1 package main 2 3 import ( 4 "crypto" 5 "crypto/rand" 6 "crypto/rsa" 7 "crypto/sha256" 8 "crypto/x509" 9 "encoding/base64" 10 "encoding/pem" 11 "fmt" 12 ) 13 14 //openssl genrsa -out rsa_private_key.pem 1024 15 var privateKey = []byte(`-----BEGIN RSA PRIVATE KEY----- 16 MIICXAIBAAKBgQDbzwsz/q1DSjGk+K5kJdFwqVxhwvO+Mlu7uwdUP0mK/nh5I5O6 17 01bovvHS9hauujlFxbvP/ekREnuyHYOiUe5Lf5m7zqd0cWmLu88gnphQf0aDvYpJ 18 +/iVo4RqjC8A/fJvvdnYJfY9C+rRggy4DUlX+xyUC2VE1J+lQ1DOYy9uvwIDAQAB 19 AoGBANuk+LzsMJac/R6soRbR84dwtS+7b3UPPTtKmPhGhWavAhOKyYRWyvGoXF1C 20 K0hOLgzameItB0hX/+LsOy1oUYSl0egk91dpn6AnStASz8BPNAWr44RPIiaQSDmu 21 +BiQNOLkAvh56hEIrnBch6u1QTBlHaaD/E8LCiBcKTaqiR6BAkEA75e6nnH/giXB 22 vULzPLpIj4pmgXAE0EJ11zukb4oFjRMUvuBTgEUNK6Pq/iNMNZZIf9AuPVjXwu5y 23 OPteVcEJUwJBAOrcfDBmAaivhGqVd8IwRDwWGTtw9ToSW2UGn75BgUGpDbeWRYz6 24 ApUJUe0VG8vD7P6G9SdKVaXz1CJAWUVpG2UCQGiGKh0boJt3u1jFD3aL0kIE4AlS 25 BFeS1vQKCge7EAbmryNCnEsWVNOYFFnArmumX4SbHsEWtDJPcjdXumTw7Q8CQGA/ 26 371N8Jwa4h90BdJVSYF+ZPTRRA56e24Zmtmzqq8oAvEb6oDt7KT7XtHUdsG5F6Tv 27 1gQ2GIecN3GaAXvKqWkCQCEn3r0gQQza4NvKX2vp8huK8v8nE32e4vkcZLeJJxC1 28 3xV2R8U5YufBdbhQdGzVYnoVAkh/ZvTkFr/vCAl11Bo= 29 -----END RSA PRIVATE KEY----- 30 `) 31 32 //openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem 33 var publicKey = []byte(`-----BEGIN PUBLIC KEY----- 34 MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDbzwsz/q1DSjGk+K5kJdFwqVxh 35 wvO+Mlu7uwdUP0mK/nh5I5O601bovvHS9hauujlFxbvP/ekREnuyHYOiUe5Lf5m7 36 zqd0cWmLu88gnphQf0aDvYpJ+/iVo4RqjC8A/fJvvdnYJfY9C+rRggy4DUlX+xyU 37 C2VE1J+lQ1DOYy9uvwIDAQAB 38 -----END PUBLIC KEY----- 39 `) 40 41 func SignatureRSA(privateKey []byte, sourceData []byte) (string, error) { 42 //解析 43 block, _ := pem.Decode(privateKey) 44 priKey, err := x509.ParsePKCS1PrivateKey(block.Bytes) 45 if err != nil { 46 return "", err 47 } 48 //哈希加密 49 myHash := sha256.New() 50 myHash.Write(sourceData) 51 hashRes := myHash.Sum(nil) 52 //对哈希结果进行签名 53 res, err := rsa.SignPKCS1v15(rand.Reader, priKey, crypto.SHA256, hashRes) 54 if err != nil { 55 return "", err 56 } 57 58 return base64.URLEncoding.EncodeToString(res), nil 59 } 60 61 func VerifyRSA(publicKey []byte, sourceData []byte, signedData string) error { 62 63 ciphertext, _ := base64.URLEncoding.DecodeString(signedData) 64 //pem解密 65 block, _ := pem.Decode(publicKey) 66 publicInterface, err := x509.ParsePKIXPublicKey(block.Bytes) 67 if err != nil { 68 return err 69 } 70 pubKey := publicInterface.(*rsa.PublicKey) 71 //元数据哈希加密 72 mySha := sha256.New() 73 mySha.Write(sourceData) 74 res := mySha.Sum(nil) 75 76 //校验签名 77 err = rsa.VerifyPKCS1v15(pubKey, crypto.SHA256, res, ciphertext) 78 if err != nil { 79 return err 80 } 81 return nil 82 } 83 84 func main() { 85 sourceData := []byte("123456") 86 signData, err := SignatureRSA(privateKey, sourceData) 87 if err != nil { 88 fmt.Println("加密出错:", err) 89 return 90 } 91 fmt.Println("加密正确:", signData) 92 93 err = VerifyRSA(publicKey, sourceData, signData) 94 if err != nil { 95 fmt.Println("校验出错:", err) 96 return 97 } 98 fmt.Println("校验正确:") 99 }
publicKey和privateKey的内容是在linux下分别执行
openssl rsa -in rsa_private_key.pem -pubout -out rsa_public_key.pem
openssl genrsa -out rsa_private_key.pem 1024