sha256withrsa 是先将数据使用sha256 计算hash值,然后再使用rsa 对hash sign的算法。

go sha256withrsa代码

func sha256withrsa(signContent string, strprikey string) string {
    hash := crypto.SHA256
    shaNew := hash.New()
    shaNew.Write([]byte(signContent))
    hashed := shaNew.Sum(nil)
    priKey, err := ParsePrivateKey(strprikey)
    if err != nil {
        panic(err)
    }

    signature, err := rsa.SignPKCS1v15(rand.Reader, priKey, hash, hashed)
    if err != nil {
        panic(err)
    }
    return b64.StdEncoding.EncodeToString(signature)
}
func ParsePrivateKey(privateKey string) (*rsa.PrivateKey, error) {
    block, _ := pem.Decode([]byte(privateKey))
    if block == nil {
        return nil, errors.New("私钥信息错误!")
    }
    priKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
    if err != nil {
        return nil, err
    }
    return priKey, nil
}

生成rsa私钥

openssl genrsa 

Generating RSA private key, 2048 bit long modulus (2 primes)
...........................................................+++++
...............................................................+++++
e is 65537 (0x010001)
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAw3PgS6PELTZtchDBmFSzK329CaZLV/mOr1IP595Q3pVsYkr/
uNHVqvdtyEiJ42uj+Q9d2u4cOLU8G9DWsWBdHgbWZORKJjMrgpIFb4CVfWs9eqil
XO2vDqDiUjL1idPHLXwm7Z8SDEOUaFLTFKCJJxS3RkArRtcRgrCekA10XNHnnOm5
6+96SD/X2edUH++fiWkrmNvi+P2tLoTphCRePmucyOLKJH/V+nBhV83zq+4KyxBs
xLUwOeEDaf6JbOGUb81WYDUCmkBjyffdLDaD1gJRxtj2zkSx0GL4ROnWGMXbrIj4
ZxiJSktGi0jatzI7HhnCaCB+ya+y8MP/5ExRDwIDAQABAoIBAQCu879XFa1ZpzmK
e9M+7ro+eNvIknEou3rsFjGkpIyQ4QHWbjm/Dx0KX1aGi9/ZkRWCsC2b9b2PSTMX
1vUGazKO2SH5x5tT3EPbKafx6hBl5qNucx0qNJuZJYvQdkrxZ38HiPUziErYbXmf
dFv7P8PlFpcDLBdQ3tyOtlgIq/J3zd/MabjSXvOI7sr89TJjpfXexGYI/gZvhGw1
CeXHu4b+iVbGKBpD0SD3m8T7LkJ9ELifPCQS6wmJpmZOqpFIGzcZGSuYV29H5nFr
+sDfAqfbkulKzqJkS1HNQvRpwyua7SdIOb+HMQ+bRo56hnDXJG5xB14sJlaBjDiZ
Hl9Y/9IpAoGBAOTWQSPSlPDDKm54AS5u1z2yXClb3c8TjX9N1C7uvHMPvjI2HLRH
Xs0AAZZUGLYfkFBlJRrb39z5drRJ0u70pFkPLOBf7Z0x0rMOCmi8Rd8b19myNhZH
4UmssiCqOUKFPvUaPDEVsFPlYkNJ/99gMSz6PT1luxqS+ySH8IHz7f07AoGBANqn
KXS12mirOiW61a0js/vcbQzut3+T4/R1sPKk3azz5OOS2lUExOIi4O7P1Ugcpi3Z
kpQZ3IB4yL6IF88WNeUztBvNHKc9iosKicrjKHMgQrPS4ZTJBsYPsSqjORdOCGK7
VWg4TsJWl20XsWm0dvujs/TGidg95w8lziuZXU49AoGARed9dqf5f6Le72gRVFHf
xqUZqji6BWv/qYfo7X1Ya/2/KC+HjTrQJud9lKKT+e6icyyyrQXF2QcLz/9NRFnP
arVMDC7Bs2do6fG8FEqPPZyPz5y1ERFcLNlogLn/S+bQWKdvA7+QYdCMt+l/FImZ
/BdlZcAR7AhCV+J/AfO2G8kCgYBl/PzYRI7Yra2Utb4/YVztiNaQ5rRO3MPCXjco
JwCDUMwd3nzalTvkoxI6MlUwqrRUxJybWijBABXa0Y4ReTGwdFp5cUYBODJsQoEd
UrGmaZDTYfT4un/fWKhx0+qoVSySKQFgeIs8GLnPF/MX9CZfn+8rqIPZip5BMYgm
TAX6nQKBgE6e3iYTj7CqXSOpzkFyQnsvY/P7vZxk/feR/JB8dHvhAJ3JTuiVDaM6
PVP5oq7+HfIZo1rkjID6W4WuqLPm/I+h4qx+gDw+Jiepolt7jML3F7tle32ifDa8
zTmQ57Qa/fT5Wx5sXberOok233bRHSPoct09q2TgZ34vA90BHzUT
-----END RSA PRIVATE KEY-----

调用示例,这里面有一个go语言输入多行字符的技巧,使用 ` 来包含即可。

prikey := `-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAw3PgS6PELTZtchDBmFSzK329CaZLV/mOr1IP595Q3pVsYkr/
.........此处有省略..............................................
zTmQ57Qa/fT5Wx5sXberOok233bRHSPoct09q2TgZ34vA90BHzUT
-----END RSA PRIVATE KEY-----
`  
str := sha256withrsa("const.net.cn", prikey)
fmt.Printf("sha256withrsa = %s", str)

运行结果:

Ye1ErpEaY/fdH13peaczvCzeTkGa4xl6Ms3AH99zl3Q3x1cGBtFt7+VeWSvLtyRuIt2b+e71q6V4QJM8VYGPDtVWtHARQlinznYvib0c4NSaVSvz6d6P99vDL1IWe1v9kJMtGNaBw0B5lwY2gxl4ta14Xka6T/XK5wPiSFiINIMizhpAbs7olu/csyLaYUMe1tTdVCIF8AQzkGSUZWcz2QhxiVHdh4/uC2PxV7Zhos7XVKhJPHw3e99ktpfgzqz0X7c8et2+4xrLYFM01MNUAnbRjNkGdqXrxkIprbSZwII8B+ttQgUUebUj9N/GFVjWH1pmqwLaKnpH1x2G40aDWw==

openssl 验证 sha256withrsa

将刚才生成的私钥保存为pri.pem,然后执行以下命令

echo -ne "const.net.cn" > test.txt
openssl dgst -sha256 -sign pri.pem test.txt |openssl base64

Ye1ErpEaY/fdH13peaczvCzeTkGa4xl6Ms3AH99zl3Q3x1cGBtFt7+VeWSvLtyRu
It2b+e71q6V4QJM8VYGPDtVWtHARQlinznYvib0c4NSaVSvz6d6P99vDL1IWe1v9
kJMtGNaBw0B5lwY2gxl4ta14Xka6T/XK5wPiSFiINIMizhpAbs7olu/csyLaYUMe
1tTdVCIF8AQzkGSUZWcz2QhxiVHdh4/uC2PxV7Zhos7XVKhJPHw3e99ktpfgzqz0
X7c8et2+4xrLYFM01MNUAnbRjNkGdqXrxkIprbSZwII8B+ttQgUUebUj9N/GFVjW
H1pmqwLaKnpH1x2G40aDWw==

echo -ne "const.net.cn" | openssl dgst -sha256 -sign pri.pem |openssl base64

Ye1ErpEaY/fdH13peaczvCzeTkGa4xl6Ms3AH99zl3Q3x1cGBtFt7+VeWSvLtyRu
It2b+e71q6V4QJM8VYGPDtVWtHARQlinznYvib0c4NSaVSvz6d6P99vDL1IWe1v9
kJMtGNaBw0B5lwY2gxl4ta14Xka6T/XK5wPiSFiINIMizhpAbs7olu/csyLaYUMe
1tTdVCIF8AQzkGSUZWcz2QhxiVHdh4/uC2PxV7Zhos7XVKhJPHw3e99ktpfgzqz0
X7c8et2+4xrLYFM01MNUAnbRjNkGdqXrxkIprbSZwII8B+ttQgUUebUj9N/GFVjW
H1pmqwLaKnpH1x2G40aDWw==

还有个php来验证的代码:

cat sha256withrsa.php 
<?php
$sign = "const.net.cn";
$binary_signature = "";
$prikey = "-----BEGIN RSA PRIVATE KEY-----
........................此处有省略..........
-----END RSA PRIVATE KEY-----";
$algo = "SHA256";
openssl_sign($sign, $binary_signature, $prikey, $algo);
$sign = base64_encode($binary_signature);
echo $sign;
?>
php7.4 sha256withrsa.php 

Ye1ErpEaY/fdH13peaczvCzeTkGa4xl6Ms3AH99zl3Q3x1cGBtFt7+VeWSvLtyRuIt2b+e71q6V4QJM8VYGPDtVWtHARQlinznYvib0c4NSaVSvz6d6P99vDL1IWe1v9kJMtGNaBw0B5lwY2gxl4ta14Xka6T/XK5wPiSFiINIMizhpAbs7olu/csyLaYUMe1tTdVCIF8AQzkGSUZWcz2QhxiVHdh4/uC2PxV7Zhos7XVKhJPHw3e99ktpfgzqz0X7c8et2+4xrLYFM01MNUAnbRjNkGdqXrxkIprbSZwII8B+ttQgUUebUj9N/GFVjWH1pmqwLaKnpH1x2G40aDWw==

本文链接地址:https://const.net.cn/293.html

标签: none

添加新评论