Golang
func Sign(content, prvKey []byte) (sign string, err error) {
block, _ := pem.Decode(prvKey)
if block == nil {
fmt.Println("pem.Decode err")
return
}
var private interface{}
private, err = x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
return
}
privateKey := private.(*rsa.PrivateKey)
h := crypto.Hash.New(crypto.SHA1)
h.Write([]byte(content))
hashed := h.Sum(nil)
signature, err := rsa.SignPKCS1v15(rand.Reader, privateKey,
crypto.SHA1, hashed)
if err != nil {
return
}
sign = base64.StdEncoding.EncodeToString(signature)
return
}
func RSAVerify(origdata, ciphertext string, publicKey []byte) (bool, error) {
block, _ := pem.Decode(publicKey)
if block == nil {
return false, errors.New("public key error")
}
pubInterface, err := x509.ParsePKIXPublicKey(block.Bytes)
if err != nil {
return false, err
}
pub := pubInterface.(*rsa.PublicKey)
h := crypto.Hash.New(crypto.SHA1)
h.Write([]byte(origdata))
digest := h.Sum(nil)
body, err := base64.StdEncoding.DecodeString(ciphertext)
if err != nil {
return false, err
}
err = rsa.VerifyPKCS1v15(pub, crypto.SHA1, digest, body)
if err != nil {
return false, err
}
return true, nil
}
func TestSign3(t *testing.T) {
pubKey := "-----BEGIN PUBLIC KEY-----\n{公钥内容}\n-----END PUBLIC KEY-----"
prvKey := "-----BEGIN RSA PRIVATE KEY-----\n{公钥内容}\n-----END RSA PRIVATE KEY-----"
content := "模型训练需要花多长时间"
sign, err := Sign([]byte(content), []byte(prvKey))
if err != nil {
t.Fatal(err)
return
}
t.Log("sign签名结果:", sign)
res, err := RSAVerify(content, sign, []byte(pubKey))
if err != nil {
t.Fatal(err)
return
}
t.Log("验签结果:", res)
}
=== RUN TestSign
main_test.go:476: sign签名结果: E28UPJoYXDkZhmsIXRau+NI9bk8OsXH85y+IX2LhdQWLpVzHnM2loj179tBNWwElH8bYJPhZE0rJ/5P9tfRozgtCOmkReLkHu/dGbCv3z+6AfnuH/xDqQXgbiO1ZquJFZXUn88ndsO5RgfBUqXCPaovw2k0Fsuv1EtPr6WFcUGk=
main_test.go:483: 验签结果: true
--- PASS: TestSign (0.00s)
PKCS相互转换
prvKey = "-----BEGIN RSA PRIVATE KEY-----\nMIICdwIBADANBgkqhkiG9w0........KwWPPXMiYR8=\n-----END RSA PRIVATE KEY-----"
block, _ := pem.Decode([]byte(prvKey))
if block == nil {
fmt.Println("pem.Decode err")
return
}
var private interface{}
private, err = x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
return
}
privateKey := private.(*rsa.PrivateKey)
pkcs1 := x509.MarshalPKCS1PrivateKey(privateKey)
t.Log("pkcs8 转 pkcs1:", base64.StdEncoding.EncodeToString(pkcs1))
prvKey = fmt.Sprintf("-----BEGIN RSA PRIVATE KEY-----\n%s\n-----END RSA PRIVATE KEY-----", pkcs1)
pkcs8 := x509.MarshalPKCS1PrivateKey(privateKey)
t.Log("pkcs1 转 pkcs8:", base64.StdEncoding.EncodeToString(pkcs8))
Java
private static final String PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQ......cZ78GF0Nhi2detQIDAQAB";
private static final String PRIVATE_KEY = "MIICdQIBA......vEG6kp7M716oqd08+e1";
public static void main(String[] args) throws Exception {
String content = "模型训练需要花多长时间";
String sign = sign(content, PRIVATE_KEY, "UTF-8");
boolean trueRsult = signVerify(content, sign, PUBLIC_KEY, "UTF-8");
System.out.println("待签名字符:" + content);
System.out.println(sign);
System.out.println(trueRsult);
}
private static String sign(String content, String privateKey, String charset) throws Exception {
try {
PrivateKey priKey = getPrivateKeyFromPKCS8(ChsiConstants.SIGN_TYPE_RSA,
new ByteArrayInputStream(privateKey.getBytes()));
java.security.Signature signature = java.security.Signature
.getInstance(ChsiConstants.SIGN_ALGORITHMS);
signature.initSign(priKey);
if (StringUtils.isEmpty(charset)) {
signature.update(content.getBytes());
} else {
signature.update(content.getBytes(charset));
}
byte[] signed = signature.sign();
return new String(Base64.encodeBase64(signed));
} catch (InvalidKeySpecException ie) {
throw new DataApiException("RSA私钥格式不正确,请检查是否正确配置了PKCS8格式的私钥", ie);
} catch (Exception e) {
throw new Exception("content= " + content + "; charset = " + charset, e);
}
}
private static boolean signVerify(String content, String sign, String publicKey, String charset) throws Exception {
try {
PublicKey pubKey = getPublicKeyFromX509("RSA", new ByteArrayInputStream(publicKey.getBytes()));
java.security.Signature signature = java.security.Signature.getInstance(ChsiConstants.SIGN_ALGORITHMS);
signature.initVerify(pubKey);
if (StringUtils.isEmpty(charset)) {
signature.update(content.getBytes());
} else {
signature.update(content.getBytes(charset));
}
return signature.verify(Base64.decodeBase64(sign.getBytes()));
} catch (Exception e) {
throw new Exception("content= " + content + ",sign=" + sign + ",charset = " + charset, e);
}
}
sign结果:E28UPJoYXDkZhmsIXRau+NI9bk8OsXH85y+IX2LhdQWLpVzHnM2loj179tBNWwElH8bYJPhZE0rJ/5P9tfRozgtCOmkReLkHu/dGbCv3z+6AfnuH/xDqQXgbiO1ZquJFZXUn88ndsO5RgfBUqXCPaovw2k0Fsuv1EtPr6WFcUGk=
验签结果:true
Process finished with exit code 0
网友评论