本文整理汇总了Golang中crypto/rsa.SignPKCS1v15函数的典型用法代码示例。如果您正苦于以下问题:Golang SignPKCS1v15函数的具体用法?Golang SignPKCS1v15怎么用?Golang SignPKCS1v15使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了SignPKCS1v15函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。
示例1: PayloadSign
// Sign generates a sign based on the Algorithm instance variable.
// This fulfills the `Signer` interface
func (s RsaSign) PayloadSign(payload []byte) ([]byte, error) {
hash, err := rsaHashForAlg(s.SignatureAlgorithm())
if err != nil {
return nil, ErrUnsupportedAlgorithm
}
privkey := s.PrivateKey
if privkey == nil {
return nil, ErrMissingPrivateKey
}
h := hash.New()
h.Write(payload)
switch s.SignatureAlgorithm() {
case jwa.RS256, jwa.RS384, jwa.RS512:
return rsa.SignPKCS1v15(rand.Reader, privkey, hash, h.Sum(nil))
case jwa.PS256, jwa.PS384, jwa.PS512:
return rsa.SignPSS(rand.Reader, privkey, hash, h.Sum(nil), &rsa.PSSOptions{
SaltLength: rsa.PSSSaltLengthAuto,
})
default:
return nil, ErrUnsupportedAlgorithm
}
}
开发者ID:nabeken,项目名称:go-jwx,代码行数:27,代码来源:signer.go
示例2: Sign
// Signs a digest using this Identity
func (this *SecretIdentity) Sign(digest *Digest) (sig *Signature) {
sigout, err := rsa.SignPKCS1v15(rand.Reader, this.key, crypto.SHA224, digest.impl)
if err != nil {
panic(err)
}
return &Signature{impl: sigout}
}
开发者ID:Javantea,项目名称:h0tb0x,代码行数:8,代码来源:crypto.go
示例3: Sign
// Sign signs a message with a private key. The hash, h, must contain
// the hash of the message to be signed and will be mutated by this function.
// On success, the signature is stored in sig. Call Serialize to write it out.
// If config is nil, sensible defaults will be used.
func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey, config *Config) (err error) {
sig.outSubpackets = sig.buildSubpackets()
digest, err := sig.signPrepareHash(h)
if err != nil {
return
}
switch priv.PubKeyAlgo {
case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
sig.RSASignature.bytes, err = rsa.SignPKCS1v15(config.Random(), priv.PrivateKey.(*rsa.PrivateKey), sig.Hash, digest)
sig.RSASignature.bitLength = uint16(8 * len(sig.RSASignature.bytes))
case PubKeyAlgoDSA:
dsaPriv := priv.PrivateKey.(*dsa.PrivateKey)
// Need to truncate hashBytes to match FIPS 186-3 section 4.6.
subgroupSize := (dsaPriv.Q.BitLen() + 7) / 8
if len(digest) > subgroupSize {
digest = digest[:subgroupSize]
}
r, s, err := dsa.Sign(config.Random(), dsaPriv, digest)
if err == nil {
sig.DSASigR.bytes = r.Bytes()
sig.DSASigR.bitLength = uint16(8 * len(sig.DSASigR.bytes))
sig.DSASigS.bytes = s.Bytes()
sig.DSASigS.bitLength = uint16(8 * len(sig.DSASigS.bytes))
}
default:
err = errors.UnsupportedError("public key algorithm: " + strconv.Itoa(int(sig.PubKeyAlgo)))
}
return
}
开发者ID:postfix,项目名称:name_pending,代码行数:36,代码来源:signature.go
示例4: Sign
// Sign signs a message with a private key. The hash, h, must contain
// the hash of the message to be signed and will be mutated by this function.
// On success, the signature is stored in sig. Call Serialize to write it out.
func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey) (err os.Error) {
sig.outSubpackets = sig.buildSubpackets()
digest, err := sig.signPrepareHash(h)
if err != nil {
return
}
switch priv.PubKeyAlgo {
case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
sig.RSASignature.bytes, err = rsa.SignPKCS1v15(rand.Reader, priv.PrivateKey.(*rsa.PrivateKey), sig.Hash, digest)
sig.RSASignature.bitLength = uint16(8 * len(sig.RSASignature.bytes))
case PubKeyAlgoDSA:
r, s, err := dsa.Sign(rand.Reader, priv.PrivateKey.(*dsa.PrivateKey), digest)
if err == nil {
sig.DSASigR.bytes = r.Bytes()
sig.DSASigR.bitLength = uint16(8 * len(sig.DSASigR.bytes))
sig.DSASigS.bytes = s.Bytes()
sig.DSASigS.bitLength = uint16(8 * len(sig.DSASigS.bytes))
}
default:
err = error.UnsupportedError("public key algorithm: " + strconv.Itoa(int(sig.PubKeyAlgo)))
}
return
}
开发者ID:WXB506,项目名称:golang,代码行数:28,代码来源:signature.go
示例5: registerReq
func (a *app) registerReq(w http.ResponseWriter, r *http.Request) {
if r.Method != "POST" {
http.Error(w, ErrPost, http.StatusMethodNotAllowed)
return
}
// attempt to decode data
var data main.Transaction
if err := json.NewDecoder(r.Body).Decode(&data); err != nil {
http.Error(w, ErrDecode, http.StatusBadRequest)
}
// validate the registration type
if data.Type != "register" {
http.Error(w, ErrBadType, http.StatusBadRequest)
}
// validate the email
if !validateEmail(data.Email) {
http.Error(w, ErrBadEmail, http.StatusBadRequest)
}
// sign the transaction, with the hash of the transaction json (without signature)
s, err := rsa.SignPKCS1v15(rand.Reader, a.privateKey, crypto.SHA256, []byte(r.Body))
if err != nil {
http.Error(w, "Could not sign registration request", http.StatusInternalServerError)
}
// return the signature of the hash of the email
fmt.Fprintf(w, s)
}
开发者ID:tslilyai,项目名称:SLYkey,代码行数:28,代码来源:app.go
示例6: signResponse
func (r NotaryResponse) signResponse(response []byte) ([]byte, error) {
hash := crypto.Hash(crypto.SHA1).New()
hash.Write(response)
hashed := hash.Sum(nil)
return rsa.SignPKCS1v15(rand.Reader, r.privateKey, crypto.SHA1, hashed)
}
开发者ID:Safe3,项目名称:convergence,代码行数:7,代码来源:common.go
示例7: Sign
// Sign returns a signature of the given data using the i'th key.
func (k *keychain) Sign(i int, rand io.Reader, data []byte) (sig []byte, err error) {
pk := k.keys[i]
h := sha1.New()
h.Write(data)
hh := h.Sum(nil)
return rsa.SignPKCS1v15(rand, pk, crypto.SHA1, hh)
}
开发者ID:andradeandrey,项目名称:essessaich,代码行数:8,代码来源:keychain.go
示例8: appleResponse
// appleResponse takes an Apple-Challenge header value, and constructs a response for it.
// To derive the response, the IP and MAC of the connection are needed, so the local address
// has to be passed in.
func appleResponse(challenge string, addr net.Addr) (c64 string, err error) {
// iTunes seems to not pad things. Let's fix that.
p64 := base64pad(challenge)
ptext, err := base64.StdEncoding.DecodeString(p64)
if err != nil {
return
}
ptext = append(ptext, GetIP(addr)...)
ptext = append(ptext, GetMAC(addr)...)
for len(ptext) < 0x20 {
ptext = append(ptext, 0)
}
ctext, err := rsa.SignPKCS1v15(nil, rsaPrivKey, crypto.Hash(0), ptext)
if err != nil {
return
}
c64 = base64.StdEncoding.EncodeToString(ctext)
// We should respond in kind to iTunes
if len(p64) != len(challenge) {
c64 = base64unpad(c64)
}
return
}
开发者ID:frodosens,项目名称:go-airplay,代码行数:30,代码来源:auth.go
示例9: jwsEncodeJSON
// jwsEncodeJSON signs claimset using provided key and a nonce.
// The result is serialized in JSON format.
// See https://tools.ietf.org/html/rfc7515#section-7.
func jwsEncodeJSON(claimset interface{}, key *rsa.PrivateKey, nonce string) ([]byte, error) {
jwk := jwkEncode(&key.PublicKey)
phead := fmt.Sprintf(`{"alg":"RS256","jwk":%s,"nonce":%q}`, jwk, nonce)
phead = base64.RawURLEncoding.EncodeToString([]byte(phead))
cs, err := json.Marshal(claimset)
if err != nil {
return nil, err
}
payload := base64.RawURLEncoding.EncodeToString(cs)
h := sha256.New()
h.Write([]byte(phead + "." + payload))
sig, err := rsa.SignPKCS1v15(rand.Reader, key, crypto.SHA256, h.Sum(nil))
if err != nil {
return nil, err
}
enc := struct {
Protected string `json:"protected"`
Payload string `json:"payload"`
Sig string `json:"signature"`
}{
Protected: phead,
Payload: payload,
Sig: base64.RawURLEncoding.EncodeToString(sig),
}
return json.Marshal(&enc)
}
开发者ID:cloudron-io,项目名称:mattermost,代码行数:29,代码来源:jws.go
示例10: main
func main() {
privateKey, err := rsa.GenerateKey(rand.Reader, 2048) // 개인 키와 공개 키 생성
if err != nil {
fmt.Println(err)
return
}
publicKey := &privateKey.PublicKey // 개인 키 변수 안에 공개 키가 들어있음
message := "안녕하세요. Go 언어"
hash := md5.New() // 해시 인스턴스 생성
hash.Write([]byte(message)) // 해시 인스턴스에 문자열 추가
digest := hash.Sum(nil) // 문자열의 MD5 해시 값 추출
var h1 crypto.Hash
signature, err := rsa.SignPKCS1v15( // 개인 키로 서명
rand.Reader,
privateKey, // 개인 키
h1,
digest, // MD5 해시 값
)
var h2 crypto.Hash
err = rsa.VerifyPKCS1v15( // 공개 키로 서명 검증
publicKey, // 공개 키
h2,
digest, // MD5 해시 값
signature, // 서명 값
)
if err != nil {
fmt.Println("검증 실패")
} else {
fmt.Println("검증 성공")
}
}
开发者ID:jemoonkim,项目名称:golangbook,代码行数:35,代码来源:rsa_sign.go
示例11: IntroAndAck
// msgN, token including DigSig; gets Ack or Error
func (upc *UpaxClient) IntroAndAck() (err error) {
var (
name string
id, ckBytes, skBytes, salt []byte
digSig []byte // over name, id, ckBytes, skBytes, salt, in order
)
// Send INTRO MSG =====================================
name = upc.GetName()
id = upc.GetNodeID().Value()
ckBytes, err = xc.RSAPubKeyToWire(&upc.ckPriv.PublicKey)
if err == nil {
skBytes, err = xc.RSAPubKeyToWire(&upc.skPriv.PublicKey)
if err == nil {
rng := xr.NewSystemRNG(0)
n := uint64(rng.Int63())
salt = make([]byte, 8)
binary.LittleEndian.PutUint64(salt, n)
}
}
if err == nil {
d := sha1.New()
d.Write([]byte(name))
d.Write(id)
d.Write(ckBytes)
d.Write(skBytes)
d.Write(salt)
hash := d.Sum(nil)
digSig, err = rsa.SignPKCS1v15(
rand.Reader, upc.skPriv, crypto.SHA1, hash)
}
if err == nil {
token := UpaxClientMsg_Token{
Name: &name,
ID: id,
CommsKey: ckBytes,
SigKey: skBytes,
Salt: salt,
DigSig: digSig,
}
op := UpaxClientMsg_Intro
request := &UpaxClientMsg{
Op: &op,
ClientInfo: &token,
}
// SHOULD CHECK FOR TIMEOUT
err = upc.writeMsg(request)
}
// Process ACK ========================================
if err == nil {
var response *UpaxClientMsg
// SHOULD CHECK FOR TIMEOUT AND VERIFY THAT IT'S AN ACK
response, err = upc.readMsg()
op := response.GetOp()
if op != UpaxClientMsg_Ack {
err = ExpectedAck
}
}
return
}
开发者ID:jddixon,项目名称:upax_go,代码行数:61,代码来源:client_msg.go
示例12: Sign
func (s *Su3File) Sign(privkey *rsa.PrivateKey) error {
var hashType crypto.Hash
switch s.SignatureType {
case SIGTYPE_DSA:
hashType = crypto.SHA1
case SIGTYPE_ECDSA_SHA256, SIGTYPE_RSA_SHA256:
hashType = crypto.SHA256
case SIGTYPE_ECDSA_SHA384, SIGTYPE_RSA_SHA384:
hashType = crypto.SHA384
case SIGTYPE_ECDSA_SHA512, SIGTYPE_RSA_SHA512:
hashType = crypto.SHA512
default:
return fmt.Errorf("Unknown signature type.")
}
h := hashType.New()
h.Write(s.BodyBytes())
digest := h.Sum(nil)
sig, err := rsa.SignPKCS1v15(rand.Reader, privkey, 0, digest)
if nil != err {
return err
}
s.Signature = sig
return nil
}
开发者ID:MDrollette,项目名称:i2p-tools,代码行数:28,代码来源:su3.go
示例13: signPKCS7
// signPKCS7 does the minimal amount of work necessary to embed an RSA
// signature into a PKCS#7 certificate.
//
// We prepare the certificate using the x509 package, read it back in
// to our custom data type and then write it back out with the signature.
func signPKCS7(rand io.Reader, priv *rsa.PrivateKey, msg []byte) ([]byte, error) {
const serialNumber = 0x5462c4dd // arbitrary
name := pkix.Name{CommonName: "gomobile"}
template := &x509.Certificate{
SerialNumber: big.NewInt(serialNumber),
SignatureAlgorithm: x509.SHA1WithRSA,
Subject: name,
}
b, err := x509.CreateCertificate(rand, template, template, priv.Public(), priv)
if err != nil {
return nil, err
}
c := certificate{}
if _, err := asn1.Unmarshal(b, &c); err != nil {
return nil, err
}
h := sha1.New()
h.Write(msg)
hashed := h.Sum(nil)
signed, err := rsa.SignPKCS1v15(rand, priv, crypto.SHA1, hashed)
if err != nil {
return nil, err
}
content := pkcs7SignedData{
ContentType: oidSignedData,
Content: signedData{
Version: 1,
DigestAlgorithms: []pkix.AlgorithmIdentifier{{
Algorithm: oidSHA1,
Parameters: asn1.RawValue{Tag: 5},
}},
ContentInfo: contentInfo{Type: oidData},
Certificates: c,
SignerInfos: []signerInfo{{
Version: 1,
IssuerAndSerialNumber: issuerAndSerialNumber{
Issuer: name.ToRDNSequence(),
SerialNumber: serialNumber,
},
DigestAlgorithm: pkix.AlgorithmIdentifier{
Algorithm: oidSHA1,
Parameters: asn1.RawValue{Tag: 5},
},
DigestEncryptionAlgorithm: pkix.AlgorithmIdentifier{
Algorithm: oidRSAEncryption,
Parameters: asn1.RawValue{Tag: 5},
},
EncryptedDigest: signed,
}},
},
}
return asn1.Marshal(content)
}
开发者ID:2722,项目名称:lantern,代码行数:65,代码来源:cert.go
示例14: main
func main() {
expires := expire(10)
resource := `http://d604721fxaaqy9.cloudfront.net/horizon.jpg?large=yes&license=yes` //testing value
privateKey := "./private-key.pem"
// The Signature value is an RSA-SHA1 digital Signature of the following JSON policy
// with the RESOURCE and EXPIRES values replaced with your values
//{"Statement":[{"Resource":"RESOURCE","Condition":{"DateLessThan":{"AWS:EpochTime":EXPIRES}}}]}
fmt.Printf("\nexpires would be:%s, and it's being reset to: 1258237200 for testing\n", expires)
p1 := `{"Statement":[{"Resource":"`
p2 := resource
p3 := `","Condition":{"DateLessThan":{"AWS:EpochTime":`
p4 := "1258237200" //normally use expires, but this is for testing
p5 := `}}}]}`
toSign := p1 + p2 + p3 + p4 + p5
fmt.Printf("We're going to sign %s, of Type %T\n", toSign, toSign)
key, err := privkey(privateKey)
if err != nil {
fmt.Print("oops")
}
h := sha1.New()
h.Write([]byte(toSign))
sum := h.Sum()
sig, err := rsa.SignPKCS1v15(rand.Reader, key, rsa.HashSHA1, sum)
if err != nil {
fmt.Print("oops2")
}
f := bytes.NewBuffer(sig)
g := f.String()
fmt.Printf("The Signed String is: %s\n and is of type:%T\n", g, g)
}
开发者ID:gregworley,项目名称:go-doodles,代码行数:30,代码来源:cfsigner.go
示例15: makeCertificate
func makeCertificate(email string, publicKey map[string]string,
durationSec int64) (signed []byte, err error) {
header := []byte(`{"alg": "RS256"}`)
encodedHeader := base64Encode(header)
iat := (time.Now().Unix() - 600) * 1000
exp := (time.Now().Unix() + durationSec) * 1000
cert := identityCert{certIssuer, iat, exp, publicKey, principal{email}}
payload, err := json.Marshal(cert)
if err != nil {
return nil, err
}
encodedPayload := base64Encode(payload)
signingBase := dotJoin(encodedHeader, encodedPayload)
hash := sha256.New()
hash.Write(signingBase)
hashed := hash.Sum(nil)
signature, err := rsa.SignPKCS1v15(rand.Reader, privateKey,
crypto.SHA256, hashed)
if err != nil {
return nil, err
}
encodedSignature := base64Encode(signature)
return dotJoin(signingBase, encodedSignature), nil
}
开发者ID:johnpmayer,项目名称:persona-idp,代码行数:30,代码来源:idp.go
示例16: SignRSA
//SignWithRSA sign given encrypted data with RSA algorithm
func SignRSA(raw []byte, algorithm crypto.Hash) []byte {
if raw == nil {
return nil
}
privateKey := []byte(PrivateKey)
if !ginutil.IsProduction() {
privateKey = []byte(TestPrivateKey)
}
block, _ := pem.Decode(privateKey)
if block == nil {
return nil
}
privInterface, err := x509.ParsePKCS8PrivateKey(block.Bytes)
if err != nil {
return nil
}
priv := privInterface.(*rsa.PrivateKey)
var data []byte
if algorithm == crypto.SHA1 {
data = EncryptSHA(raw)
} else {
data = EncryptMD5(EncryptSHA(raw))
}
signed, err := rsa.SignPKCS1v15(rand.Reader, priv, algorithm, data)
if err != nil {
return nil
}
return signed
}
开发者ID:jameswei,项目名称:zmopenapi-sdk-golang,代码行数:30,代码来源:crypto_util.go
示例17: CreateSignature
// Generates a signature of a JSON-marshalable "message" object, using the given RSA private key.
// If includeDate is true, a timestamp will be added to the signature; if expiration is also
// nonzero, it will be included as the expiration interval, i.e. how long the signature remains
// valid after being signed.
//
// Making any changes to the message object will invalidate the signature, unless the changes are
// in ignored keys. Any underscore-prefixed key (except "_id") is ignored, as is "(signed)".
func CreateSignature(message map[string]interface{}, key *rsa.PrivateKey, includeDate bool, expiration time.Duration) (*Signature, error) {
signature := Signature{
PublicKey: key.PublicKey,
messageDigest: canonicalDigest(message),
}
if includeDate {
now := time.Now()
signature.Date = &now
if expiration > 0 {
expires := now.Add(expiration)
signature.Expiration = &expires
}
}
sigJson, err := json.Marshal(&signature)
if err != nil {
return nil, err
}
digest := sha1.Sum(sigJson)
signature.signatureBytes, err = rsa.SignPKCS1v15(rand.Reader, key, crypto.SHA1, digest[:])
if err != nil {
return nil, err
}
return &signature, nil
}
开发者ID:snej,项目名称:json-sig,代码行数:33,代码来源:sign.go
示例18: Sign
/**
* Set a timestamp and calculate a digital signature. First
* calculate the SHA1 hash of the pubKey, title, timestamp,
* and content lines, excluding the terminating CRLF in each
* case, then encrypt that using the RSA private key supplied.
*
* @param key RSAKey whose secret materials are used to sign
*/
func (sl *SignedBList) Sign(skPriv *rsa.PrivateKey) (err error) {
var (
digSig, hash []byte
)
if sl.DigSig != nil {
err = ListAlreadySigned
} else if skPriv == nil {
err = NilPrivateKey
} else {
sl.Timestamp = xu.Timestamp(time.Now().UnixNano())
hash, err = sl.HashBody()
if err == nil {
digSig, err = rsa.SignPKCS1v15(
rand.Reader, skPriv, crypto.SHA1, hash)
if err == nil {
sl.DigSig = digSig
}
}
if err != nil {
sl.Timestamp = 0 // restore to default
}
}
return
}
开发者ID:jddixon,项目名称:xlCrypto_go,代码行数:34,代码来源:signedBList.go
示例19: WriteAuthenticatedDataPackage
// WriteAuthenticatedDataPackage creates an AuthenticatedDataPackage
// containing the specified data and signed by the given key. The output
// conforms with the legacy format here:
// https://bitbucket.org/psiphon/psiphon-circumvention-system/src/c25d080f6827b141fe637050ce0d5bd0ae2e9db5/Automation/psi_ops_crypto_tools.py
func WriteAuthenticatedDataPackage(
data string, signingPublicKey, signingPrivateKey string) ([]byte, error) {
derEncodedPrivateKey, err := base64.StdEncoding.DecodeString(signingPrivateKey)
if err != nil {
return nil, ContextError(err)
}
rsaPrivateKey, err := x509.ParsePKCS1PrivateKey(derEncodedPrivateKey)
if err != nil {
return nil, ContextError(err)
}
signature, err := rsa.SignPKCS1v15(
rand.Reader,
rsaPrivateKey,
crypto.SHA256,
sha256sum(data))
if err != nil {
return nil, ContextError(err)
}
packageJSON, err := json.Marshal(
&AuthenticatedDataPackage{
Data: data,
SigningPublicKeyDigest: sha256sum(signingPublicKey),
Signature: signature,
})
if err != nil {
return nil, ContextError(err)
}
return packageJSON, nil
}
开发者ID:adamkruger,项目名称:psiphon-tunnel-core,代码行数:37,代码来源:authPackage.go
示例20: Encode
// Encode encodes a signed JWS with provided header and claim set.
func Encode(header *Header, c *ClaimSet, signature []byte) (payload string, err error) {
var encodedHeader, encodedClaimSet string
encodedHeader, err = header.encode()
if err != nil {
return
}
encodedClaimSet, err = c.encode()
if err != nil {
return
}
ss := fmt.Sprintf("%s.%s", encodedHeader, encodedClaimSet)
parsed, err := parsePrivateKey(signature)
if err != nil {
return
}
h := sha256.New()
h.Write([]byte(ss))
b, err := rsa.SignPKCS1v15(rand.Reader, parsed, crypto.SHA256, h.Sum(nil))
if err != nil {
return
}
sig := base64Encode(b)
return fmt.Sprintf("%s.%s", ss, sig), nil
}
开发者ID:robyoung,项目名称:oauth2,代码行数:28,代码来源:jws.go
注:本文中的crypto/rsa.SignPKCS1v15函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论