美文网首页
Golang Java RSA SHA1withRSA 加签、验

Golang Java RSA SHA1withRSA 加签、验

作者: 承诺一时的华丽 | 来源:发表于2022-01-10 18:03 被阅读0次

Golang


func Sign(content, prvKey []byte) (sign string, err error) {
    block, _ := pem.Decode(prvKey)
    if block == nil {
        fmt.Println("pem.Decode err")
        return
    }
    var private interface{}
    private, err = x509.ParsePKCS8PrivateKey(block.Bytes)
    if err != nil {
        return
    }
    privateKey := private.(*rsa.PrivateKey)
    h := crypto.Hash.New(crypto.SHA1)
    h.Write([]byte(content))
    hashed := h.Sum(nil)

    signature, err := rsa.SignPKCS1v15(rand.Reader, privateKey,
        crypto.SHA1, hashed)
    if err != nil {
        return
    }
    sign = base64.StdEncoding.EncodeToString(signature)
    return
}

func RSAVerify(origdata, ciphertext string, publicKey []byte) (bool, error) {
    block, _ := pem.Decode(publicKey)
    if block == nil {
        return false, errors.New("public key error")
    }
    pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
    if err != nil {
        return false, err
    }
    pub := pubInterface.(*rsa.PublicKey)
    h := crypto.Hash.New(crypto.SHA1)
    h.Write([]byte(origdata))
    digest := h.Sum(nil)
    body, err := base64.StdEncoding.DecodeString(ciphertext)
    if err != nil {
        return false, err
    }
    err = rsa.VerifyPKCS1v15(pub, crypto.SHA1, digest, body)
    if err != nil {
        return false, err
    }
    return true, nil
}

func TestSign3(t *testing.T) {
    pubKey := "-----BEGIN PUBLIC KEY-----\n{公钥内容}\n-----END PUBLIC KEY-----"
    prvKey := "-----BEGIN RSA PRIVATE KEY-----\n{公钥内容}\n-----END RSA PRIVATE KEY-----"
    content := "模型训练需要花多长时间"
 
    sign, err := Sign([]byte(content), []byte(prvKey))
    if err != nil {
        t.Fatal(err)
        return
    }
    t.Log("sign签名结果:", sign)

    res, err := RSAVerify(content, sign, []byte(pubKey))
    if err != nil {
        t.Fatal(err)
        return
    }
    t.Log("验签结果:", res)

}
  • Test
=== RUN   TestSign
main_test.go:476: sign签名结果: E28UPJoYXDkZhmsIXRau+NI9bk8OsXH85y+IX2LhdQWLpVzHnM2loj179tBNWwElH8bYJPhZE0rJ/5P9tfRozgtCOmkReLkHu/dGbCv3z+6AfnuH/xDqQXgbiO1ZquJFZXUn88ndsO5RgfBUqXCPaovw2k0Fsuv1EtPr6WFcUGk=
main_test.go:483: 验签结果: true
--- PASS: TestSign (0.00s)

PKCS相互转换

    prvKey = "-----BEGIN RSA PRIVATE KEY-----\nMIICdwIBADANBgkqhkiG9w0........KwWPPXMiYR8=\n-----END RSA PRIVATE KEY-----"
    block, _ := pem.Decode([]byte(prvKey))
    if block == nil {
        fmt.Println("pem.Decode err")
        return
    }
    var private interface{}
    private, err = x509.ParsePKCS8PrivateKey(block.Bytes)
    if err != nil {
        return
    }
    privateKey := private.(*rsa.PrivateKey)
    pkcs1 := x509.MarshalPKCS1PrivateKey(privateKey)
    t.Log("pkcs8 转 pkcs1:", base64.StdEncoding.EncodeToString(pkcs1))

    prvKey = fmt.Sprintf("-----BEGIN RSA PRIVATE KEY-----\n%s\n-----END RSA PRIVATE KEY-----", pkcs1)
    pkcs8 := x509.MarshalPKCS1PrivateKey(privateKey)
    t.Log("pkcs1 转 pkcs8:", base64.StdEncoding.EncodeToString(pkcs8))

Java

    private static final String PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQ......cZ78GF0Nhi2detQIDAQAB";
    private static final String PRIVATE_KEY = "MIICdQIBA......vEG6kp7M716oqd08+e1";

    public static void main(String[] args) throws Exception {
        String content = "模型训练需要花多长时间";
        String sign = sign(content, PRIVATE_KEY, "UTF-8");
        boolean trueRsult = signVerify(content, sign, PUBLIC_KEY, "UTF-8");
        System.out.println("待签名字符:" + content);
        System.out.println(sign);
        System.out.println(trueRsult);
    }

    private static String sign(String content, String privateKey, String charset) throws Exception  {
        try {
            PrivateKey priKey = getPrivateKeyFromPKCS8(ChsiConstants.SIGN_TYPE_RSA,
                    new ByteArrayInputStream(privateKey.getBytes()));

            java.security.Signature signature = java.security.Signature
                    .getInstance(ChsiConstants.SIGN_ALGORITHMS);
            signature.initSign(priKey);
            if (StringUtils.isEmpty(charset)) {
                signature.update(content.getBytes());
            } else {
                signature.update(content.getBytes(charset));
            }

            byte[] signed = signature.sign();

            return new String(Base64.encodeBase64(signed));
        } catch (InvalidKeySpecException ie) {
            throw new DataApiException("RSA私钥格式不正确,请检查是否正确配置了PKCS8格式的私钥", ie);
        } catch (Exception e) {
            throw new Exception("content= " + content + "; charset = " + charset, e);
        }
    }

    private static boolean signVerify(String content, String sign, String publicKey, String charset) throws Exception  {
        try {
            PublicKey pubKey = getPublicKeyFromX509("RSA", new ByteArrayInputStream(publicKey.getBytes()));
            java.security.Signature signature = java.security.Signature.getInstance(ChsiConstants.SIGN_ALGORITHMS);
            signature.initVerify(pubKey);
            if (StringUtils.isEmpty(charset)) {
                signature.update(content.getBytes());
            } else {
                signature.update(content.getBytes(charset));
            }
            return signature.verify(Base64.decodeBase64(sign.getBytes()));
        } catch (Exception e) {
            throw new Exception("content= " + content + ",sign=" + sign + ",charset = " + charset, e);        
        }
    }
  • Test
sign结果:E28UPJoYXDkZhmsIXRau+NI9bk8OsXH85y+IX2LhdQWLpVzHnM2loj179tBNWwElH8bYJPhZE0rJ/5P9tfRozgtCOmkReLkHu/dGbCv3z+6AfnuH/xDqQXgbiO1ZquJFZXUn88ndsO5RgfBUqXCPaovw2k0Fsuv1EtPr6WFcUGk=
验签结果:true
Process finished with exit code 0

相关文章

网友评论

      本文标题:Golang Java RSA SHA1withRSA 加签、验

      本文链接:https://www.haomeiwen.com/subject/lwzmcrtx.html