golang不支持ECC加解密,支持ECC签名
1、代码实现
package main
import (
"crypto/ecdsa"
"crypto/rand"
"crypto/sha256"
"crypto/x509"
"encoding/pem"
"errors"
"fmt"
"io/ioutil"
"math/big"
)
type Signatur struct {
r *big.Int
s *big.Int
}
//一、使用私钥签名
func eccSignData(filename string , src []byte) (Signatur,error) {
//1、读取私钥,解密
info , err := ioutil.ReadFile(filename)
if err != nil{
return Signatur{},err
}
block , _ := pem.Decode(info)
derText := block.Bytes
privateKey , err := x509.ParseECPrivateKey(derText)
if err != nil{
return Signatur{},err
}
//2、对原文生成哈希值
hash := sha256.Sum256(src)
//3、使用私钥签名
//使用私钥对任意长度的hash值(必须是较大信息的hash结果)进行签名,返回签名结果(一对大整数)。私钥的安全性取决于密码读取器的熵度(随机程度)。
//func Sign(rand io.Reader, priv *PrivateKey, hash []byte) (r, s *big.Int, err error)
r , s , err := ecdsa.Sign(rand.Reader,privateKey,hash[:])
if err != nil{
return Signatur{},err
}
sig := Signatur{r,s}
return sig,nil
}
//二、使用公钥校验
func eccVerifySig(filename string,src []byte,sig Signatur) error{
//1、读取公钥,解码
info , err := ioutil.ReadFile(filename)
if err != nil{
return err
}
block , _ := pem.Decode(info)
derText := block.Bytes
publicKeyInterface , err := x509.ParsePKIXPublicKey(derText)
if err != nil{
return err
}
publicKey,ok := publicKeyInterface.(*ecdsa.PublicKey)
if !ok {
return errors.New("Assertion failure,not the ecds public key\n")
}
//2、对原文生成哈希
hash := sha256.Sum256(src)
//3、使用公钥验证
//func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool
//使用公钥验证hash值和两个大整数r、s构成的签名,并返回签名是否合法。
isValid := ecdsa.Verify(publicKey,hash[:],sig.r,sig.s)
if !isValid{
return errors.New("Check failure")
}
return nil
}
func main(){
src := []byte("hello world")
sig,err := eccSignData(EccPrivateKeyFile,src)
if err != nil{
fmt.Println("err:",err)
return
}
fmt.Println("sig.r",sig.r)
fmt.Println("sig.s",sig.s)
fmt.Println("++++++++++++++++++++++++++++++++++++++++")
err = eccVerifySig(EccPublicKeyFile,src,sig)
if err != nil{
fmt.Println("err:",err)
return
}
fmt.Println("Check success!!!")
}