golang数字签名 

 1 package main
 2 
 3 import (
 4     "crypto"
 5     "crypto/rand"
 6     "crypto/rsa"
 7     "crypto/sha256"
 8     "crypto/x509"
 9     "encoding/base64"
10     "encoding/pem"
11     "fmt"
12 )
13 
14 //openssl genrsa -out rsa_private_key.pem 1024
15 var privateKey = []byte(`-----BEGIN RSA PRIVATE KEY-----
16 MIICXAIBAAKBgQDbzwsz/q1DSjGk+K5kJdFwqVxhwvO+Mlu7uwdUP0mK/nh5I5O6
17 01bovvHS9hauujlFxbvP/ekREnuyHYOiUe5Lf5m7zqd0cWmLu88gnphQf0aDvYpJ
18 +/iVo4RqjC8A/fJvvdnYJfY9C+rRggy4DUlX+xyUC2VE1J+lQ1DOYy9uvwIDAQAB
19 AoGBANuk+LzsMJac/R6soRbR84dwtS+7b3UPPTtKmPhGhWavAhOKyYRWyvGoXF1C
20 K0hOLgzameItB0hX/+LsOy1oUYSl0egk91dpn6AnStASz8BPNAWr44RPIiaQSDmu
21 +BiQNOLkAvh56hEIrnBch6u1QTBlHaaD/E8LCiBcKTaqiR6BAkEA75e6nnH/giXB
22 vULzPLpIj4pmgXAE0EJ11zukb4oFjRMUvuBTgEUNK6Pq/iNMNZZIf9AuPVjXwu5y
23 OPteVcEJUwJBAOrcfDBmAaivhGqVd8IwRDwWGTtw9ToSW2UGn75BgUGpDbeWRYz6
24 ApUJUe0VG8vD7P6G9SdKVaXz1CJAWUVpG2UCQGiGKh0boJt3u1jFD3aL0kIE4AlS
25 BFeS1vQKCge7EAbmryNCnEsWVNOYFFnArmumX4SbHsEWtDJPcjdXumTw7Q8CQGA/
26 371N8Jwa4h90BdJVSYF+ZPTRRA56e24Zmtmzqq8oAvEb6oDt7KT7XtHUdsG5F6Tv
27 1gQ2GIecN3GaAXvKqWkCQCEn3r0gQQza4NvKX2vp8huK8v8nE32e4vkcZLeJJxC1
28 3xV2R8U5YufBdbhQdGzVYnoVAkh/ZvTkFr/vCAl11Bo=
29 -----END RSA PRIVATE KEY-----
30 `)
31 
32 //openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
33 var publicKey = []byte(`-----BEGIN PUBLIC KEY-----
34 MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbzwsz/q1DSjGk+K5kJdFwqVxh
35 wvO+Mlu7uwdUP0mK/nh5I5O601bovvHS9hauujlFxbvP/ekREnuyHYOiUe5Lf5m7
36 zqd0cWmLu88gnphQf0aDvYpJ+/iVo4RqjC8A/fJvvdnYJfY9C+rRggy4DUlX+xyU
37 C2VE1J+lQ1DOYy9uvwIDAQAB
38 -----END PUBLIC KEY-----
39 `)
40 
41 func SignatureRSA(privateKey []byte, sourceData []byte) (string, error) {
42     //解析
43     block, _ := pem.Decode(privateKey)
44     priKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
45     if err != nil {
46         return "", err
47     }
48     //哈希加密
49     myHash := sha256.New()
50     myHash.Write(sourceData)
51     hashRes := myHash.Sum(nil)
52     //对哈希结果进行签名
53     res, err := rsa.SignPKCS1v15(rand.Reader, priKey, crypto.SHA256, hashRes)
54     if err != nil {
55         return "", err
56     }
57 
58     return base64.URLEncoding.EncodeToString(res), nil
59 }
60 
61 func VerifyRSA(publicKey []byte, sourceData []byte, signedData string) error {
62 
63     ciphertext, _ := base64.URLEncoding.DecodeString(signedData)
64     //pem解密
65     block, _ := pem.Decode(publicKey)
66     publicInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
67     if err != nil {
68         return err
69     }
70     pubKey := publicInterface.(*rsa.PublicKey)
71     //元数据哈希加密
72     mySha := sha256.New()
73     mySha.Write(sourceData)
74     res := mySha.Sum(nil)
75 
76     //校验签名
77     err = rsa.VerifyPKCS1v15(pubKey, crypto.SHA256, res, ciphertext)
78     if err != nil {
79         return err
80     }
81     return nil
82 }
83 
84 func main() {
85     sourceData := []byte("123456")
86     signData, err := SignatureRSA(privateKey, sourceData)
87     if err != nil {
88         fmt.Println("加密出错:", err)
89         return
90     }
91     fmt.Println("加密正确:", signData)
92 
93     err = VerifyRSA(publicKey, sourceData, signData)
94     if err != nil {
95         fmt.Println("校验出错:", err)
96         return
97     }
98     fmt.Println("校验正确:")
99 }

publicKey和privateKey的内容是在linux下分别执行

openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
openssl genrsa -out rsa_private_key.pem 1024
posted @ 2018-11-16 15:35  追逐~~~  阅读(861)  评论(0编辑  收藏  举报