nil {
  26. 	    return "", err
  27. 	}
  28. 	
  29. 	return base64.StdEncoding.EncodeToString(signature), nil
  30. }
  32. func verifyRS(message string, signature string, publicKeyStr string) bool {
  33. 	publicBlock, _ := pem.Decode([]byte(publicKeyStr))
  34. 	if publicBlock == nil || publicBlock.Type != "PUBLIC KEY" {
  35.         return false
  36.     }
  37.     
  38.     pubInterface,err:=x509.ParsePKIXPublicKey(publicBlock.Bytes)
  39.     if err!=nil{
  40.         return false
  41.     }
  42.     
  43. 	publicKey,_:=pubInterface.(*rsa.PublicKey)
  44. 	
  45. 	hashed := sha256.Sum256([]byte(message))
  46. 	sigBytes,err:=base64.StdEncoding.DecodeString(signature)
  47. 	if err!=nil{
  48.         return false
  49.     }
  50. 	
  51. 	err = rsa.VerifyPKCS1v15(publicKey,crypto.SHA256,&hashed,sigBytes)
  52. 	return err==nil
  53. }
  55. func main() {
  56. 	message := "Hello World!"
  57. 	privateKeyStr := `-----BEGIN RSA PRIVATE KEY-----
  58. MIIEpAIBAAKCAQEAo5txO3i+g82v3gZ/RfLZD0b+xT3jF4aikmz8/vs5CnqIL0w
  59. JrCz1O2XUAsyLDhX9P+MjjipWVdo8f1C6lGWso80dJovGffocO6Gcgb8Dnj7inRb
  60. MmEQdygzBxLO4tI37Ld2/z7xuIHxDaWXEe9cTPYgsN6rHFDw97eoqecErHkUbbSy
  61. gcmymBCK/7kpmsdnlqwSwKCGCyN8VOoP+z3kWYYuNbOVfJ62o4EzBYWe+QCChkwf
  62. CDMYaoZpzmOWTLsEdjbCCZIDznG+cVH0WrCX+tz1ArXheSZ75vlKLTYIFjpHNIZ+
  63. HEQs33DJbcDG60vFYZzpS/lvHi6bovVQlNsLxwIDAQABAoIBAGlzAcKP5C+bFaRO
  64. PNayViL9FR/Mav8IeJjnxkfnCuOnVSC7SQOmCSAXA55/CtaRPmPUyxnKTNSkFo86
  65. rMM9fiIeqgep/Xch17OHLSbBDHYHoEWULduEq41+YtufRT69Bvk99Dt/35dc2jTD
  66. GNh5ZZTZx3jHa3vsOsSBwywuMnn2eMWb56ugojhhONlf0s7TnV+6J1pHs4yUZaTh
  67. BvXamO5zWu9S/2DfLPDeij3rkKgGw3LrjNl64+vIDtqFkj+fQ+elCBLc6lcKo8N+
  68. vvgPfT/tLbQ2d3slHxwyWSEdjJwbNy8vnbrASi4A0/GvIilhjEeEYOL72GGgzCXk
  69. tDCjGAECgYEA2zwRGlpPkM+xpbmUM7nRAGBDWfc34lTkm+OfWr5JjsrUycse/MrH
  70. KHigpjnKwSmsKBNQTjBCltb4pgAYf0fnqLYOyXxLFzPW+tOpFdIMHIkArQGmlqoE
  71. peSzW80akprulkbRVhwx7sweTDZC27/K/UioX3dL7uv55bg05MyLIbMCgYEAuDPZ
  72. bdHoYM+aJqx8KWPyZckynV93TOOSAH4sy9j+lCA7goHNJ/Nsi+hAgdeULa+kg/W/
  73. eJMrCeF2RpMArOksqu1IdBpxUKziF5BHa/NEezAjPNwrPiAzcoYnuFeasw6tRyvm
  74. Qt87l+17ILyA+n0glOdfkCdgrzyylUNIImINvtECgYBGz/5VdloWSxWE/BnAVXap
  75. adDsgGHIP54niEEIHmUPebLQjtzjC8VY+W6tIrrL/pvKqJfOu1ZzWdpsnlvcFze5
  76. akgD0e/3WJbly4kN+9aXy6BpkkNyqpZihehRUPr0ZZn7vnt8wQv52AFDcXs47wIM
  77. Tm3KMWhmrHia/s56z3IeMQKBgQCXB1/wARdfGtU2+4dtKhLcBID/fhEcx/45Ed61
  78. 1lKHzwoOXOJidY3h06aR/vaT6Mlb5tp5+PqhSbToSNu0AKxtPqgmQ6yNWsbGoEGG
  79. XbCbdCfG+Nds9VCupMM/eCICBfuHT8CiBuIx1eiuhUBjXOLML2wdjr/GHFNdhYBY
  80. Nox05QKBgQCx/uBWTPcjpiTp+/DuOGeynaA9ytRkyoHblMudkA4v6+vGAivKyoYY
  81. oeqvnpUprifnrGRwth7Id22jzjh7llBKRMPLmvAvbuKFu+fGpSse7EAs9Szww38t
  82. N+tqZoWdug/jHIv94TksDEIkPgld2cdiRN16/RnwNxREAmIsbmRxNg==
  83. -----END RSA PRIVATE KEY-----`
  84. 	publicKeyStr := `-----BEGIN PUBLIC KEY-----
  85. MIIBITANBgkqhkiG9w0BAQEFAAOCAQ4AMIIBCQKCAQEAo5txO3i+g82v3gZ/RfLZ
  86. D0b+xT3jF4aikmz8/vs5CnqIL0wJrCz1O2XUAsyLDhX9P+MjjipWVdo8f1C6lGWs
  87. o80dJovGffocO6Gcgb8Dnj7inRbMmEQdygzBxLO4tI37Ld2/z7xuIHxDaWXEe9cT
  88. PYgsN6rHFDw97eoqecErHkUbbSygcmymBCK/7kpmsdnlqwSwKCGCyN8VOoP+z3kW
  89. YYuNbOVfJ62o4EzBYWe+QCChkwfCDMYaoZpzmOWTLsEdjbCCZIDznG+cVH0WrCX+
  90. tz1ArXheSZ75vlKLTYIFjpHNIZ+HEQs33DJbcDG60vFYZzpS/lvHi6bovVQlNsLx
  91. wIDAQAB
  92. -----END PUBLIC KEY-----`
  93. 	
  94. 	signature, err := signRS(message, privateKeyStr)
  95. 	if err != nil {
  96. 		panic(err)
  97. 	}
  98. 	fmt.Println("Signature:", signature)
  99. 	
  100. 	valid := verifyRS(message, signature, publicKeyStr)
  101. 	fmt.Println("Valid:", valid)
  102. }

在上面的代码中,我们使用crypto/rsa包生成了一个数字签名,并使用公钥验证签名是否有效。

  1. ES(ECDSA)签名与验证

对于ES签名算法,我们可以使用crypto/ecdsa包生成数字签名,并使用公钥验证签名。下面是示例代码:

”` package main

import (

  1. "crypto/ecdsa"
  2. "crypto/elliptic"
  3. "crypto/rand"
  4. "encoding/base64"
  5. "encoding/pem"
  6. "fmt"

)

func signES(message string, privateKeyStr string) (string, error) {

  1. block, _ := pem.Decode([]byte(privateKeyStr))
  2. if block == nil || block.Type != "EC PRIVATE KEY" {
  3.     return "", fmt.Errorf("invalid private key")
  4. }
  6. privateKey,err:=x509.ParseECPrivateKey(block.Bytes)
  7. if err!=nil{
  8.     return "",err
  9. }
  11. hashed := sha256.Sum256([]byte(message))
  12. r,s,err:=ecdsa.Sign(rand.Reader,privateKey,hashed[:])
  13. if err!=nil{
  14.     return "",err
  15. }
  17. signature:=append(r.Bytes(),s.Bytes()...)
  18. return base64.StdEncoding.EncodeToString(signature), nil

}

func verifyES(message string, signature string, publicKeyStr string) bool {

  1. publicBlock,_:=pem.Decode([]byte(publicKeyStr))
  2. if publicBlock==nil||publicBlock.Type!="EC PUBLIC KEY"{
  3.     return false
  4. }
  6. publicInterface,err:=x509.ParsePKIXPublicKey(publicBlock.Bytes)
  7. if err!=nil{
  8.     return false
  9. }
  11. publicKey,_:=publicInterface.(*ecdsa.PublicKey)
  13. sigBytes,err:=base64.StdEncoding.DecodeString(signature)
  14. if err!=nil{
  15.     return false
  16. }
  18. rBytes:=sigBytes[0:32]
  19. sBytes:=sigBytes[32:]
  20. var r,s big.Int
  22. r.SetBytes(rBytes)
  23. s.SetBytes(sBytes)
  24. hashed := sha256.Sum256([]byte(message))
  25. return ecdsa.Verify(publicKey,&hashed,&r,&s)

}

func main() {

  1. message := "Hello World!"
  2. privateKeyStr := `-----BEGIN EC PRIVATE KEY-----

MHcCAQEEIJ5Mn8mW7z00bFRUqC2Sd8qwu9w0Y1xLJXyT6fIu1LmnoAoGCCqGSM49 AwEHoUQDQgAEZs+KRpHQzMT3kHYZOJ4+5AkGrPjP79xjBgzVnln0F12EeNvI76sA kP/NUo0mZiVL5wFcaS5HAt9tI6+aqk8f+w== —–END EC PRIVATE KEY—–`

  1. publicKeyStr := `-----BEGIN EC PUBLIC KEY-----

MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEZs+KRpHQzMT3kHYZOJ4+5AkGrPj7 9xjBgzVnln0F12EeNvI76sAkP/NUo0mZiVL5wFcaS5H

本站部分文章来源于网络,版权归原作者所有,如有侵权请联系站长删除。
转载请注明出处:https://golang.0voice.com/?id=6561

golang云原生 golang云原生 管理员
分享:
扫描分享到社交APP
上一篇
下一篇

相关推荐

发表列表
游客 游客
此处应有掌声~
评论列表

还没有评论,快来说点什么吧~

golang云原生

golang云原生

  • 22851文章
  • 0评论
  • 2粉丝
  • 0被赞
最近发布
热门排行
热评文章
猜您喜欢
热门标签
Copyright ©2022    湖南零声信息科技有限公司    版权所有     湘ICP备18009867号-1          证照中心 

联系我们

在线咨询: 点击这里给我发消息

微信号:3007537140

上班时间: 10:30-22:30

关注我们
x

注册

已经有帐号?
简单注册快人一步