使用Go生成SHA256withDSA签名,然后使用Java进行验证。

huangapple go评论188阅读模式
英文:

generate a SHA256withDSA signature using Go and then verify it using Java

问题

  1. 使用Go对原始数据进行SHA256哈希,然后进行DSA签名。
  2. 以十六进制打印签名结果。
  3. 使用Java的SHA256withDSA验证第一步的结果,返回false。
  4. 我知道SHA256和DSA是不同的,SHA256withDSA是另一种算法。
  5. 在Go中,如何生成一个可以使用Java的SHA256withDSA验证的签名?
  6. Go是否有其他第三方库支持?

请注意,我只会返回翻译好的部分,不会回答关于翻译的问题。

英文:
  1. Go sha256 orign data then DSA sign it
  2. print sign result by hex
  3. use Java SHA256withDSA to verify first step result return false
  4. i konw sha256 then DSA is difference SHA256withDSA
  5. how can i do in Go to generate a sign, that can be verified using sha256withdsa in Java ?
  6. do Go has any another third party library support ?

Go

  1. package main
  2. import (
  3. "crypto/dsa"
  4. "crypto/rand"
  5. "crypto/sha256"
  6. "encoding/asn1"
  7. "encoding/hex"
  8. "fmt"
  9. "golang.org/x/crypto/ssh"
  10. "math/big"
  11. )
  12. func main() {
  13. pemData := []byte("-----BEGIN DSA PRIVATE KEY-----\n" +
  14. "MIIBvAIBAAKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR\n" +
  15. "+1k9jVj6v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb\n" +
  16. "+DtX58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdg\n" +
  17. "UI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlX\n" +
  18. "TAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCj\n" +
  19. "rh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQB\n" +
  20. "TDv+z0kqAoGBAIb9o0KPsjAdzjK571e1Mx7ZhEyJGrcxHiN2sW8IztEbqrKKiMxp\n" +
  21. "NlTwm234uBdtzVHE3uDWZpfHPMIRmwBjCYDFRowWWVRdhdFXZlpCyp1gMWqJ11dh\n" +
  22. "3FI3+O43DevRSyyuLRVCNQ1J3iVgwY5ndRpZU7n6y8DPH4/4EBT7KvnVAhR4Vwun\n" +
  23. "Fhu/+4AGaVeMEa814I3dqg==\n" +
  24. "-----END DSA PRIVATE KEY-----")
  25. p, _ := ssh.ParseRawPrivateKey(pemData)
  26. pp := p.(*dsa.PrivateKey)
  27. hashed := []byte{1}
  28. sha256 := sha256.New()
  29. sha256.Write(hashed)
  30. hashed = sha256.Sum(nil)
  31. r, s, _ := dsa.Sign(rand.Reader, pp, hashed)
  32. type dsaSignature struct {
  33. R, S *big.Int
  34. }
  35. var ss dsaSignature
  36. ss.S = s
  37. ss.R = r
  38. signatureBytes, _ := asn1.Marshal(ss)
  39. fmt.Println(hex.EncodeToString(signatureBytes))
  40. }

Java

  1. @Test
  2. public void ttt() throws InvalidKeySpecException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
  3. String pubKey = "-----BEGIN PUBLIC KEY-----\n" +
  4. "MIIBuDCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9E\n" +
  5. "AMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f\n" +
  6. "6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv\n" +
  7. "8iIDGZ3RSAHHAhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtc\n" +
  8. "NrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwky\n" +
  9. "jMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/h\n" +
  10. "WuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYUAAoGBAIb9o0KPsjAdzjK571e1Mx7ZhEyJ\n" +
  11. "GrcxHiN2sW8IztEbqrKKiMxpNlTwm234uBdtzVHE3uDWZpfHPMIRmwBjCYDFRowW\n" +
  12. "WVRdhdFXZlpCyp1gMWqJ11dh3FI3+O43DevRSyyuLRVCNQ1J3iVgwY5ndRpZU7n6\n" +
  13. "y8DPH4/4EBT7KvnV\n" +
  14. "-----END PUBLIC KEY-----";
  15. String publicKeyPEM = pubKey
  16. .replace("-----BEGIN PUBLIC KEY-----\n", "")
  17. .replaceAll(System.lineSeparator(), "")
  18. .replace("-----END PUBLIC KEY-----", "");
  19. byte[] publicEncoded = Base64.decodeBase64(publicKeyPEM);
  20. KeyFactory keyFactory1 = KeyFactory.getInstance("DSA");
  21. X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(publicEncoded);
  22. DSAPublicKey pubKeyy = (DSAPublicKey) keyFactory1.generatePublic(publicKeySpec);
  23. Signature sig1 = Signature.getInstance("SHA256withDSA");
  24. sig1.initVerify(pubKeyy);
  25. byte[] orignData = new byte[]{1};
  26. sig1.update(orignData);
  27. boolean flag = sig1.verify(HexUtil.decodeHex("first step result"));
  28. System.out.println(flag);
  29. }

答案1

得分: 1

按照您的要求,以下是翻译好的代码部分:

  1. 遵循 FIPS186-4 的第4.64.7使用golang实现以下代码
  2. hashed := []byte{1}
  3. pemData, _ := ioutil.ReadFile("config/secure/private.key")
  4. p, err := ssh.ParseRawPrivateKey(pemData)
  5. pp, ok := p.(*dsa.PrivateKey)
  6. h := sha256.New()
  7. h.Write(hashed)
  8. hashed := h.Sum(nil)
  9. if pp.Q.BitLen()/8 < len(hashed) {
  10. hashed = hashed[0 : pp.Q.BitLen()/8]
  11. }
  12. r, s, _ := dsa.Sign(rand.Reader, pp, hashed)
  13. var ss dsaSignature
  14. ss.S = s
  15. ss.R = r
  16. hashed, _ = asn1.Marshal(ss)

请注意,我已经将代码中的&quot;替换为双引号",以便代码能够正确运行。

英文:

follow FIPS186-4 sections 4.6 and 4.7 golang should this

  1. hashed := []byte{1}
  2. pemData, _ := ioutil.ReadFile(&quot;config/secure/private.key&quot;)
  3. p, err := ssh.ParseRawPrivateKey(pemData)
  4. pp, ok := p.(*dsa.PrivateKey)
  5. h := sha256.New()
  6. h.Write(hashed)
  7. hashed := h.Sum(nil)
  8. if pp.Q.BitLen()/8 &lt; len(hashed) {
  9. hashed = hashed[0 : pp.Q.BitLen()/8]
  10. }
  11. r, s, _ := dsa.Sign(rand.Reader, pp, hashed)
  12. var ss dsaSignature
  13. ss.S = s
  14. ss.R = r
  15. hashed, _ = asn1.Marshal(ss)

答案2

得分: 0

我在Java中找到了以下代码:

  1. package sun.security.provider;
  2. private BigInteger generateS(BigInteger var1, BigInteger var2, BigInteger var3, BigInteger var4) throws SignatureException {
  3. byte[] var5;
  4. try {
  5. var5 = this.md.digest();
  6. } catch (RuntimeException var9) {
  7. throw new SignatureException(var9.getMessage());
  8. }
  9. // 这一行将哈希结果分割为256位
  10. int var6 = var2.bitLength() / 8;
  11. if (var6 < var5.length) {
  12. var5 = Arrays.copyOfRange(var5, 0, var6);
  13. }
  14. BigInteger var7 = new BigInteger(1, var5);
  15. BigInteger var8 = var4.modInverse(var2);
  16. return var1.multiply(var3).add(var7).multiply(var8).mod(var2);
  17. }

你可以在Go中使用以下代码:

  1. hashed := []byte{1}
  2. sha256 := sha2562.New()
  3. sha256.Write(hashed)
  4. hashed = sha256.Sum(nil)
  5. // 你必须将其分割
  6. hashed = hashed[0:20]

原因是在Java中,SHA256结果被分割了,但在Go中没有被分割。

英文:

i found in java

  1. package sun.security.provider;
  2. private BigInteger generateS(BigInteger var1, BigInteger var2, BigInteger var3, BigInteger var4) throws SignatureException {
  3. byte[] var5;
  4. try {
  5. var5 = this.md.digest();
  6. } catch (RuntimeException var9) {
  7. throw new SignatureException(var9.getMessage());
  8. }
  9. // this line split the hash256 redsult
  10. int var6 = var2.bitLength() / 8;
  11. if (var6 &lt; var5.length) {
  12. var5 = Arrays.copyOfRange(var5, 0, var6);
  13. }
  14. BigInteger var7 = new BigInteger(1, var5);
  15. BigInteger var8 = var4.modInverse(var2);
  16. return var1.multiply(var3).add(var7).multiply(var8).mod(var2);
  17. }

you can use in golang

  1. hashed := []byte{1}
  2. sha256 := sha2562.New()
  3. sha256.Write(hashed)
  4. hashed = sha256.Sum(nil)
  5. // you must split it
  6. hashed = hashed[0:20]

the reason is sha256 result split in java , but glang not split

huangapple
  • 本文由 发表于 2021年9月2日 10:06:02
  • 转载请务必保留本文链接:https://go.coder-hub.com/69023253.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定