如何在GoLang中使用PKCS1填充获取SHA256 RSA?

huangapple go评论111阅读模式
英文:

How get SHA256 RSA with padding PKCS1 in GoLang?

问题

  • 签名:对于发送给提供方的每个请求,请求字段的信息必须转换为JsonString,并使用提供方拥有的PrivateKey文件进行加密后发送。
  • 使用RSA算法,需要创建长度为2048的密钥。
  • 私钥保留在公司手中,公钥文件发送给提供方。密钥的长度为2048位。
  • 在创建签名时,将哈希算法设置为SHA256,填充方式设置为Pkcs1。
  • 在收到请求后进行付款,使用付款方的公钥对请求字符串进行验证签名。
  • 签名字段的值是请求字段的字符串化数据值。
  • 提供方指的是使用我们服务的组织。

以下是C#示例代码:

public string Sign(string content) {
    using(var rsa = new RSACryptoServiceProvider(2048)) {
        var rsaParameters = Common.Extensions.LoadFromXmlFile(@"D:\Projects\iva-toll-service\Key\perivate.xml");
        rsa.ImportParameters(rsaParameters);
        var dataBytes = Encoding.UTF8.GetBytes(content);
        var signBytes = rsa.SignData(dataBytes, HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);
        var response = Convert.ToBase64String(signBytes);
        return response;
    }
}
英文:
  • Sign: For every request sent to the provider side, the
    information of the Request field must be JsonString should be
    converted and sent encrypted with the PrivateKey file at the disposal
    of the Provider.
  • Using RSA algorithm, it is necessary to create keys with a length
    of 2048.
  • Private Key remains in the possession of the company and the Public
    Key file is sent to provider. The length of the key is 2048 bits.
  • When creating the Sign, set the hash algorithm to SHA256 and Padding to Pkcs1.
  • The payment after receiving the request, the request string is received by the public key of the payer and signed Verify.
  • The value of the sign field is the Stringed data values ​​of the
    Request field.
  • Provider means the organization that uses our services.

example code in c#
<!-- begin snippet: js hide: false console: true babel: false -->

<!-- language: lang-js -->

public string Sign(string content) {
    using(var rsa = new RSACryptoServiceProvider(2048)) {
      var rsaParameters =
        Common.Extensions.LoadFromXmlFile(@ &quot;D:\Projects\iva-toll-
          service\ Key\ perivate.xml &quot;);
          rsa.ImportParameters(rsaParameters);
          var dataBytes = Encoding.UTF8.GetBytes(content);
          var signBytes = rsa.SignData(dataBytes, HashAlgorithmName.SHA256,
            RSASignaturePadding.Pkcs1);
          var response = Convert.ToBase64String(signBytes);
          return response;
        }
    }

<!-- end snippet -->

答案1

得分: 2

我找到了答案:

package main

import (
	"crypto"
	"crypto/rand"
	"crypto/rsa"
	"crypto/sha256"
	"crypto/x509"
	"encoding/base64"
	"encoding/pem"
	"fmt"
	"io/ioutil"
)

func main() {
	privateKey, publicKey := getKeys()
	requestHashSum := getRequestHashSum()

	signature := sign(privateKey, requestHashSum)
	fmt.Println(base64.StdEncoding.EncodeToString(signature))

	verify(publicKey, requestHashSum, signature)
	fmt.Println("The data was verified")
}

func getKeys() (*rsa.PrivateKey, *rsa.PublicKey) {
	privateKeyPem, err := ioutil.ReadFile("privateKey.pem")
	if err != nil {
		panic(err)
	}
	block, _ := pem.Decode(privateKeyPem)
	privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
	if err != nil {
		panic(err)
	}
	return privateKey, &privateKey.PublicKey
}

func getRequestHashSum() []byte {
	var data = []byte("text for sign")
	msgHash := sha256.New()
	_, err := msgHash.Write(data)
	if err != nil {
		panic(err)
	}
	return msgHash.Sum(nil)
}

func sign(privateKey *rsa.PrivateKey, requestHashSum []byte) []byte {
	sign, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, requestHashSum)
	if err != nil {
		panic(err)
	}
	return sign
}

func verify(publicKey *rsa.PublicKey, requestHashSum, signature []byte) {
	err := rsa.VerifyPKCS1v15(publicKey, crypto.SHA256, requestHashSum, signature)
	if err != nil {
		panic(err)
	}
}

这是一个使用RSA算法进行数字签名的Go语言代码示例。它包括生成密钥对、计算消息哈希值、签名和验证签名的功能。你可以根据自己的需求进行修改和使用。

英文:

I found answer

<!-- begin snippet: js hide: false console: true babel: false -->

<!-- language: lang-js -->

package main
import (
&quot;crypto&quot;
&quot;crypto/rand&quot;
&quot;crypto/rsa&quot;
&quot;crypto/sha256&quot;
&quot;crypto/x509&quot;
&quot;encoding/base64&quot;
&quot;encoding/pem&quot;
&quot;fmt&quot;
&quot;io/ioutil&quot;
)
func main() {
privateKey, publicKey := getKeys()
requestHashSum := getRequestHashSum()
signature := sign(privateKey, requestHashSum)
fmt.Println(base64.StdEncoding.EncodeToString(signature))
verify(publicKey, requestHashSum, signature)
fmt.Println(&quot;The data was verified&quot;)
}
func getKeys() (*rsa.PrivateKey, *rsa.PublicKey) {
privateKeyPem, err := ioutil.ReadFile(&quot;privateKey.pem&quot;)
if err != nil {
panic(err)
}
block, _ := pem.Decode(privateKeyPem)
privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
if err != nil {
panic(err)
}
return privateKey, &amp;privateKey.PublicKey
}
func getRequestHashSum() []byte {
var data = []byte(&quot;text for sign&quot;)
msgHash := sha256.New()
_, err := msgHash.Write(data)
if err != nil {
panic(err)
}
return msgHash.Sum(nil)
}
func sign(privateKey *rsa.PrivateKey, requestHashSum []byte) []byte {
sign, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, requestHashSum)
if err != nil {
panic(err)
}
return sign
}
func verify(publicKey *rsa.PublicKey, requestHashSum, signature []byte) {
err := rsa.VerifyPKCS1v15(publicKey, crypto.SHA256, requestHashSum, signature)
if err != nil {
panic(err)
}
}

<!-- end snippet -->

huangapple
  • 本文由 发表于 2022年9月26日 20:58:08
  • 转载请务必保留本文链接:https://go.coder-hub.com/73854520.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定