jwt密钥加密
- 下载jwt包
go get -u github.com/dgrijalva/jwt-go
- 加密代码
package main
import (
"fmt"
"github.com/dgrijalva/jwt-go"
"io/ioutil"
"log"
)
type UserClaim struct {
Uname string `json:"username"`
jwt.StandardClaims
}
func main() {
sec := []byte("123abc")
token_obj := jwt.NewWithClaims(jwt.SigningMethodHS256, UserClaim{Uname: "baibing"})
token, _ := token_obj.SignedString(sec)
fmt.Println(token)
uc := UserClaim{}
parse, _ := jwt.ParseWithClaims(token, &uc, func(token *jwt.Token) (interface{}, error) {
return sec, nil
})
if parse.Valid {
fmt.Println(parse.Claims.(*UserClaim).Uname)
}
}
jwt公钥加密,私钥解密
- 先生成公钥和私钥,执行下面的代码,会在本地生成两个文件private.pem和public.pem
package main
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"os"
)
func GenerateRSAKey(bits int) {
privateKey, err := rsa.GenerateKey(rand.Reader, bits)
if err != nil {
panic(err)
}
X509PrivateKey := x509.MarshalPKCS1PrivateKey(privateKey)
privateFile, err := os.Create("private.pem")
if err != nil {
panic(err)
}
defer privateFile.Close()
privateBlock := pem.Block{Type: "RSA Private Key", Bytes: X509PrivateKey}
pem.Encode(privateFile, &privateBlock)
publicKey := privateKey.PublicKey
X509PublicKey, err := x509.MarshalPKIXPublicKey(&publicKey)
if err != nil {
panic(err)
}
publicFile, err := os.Create("public.pem")
if err != nil {
panic(err)
}
defer publicFile.Close()
publicBlock := pem.Block{Type: "RSA Public Key", Bytes: X509PublicKey}
pem.Encode(publicFile, &publicBlock)
}
func main() {
GenerateRSAKey(2048)
}
- 利用生成的私钥和公钥实现生成token并解秘
package main
import (
"fmt"
"github.com/dgrijalva/jwt-go"
"io/ioutil"
"log"
)
type UserClaim struct {
Uname string `json:"username"`
jwt.StandardClaims
}
func main() {
priKeyBytes, err := ioutil.ReadFile("./private.pem")
if err != nil {
log.Fatal("私钥文件读取失败")
}
prikey, err := jwt.ParseRSAPrivateKeyFromPEM(priKeyBytes)
if err != nil {
log.Fatal("私钥错误")
}
pubKeyBytes, err := ioutil.ReadFile("./public.pem")
if err != nil {
log.Fatal("公钥文件读取失败")
}
pubkey, err := jwt.ParseRSAPublicKeyFromPEM(pubKeyBytes)
if err != nil {
log.Fatal("公钥错误")
}
token_obj := jwt.NewWithClaims(jwt.SigningMethodRS256, UserClaim{Uname: "baibing"})
token, _ := token_obj.SignedString(prikey)
fmt.Println(token)
uc := UserClaim{}
parse, _ := jwt.ParseWithClaims(token, &uc, func(token *jwt.Token) (interface{}, error) {
return pubkey, nil
})
if parse.Valid {
fmt.Println(parse.Claims.(*UserClaim).Uname)
fmt.Println(parse.Claims.(*UserClaim).ExpiresAt)
}
}