内容简介:golang实现摘要签名和验证的过程:两个步骤:下面是代码原文:
golang实现摘要签名和验证的过程:
两个步骤:
- 利用私钥对一个摘要进行签名。
$ ./test -command sign -key ./privatekey.pem -text "12345" MEUCIE7DsGmTHJ3VGZec2UF9hRX7jq9Yd7F2kS7kEL132js8AiEA/ZlyIpo86Rn3waR8m2c4BtQPu8cNjYAnroibK+ujslY=
- 利用公钥验证签名是否有效。
$ ./test -command verify -cert ./publickey.pem -text "12345" -sign "MEQCIFuvcVHlztAN7YVehgCDYzVSo1Q10iTKeJE5ydxzfih5AiAC2ETt/8XuE1VHaGkLsiJkRSueh65Leq2VKkmFKxB/sQ==" Successed to verify Signature and nonce
下面是代码原文:
package main
import (
"fmt"
"flag"
"io/ioutil"
"math/big"
"crypto/ecdsa"
"crypto/rand"
"crypto/sha256"
"crypto/x509"
"encoding/asn1"
"encoding/base64"
"encoding/pem"
)
type ECDSASignature struct {
R, S *big.Int
}
var (
command string
certfile string
keyfile string
text string
sign string
)
func main() {
flag.StringVar(&command, "command", "", "Command: sign/verify")
flag.StringVar(&keyfile, "key", "", "Private key file")
flag.StringVar(&certfile, "cert", "", "Public key file")
flag.StringVar(&text, "text", "", "Text content to be signed")
flag.StringVar(&sign, "sign", "", "Signed content to be verifed")
flag.Parse()
switch command {
case "sign":
if keyfile == "" || text == "" {
fmt.Printf("ERROR: either key file or text is empty\n")
return
}
Sign(keyfile, text)
case "verify":
if certfile == "" || text == "" || sign == "" {
fmt.Printf("ERROR: either key file or text or sign is empty\n")
return
}
Verify(certfile, text, sign)
default:
fmt.Printf("ERROR: unknown command\n")
return
}
}
func Sign(keyFile, text string) {
keyBuff, err := ioutil.ReadFile(keyFile)
if err != nil {
fmt.Printf("ERROR: failed to read keystore file: %s, error: %v\n", keyFile, err)
return
}
block, _ := pem.Decode(keyBuff)
if block == nil {
fmt.Printf("ERROR: block of decoded private key is nil\n")
return
}
privKey, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
fmt.Printf("ERROR: failed get ECDSA private key, %v\n", err)
return
}
ecPrivKey := privKey.(*ecdsa.PrivateKey)
hash := sha256.Sum256([]byte(text))
r, s, err := ecdsa.Sign(rand.Reader, ecPrivKey, hash[:])
if err != nil {
fmt.Printf("ERROR: failed to get signature, %v\n", err)
return
}
// asn1 output DER format
signature, err := asn1.Marshal(ECDSASignature{
R: r,
S: s,
})
if err != nil {
fmt.Printf("ERROR: asn1.Marshal ECDSA signature: %v\n", err)
return
}
fmt.Printf("%s\n", base64.StdEncoding.EncodeToString(signature))
}
func Verify(certFile, text string, sign string) {
certBuff, err := ioutil.ReadFile(certFile)
if err != nil {
fmt.Printf("ERROR: failed to read keystore file: %s, error: %s\n", certFile, err)
return
}
block, _ := pem.Decode(certBuff)
if block == nil {
fmt.Printf("ERROR: block of decoded private key is nil\n")
return
}
cert, err := x509.ParseCertificate(block.Bytes)
if err != nil {
fmt.Printf("ERROR: failed get ECDSA private key, error: %v\n", err)
return
}
arr := []byte(text)
h := sha256.New()
h.Write(arr)
hashed := h.Sum(nil)
signatureDec, _ := base64.StdEncoding.DecodeString(sign)
sig := new(ECDSASignature)
_, err = asn1.Unmarshal(signatureDec, sig)
if err != nil {
fmt.Printf("ERROR: failed unmashalling signature, error: %v", err)
return
}
pub, _ := cert.PublicKey.(*ecdsa.PublicKey)
if !ecdsa.Verify(pub, hashed[:], sig.R, sig.S) {
fmt.Printf("ERROR: Failed to verify Signature: %v\n", err)
return
}
fmt.Printf("Successed to verify Signature and nonce\n")
return
}
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持 码农网
猜你喜欢:
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
网站转换率优化之道
[美] Khalid Saleh、[美] Ayat Shukairy / 顾 毅 / 人民邮电出版社 / 2012-4 / 45.00元
内容简介: 怎样才能将访问者转化为顾客? 本书提供了一些切实可行的建议,比如如何说服访问者作出购买决定,如何避免用户因信息过量或导航繁琐而离开网站等。不论你是在设计或营销大型电子商务网站,还是在管理中小型在线业务,都可以从本书学会怎样使用市场营销原则、设计方法、可用性原则和分析数据来持续提升网站的转换率。 作者帮助过众多公司吸引在线顾客,有着丰富的实战经验,在书中细致讨论了从访问......一起来看看 《网站转换率优化之道》 这本书的介绍吧!
