• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

Golang dsa.Sign函数代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Golang中crypto/dsa.Sign函数的典型用法代码示例。如果您正苦于以下问题:Golang Sign函数的具体用法?Golang Sign怎么用?Golang Sign使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。



在下文中一共展示了Sign函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Golang代码示例。

示例1: main

func main() {
	var privateKey dsa.PrivateKey
	params := &privateKey.Parameters

	// L2048N224 is length of L and N
	if err := dsa.GenerateParameters(params, rand.Reader, dsa.L2048N224); err != nil {
		fmt.Printf("Err: %s", err)
		return
	}

	if err := dsa.GenerateKey(&privateKey, rand.Reader); err != nil {
		fmt.Printf("Err: %s", err)
		return
	}

	hashed := []byte("This is test hashed message")

	// It returns the signature as a pair of integers.
	r, s, err := dsa.Sign(rand.Reader, &privateKey, hashed)
	if err != nil {
		fmt.Printf("Err: %s", err)
		return
	}

	// Check signnature can be verified
	publicKey := &privateKey.PublicKey
	if dsa.Verify(publicKey, hashed, r, s) {
		fmt.Printf("Verified\n")
	}
}
开发者ID:tcnksm,项目名称:go-crypto,代码行数:30,代码来源:main.go


示例2: SignatureSign

func SignatureSign(hash []byte, priv *dsa.PrivateKey) (r, s []byte, err error) {
	ri, si, err := dsa.Sign(rand.Reader, priv, hash)
	if err != nil {
		return nil, nil, err
	}
	return []byte(base64.StdEncoding.EncodeToString(ri.Bytes())), []byte(base64.StdEncoding.EncodeToString(si.Bytes())), nil
}
开发者ID:justinribeiro,项目名称:wearscript,代码行数:7,代码来源:signature.go


示例3: Sign

// Sign signs a message with a private key. The hash, h, must contain
// the hash of the message to be signed and will be mutated by this function.
// On success, the signature is stored in sig. Call Serialize to write it out.
func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey) (err os.Error) {
	sig.outSubpackets = sig.buildSubpackets()
	digest, err := sig.signPrepareHash(h)
	if err != nil {
		return
	}

	switch priv.PubKeyAlgo {
	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
		sig.RSASignature.bytes, err = rsa.SignPKCS1v15(rand.Reader, priv.PrivateKey.(*rsa.PrivateKey), sig.Hash, digest)
		sig.RSASignature.bitLength = uint16(8 * len(sig.RSASignature.bytes))
	case PubKeyAlgoDSA:
		r, s, err := dsa.Sign(rand.Reader, priv.PrivateKey.(*dsa.PrivateKey), digest)
		if err == nil {
			sig.DSASigR.bytes = r.Bytes()
			sig.DSASigR.bitLength = uint16(8 * len(sig.DSASigR.bytes))
			sig.DSASigS.bytes = s.Bytes()
			sig.DSASigS.bitLength = uint16(8 * len(sig.DSASigS.bytes))
		}
	default:
		err = error.UnsupportedError("public key algorithm: " + strconv.Itoa(int(sig.PubKeyAlgo)))
	}

	return
}
开发者ID:WXB506,项目名称:golang,代码行数:28,代码来源:signature.go


示例4: Sign

// Sign signs a message with a private key. The hash, h, must contain
// the hash of the message to be signed and will be mutated by this function.
// On success, the signature is stored in sig. Call Serialize to write it out.
// If config is nil, sensible defaults will be used.
func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey, config *Config) (err error) {
	sig.outSubpackets = sig.buildSubpackets()
	digest, err := sig.signPrepareHash(h)
	if err != nil {
		return
	}

	switch priv.PubKeyAlgo {
	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
		sig.RSASignature.bytes, err = rsa.SignPKCS1v15(config.Random(), priv.PrivateKey.(*rsa.PrivateKey), sig.Hash, digest)
		sig.RSASignature.bitLength = uint16(8 * len(sig.RSASignature.bytes))
	case PubKeyAlgoDSA:
		dsaPriv := priv.PrivateKey.(*dsa.PrivateKey)

		// Need to truncate hashBytes to match FIPS 186-3 section 4.6.
		subgroupSize := (dsaPriv.Q.BitLen() + 7) / 8
		if len(digest) > subgroupSize {
			digest = digest[:subgroupSize]
		}
		r, s, err := dsa.Sign(config.Random(), dsaPriv, digest)
		if err == nil {
			sig.DSASigR.bytes = r.Bytes()
			sig.DSASigR.bitLength = uint16(8 * len(sig.DSASigR.bytes))
			sig.DSASigS.bytes = s.Bytes()
			sig.DSASigS.bitLength = uint16(8 * len(sig.DSASigS.bytes))
		}
	default:
		err = errors.UnsupportedError("public key algorithm: " + strconv.Itoa(int(sig.PubKeyAlgo)))
	}

	return
}
开发者ID:postfix,项目名称:name_pending,代码行数:36,代码来源:signature.go


示例5: SignDSA

// SignDSA signs a message with a DSA private key. The hash, h, must contain
// the hash of the message to be signed and will be mutated by this function.
// On success, the signature is stored in sig. Call Serialize to write it out.
func (sig *Signature) SignDSA(h hash.Hash, priv *dsa.PrivateKey) (err os.Error) {
	digest, err := sig.signPrepareHash(h)
	if err != nil {
		return
	}
	sig.DSASigR, sig.DSASigS, err = dsa.Sign(rand.Reader, priv, digest)
	return
}
开发者ID:radhermit,项目名称:gcc,代码行数:11,代码来源:signature.go


示例6: Sign

func Sign() {
	key := Key()
	hash := HashMessage()
	r, s, err := dsa.Sign(rand.Reader, key, hash)
	if err != nil {
		log.Fatalf("failed to sign message: %s", err)
	}
	log.Printf("r: %v", r)
	log.Printf("s: %v", s)
}
开发者ID:rrudduck,项目名称:golang-stuff,代码行数:10,代码来源:dsa.go


示例7: Sign

func (p *DSAPrivateKey) Sign(hashed []byte, alg uint8) ([]byte, error) {
	r1, s1, err := dsa.Sign(rand.Reader, (*dsa.PrivateKey)(p), hashed)
	if err != nil {
		return nil, err
	}
	t := divRoundUp(divRoundUp(p.PublicKey.Y.BitLen(), 8)-64, 8)
	signature := []byte{byte(t)}
	signature = append(signature, intToBytes(r1, 20)...)
	signature = append(signature, intToBytes(s1, 20)...)
	return signature, nil
}
开发者ID:andradeandrey,项目名称:go-ipfs,代码行数:11,代码来源:dnssec_privkey.go


示例8: Sign

// Sign will generate a signature of a hashed data using dsa Sign.
func (priv *PrivateKey) Sign(rand io.Reader, hashed []byte) ([]byte, error) {
	r, s, err := dsa.Sign(rand, &priv.PrivateKey, hashed)
	if err == nil {
		rBytes := r.Bytes()
		sBytes := s.Bytes()

		out := make([]byte, 40)
		copy(out[20-len(rBytes):], rBytes)
		copy(out[len(out)-len(sBytes):], sBytes)
		return out, nil
	}
	return nil, err
}
开发者ID:juniorz,项目名称:otr3,代码行数:14,代码来源:keys.go


示例9: Sign

// Sign signs a message with a private key. The hash, h, must contain
// the hash of the message to be signed and will be mutated by this function.
// On success, the signature is stored in sig. Call Serialize to write it out.
// If config is nil, sensible defaults will be used.
func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey, config *Config) (err error) {
	signer, hashIsSigner := h.(Signer)

	if !hashIsSigner && (priv == nil || priv.PrivateKey == nil) {
		err = errors.InvalidArgumentError("attempting to sign with nil PrivateKey")
		return
	}

	sig.outSubpackets = sig.buildSubpackets()
	digest, err := sig.signPrepareHash(h)
	if err != nil {
		return
	}

	if hashIsSigner {
		err = signer.Sign(sig)
		return
	}

	switch priv.PubKeyAlgo {
	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
		sig.RSASignature.bytes, err = rsa.SignPKCS1v15(config.Random(), priv.PrivateKey.(*rsa.PrivateKey), sig.Hash, digest)
		sig.RSASignature.bitLength = uint16(8 * len(sig.RSASignature.bytes))
	case PubKeyAlgoDSA:
		dsaPriv := priv.PrivateKey.(*dsa.PrivateKey)

		// Need to truncate hashBytes to match FIPS 186-3 section 4.6.
		subgroupSize := (dsaPriv.Q.BitLen() + 7) / 8
		if len(digest) > subgroupSize {
			digest = digest[:subgroupSize]
		}
		r, s, err := dsa.Sign(config.Random(), dsaPriv, digest)
		if err == nil {
			sig.DSASigR.bytes = r.Bytes()
			sig.DSASigR.bitLength = uint16(8 * len(sig.DSASigR.bytes))
			sig.DSASigS.bytes = s.Bytes()
			sig.DSASigS.bitLength = uint16(8 * len(sig.DSASigS.bytes))
		}
	case PubKeyAlgoECDSA:
		r, s, err := ecdsa.Sign(config.Random(), priv.PrivateKey.(*ecdsa.PrivateKey), digest)
		if err == nil {
			sig.ECDSASigR = FromBig(r)
			sig.ECDSASigS = FromBig(s)
		}
	default:
		err = errors.UnsupportedError("public key algorithm: " + strconv.Itoa(int(sig.PubKeyAlgo)))
	}

	return
}
开发者ID:naunga,项目名称:vault,代码行数:54,代码来源:signature.go


示例10: Sign

func (k *dsaPrivateKey) Sign(rand io.Reader, data []byte) ([]byte, error) {
	h := crypto.SHA1.New()
	h.Write(data)
	digest := h.Sum(nil)
	r, s, err := dsa.Sign(rand, k.PrivateKey, digest)
	if err != nil {
		return nil, err
	}

	sig := make([]byte, 40)
	copy(sig[:20], r.Bytes())
	copy(sig[20:], s.Bytes())
	return sig, nil
}
开发者ID:kshi0310,项目名称:geard,代码行数:14,代码来源:keys.go


示例11: SignHash

func (ds *DSASigner) SignHash(h []byte) (sig []byte, err error) {
	var r, s *big.Int
	r, s, err = dsa.Sign(rand.Reader, ds.k, h)
	if err == nil {
		sig = make([]byte, 40)
		rb := r.Bytes()
		rl := len(rb)
		copy(sig[20-rl:20], rb)
		sb := s.Bytes()
		sl := len(sb)
		copy(sig[20+(20-sl):], sb)
	}
	return
}
开发者ID:majestrate,项目名称:go-i2p,代码行数:14,代码来源:dsa.go


示例12: Sign

func (dk *dsaKey) Sign(msg []byte) ([]byte, error) {
	h := sha1.New()
	h.Write(msg)
	r, s, err := dsa.Sign(rand.Reader, &dk.key, h.Sum(nil))
	if err != nil {
		return nil, err
	}
	sig := dsaSignature{r, s}
	b, err := asn1.Marshal(sig)
	if err != nil {
		return nil, err
	}
	return b, nil
}
开发者ID:acasajus,项目名称:dkeyczar,代码行数:14,代码来源:dsa_key.go


示例13: Sign

// Sign signs a message with a private key. The hash, h, must contain
// the hash of the message to be signed and will be mutated by this function.
// On success, the signature is stored in sig. Call Serialize to write it out.
// If config is nil, sensible defaults will be used.
func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey, config *Config) (err error) {
	sig.outSubpackets = sig.buildSubpackets()
	digest, err := sig.signPrepareHash(h)
	if err != nil {
		return
	}

	switch priv.PubKeyAlgo {
	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
		// supports both *rsa.PrivateKey and crypto.Signer
		sig.RSASignature.bytes, err = priv.PrivateKey.(crypto.Signer).Sign(config.Random(), digest, sig.Hash)
		sig.RSASignature.bitLength = uint16(8 * len(sig.RSASignature.bytes))
	case PubKeyAlgoDSA:
		dsaPriv := priv.PrivateKey.(*dsa.PrivateKey)

		// Need to truncate hashBytes to match FIPS 186-3 section 4.6.
		subgroupSize := (dsaPriv.Q.BitLen() + 7) / 8
		if len(digest) > subgroupSize {
			digest = digest[:subgroupSize]
		}
		r, s, err := dsa.Sign(config.Random(), dsaPriv, digest)
		if err == nil {
			sig.DSASigR.bytes = r.Bytes()
			sig.DSASigR.bitLength = uint16(8 * len(sig.DSASigR.bytes))
			sig.DSASigS.bytes = s.Bytes()
			sig.DSASigS.bitLength = uint16(8 * len(sig.DSASigS.bytes))
		}
	case PubKeyAlgoECDSA:
		var r, s *big.Int
		if pk, ok := priv.PrivateKey.(*ecdsa.PrivateKey); ok {
			// direct support, avoid asn1 wrapping/unwrapping
			r, s, err = ecdsa.Sign(config.Random(), pk, digest)
		} else {
			var b []byte
			b, err = priv.PrivateKey.(crypto.Signer).Sign(config.Random(), digest, nil)
			if err == nil {
				r, s, err = unwrapECDSASig(b)
			}
		}
		if err == nil {
			sig.ECDSASigR = fromBig(r)
			sig.ECDSASigS = fromBig(s)
		}
	default:
		err = errors.UnsupportedError("public key algorithm: " + strconv.Itoa(int(sig.PubKeyAlgo)))
	}

	return
}
开发者ID:40a,项目名称:ejson,代码行数:53,代码来源:signature.go


示例14: Sign

func (priv *PrivateKey) Sign(rand io.Reader, hashed []byte) []byte {
	r, s, err := dsa.Sign(rand, &priv.PrivateKey, hashed)
	if err != nil {
		panic(err.Error())
	}
	rBytes := r.Bytes()
	sBytes := s.Bytes()
	if len(rBytes) > dsaSubgroupBytes || len(sBytes) > dsaSubgroupBytes {
		panic("DSA signature too large")
	}

	out := make([]byte, 2*dsaSubgroupBytes)
	copy(out[dsaSubgroupBytes-len(rBytes):], rBytes)
	copy(out[len(out)-len(sBytes):], sBytes)
	return out
}
开发者ID:sneha29shukla,项目名称:mig,代码行数:16,代码来源:otr.go


示例15: Sign

// Sign signs a message with a private key. The hash, h, must contain
// the hash of the message to be signed and will be mutated by this function.
// On success, the signature is stored in sig. Call Serialize to write it out.
func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey) (err os.Error) {
	digest, err := sig.signPrepareHash(h)
	if err != nil {
		return
	}

	switch priv.PubKeyAlgo {
	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
		sig.RSASignature, err = rsa.SignPKCS1v15(rand.Reader, priv.PrivateKey.(*rsa.PrivateKey), sig.Hash, digest)
	case PubKeyAlgoDSA:
		sig.DSASigR, sig.DSASigS, err = dsa.Sign(rand.Reader, priv.PrivateKey.(*dsa.PrivateKey), digest)
	default:
		err = error.UnsupportedError("public key algorithm: " + strconv.Itoa(int(sig.PubKeyAlgo)))
	}

	return
}
开发者ID:go-nosql,项目名称:golang,代码行数:20,代码来源:signature.go


示例16: Sign

func (k *dsaPrivateKey) Sign(rand io.Reader, data []byte) (*Signature, error) {
	h := crypto.SHA1.New()
	h.Write(data)
	digest := h.Sum(nil)
	r, s, err := dsa.Sign(rand, k.PrivateKey, digest)
	if err != nil {
		return nil, err
	}

	sig := make([]byte, 40)
	rb := r.Bytes()
	sb := s.Bytes()

	copy(sig[20-len(rb):20], rb)
	copy(sig[40-len(sb):], sb)

	return &Signature{
		Format: k.PublicKey().Type(),
		Blob:   sig,
	}, nil
}
开发者ID:backkom,项目名称:leanote-all,代码行数:21,代码来源:keys.go


示例17: MakeSignature

// copied from crypto/openpgp/packet.(*Signature).Sign()
func MakeSignature(pgpsig *packet.Signature, priv *packet.PrivateKey, digest []byte) (err error) {
	sig := (*Signature)(unsafe.Pointer(pgpsig))
	var config *packet.Config
	switch priv.PubKeyAlgo {
	case packet.PubKeyAlgoRSA, packet.PubKeyAlgoRSASignOnly:
		sig.RSASignature.bytes, err = rsa.SignPKCS1v15(config.Random(), priv.PrivateKey.(*rsa.PrivateKey), sig.Hash, digest)
		sig.RSASignature.bitLength = uint16(8 * len(sig.RSASignature.bytes))
	case packet.PubKeyAlgoDSA:
		dsaPriv := priv.PrivateKey.(*dsa.PrivateKey)

		r, s, err := dsa.Sign(config.Random(), dsaPriv, digest)
		if err == nil {
			sig.DSASigR.bytes = r.Bytes()
			sig.DSASigR.bitLength = uint16(8 * len(sig.DSASigR.bytes))
			sig.DSASigS.bytes = s.Bytes()
			sig.DSASigS.bitLength = uint16(8 * len(sig.DSASigS.bytes))
		}
	default:
		err = errors.UnsupportedError("public key algorithm: " + strconv.Itoa(int(sig.PubKeyAlgo)))
	}

	return
}
开发者ID:remyoudompheng,项目名称:remotepgp,代码行数:24,代码来源:pgptypes.go


示例18: Sign

// Sign signs a dns.Msg. It fills the signature with the appropriate data.
// The SIG record should have the SignerName, KeyTag, Algorithm, Inception
// and Expiration set.
func (rr *SIG) Sign(k PrivateKey, m *Msg) ([]byte, error) {
	if k == nil {
		return nil, ErrPrivKey
	}
	if rr.KeyTag == 0 || len(rr.SignerName) == 0 || rr.Algorithm == 0 {
		return nil, ErrKey
	}
	rr.Header().Rrtype = TypeSIG
	rr.Header().Class = ClassANY
	rr.Header().Ttl = 0
	rr.Header().Name = "."
	rr.OrigTtl = 0
	rr.TypeCovered = 0
	rr.Labels = 0

	buflen := m.Len() + rr.len()
	switch k := k.(type) {
	case *rsa.PrivateKey:
		buflen += len(k.N.Bytes())
	case *dsa.PrivateKey:
		buflen += 40
	case *ecdsa.PrivateKey:
		buflen += 96
	default:
		return nil, ErrPrivKey
	}
	buf := make([]byte, m.Len()+rr.len()+buflen)
	mbuf, err := m.PackBuffer(buf)
	if err != nil {
		return nil, err
	}
	if &buf[0] != &mbuf[0] {
		return nil, ErrBuf
	}
	off, err := PackRR(rr, buf, len(mbuf), nil, false)
	if err != nil {
		return nil, err
	}
	buf = buf[:off:cap(buf)]
	var hash crypto.Hash
	switch rr.Algorithm {
	case DSA, RSASHA1:
		hash = crypto.SHA1
	case RSASHA256, ECDSAP256SHA256:
		hash = crypto.SHA256
	case ECDSAP384SHA384:
		hash = crypto.SHA384
	case RSASHA512:
		hash = crypto.SHA512
	default:
		return nil, ErrAlg
	}
	hasher := hash.New()
	// Write SIG rdata
	hasher.Write(buf[len(mbuf)+1+2+2+4+2:])
	// Write message
	hasher.Write(buf[:len(mbuf)])
	hashed := hasher.Sum(nil)

	var sig []byte
	switch p := k.(type) {
	case *dsa.PrivateKey:
		t := byte((len(p.PublicKey.Y.Bytes()) - 64) / 8)
		r1, s1, err := dsa.Sign(rand.Reader, p, hashed)
		if err != nil {
			return nil, err
		}
		sig = make([]byte, 0, 1+len(r1.Bytes())+len(s1.Bytes()))
		sig = append(sig, t)
		sig = append(sig, r1.Bytes()...)
		sig = append(sig, s1.Bytes()...)
	case *rsa.PrivateKey:
		sig, err = rsa.SignPKCS1v15(rand.Reader, p, hash, hashed)
		if err != nil {
			return nil, err
		}
	case *ecdsa.PrivateKey:
		r1, s1, err := ecdsa.Sign(rand.Reader, p, hashed)
		if err != nil {
			return nil, err
		}
		sig = r1.Bytes()
		sig = append(sig, s1.Bytes()...)
	default:
		return nil, ErrAlg
	}
	rr.Signature = unpackBase64(sig)
	buf = append(buf, sig...)
	if len(buf) > int(^uint16(0)) {
		return nil, ErrBuf
	}
	// Adjust sig data length
	rdoff := len(mbuf) + 1 + 2 + 2 + 4
	rdlen, _ := unpackUint16(buf, rdoff)
	rdlen += uint16(len(sig))
	buf[rdoff], buf[rdoff+1] = packUint16(rdlen)
	// Adjust additional count
//.........这里部分代码省略.........
开发者ID:mediascape,项目名称:discovery-self,代码行数:101,代码来源:sig0.go


示例19: Sign

// Sign signs an RRSet. The signature needs to be filled in with
// the values: Inception, Expiration, KeyTag, SignerName and Algorithm.
// The rest is copied from the RRset. Sign returns true when the signing went OK,
// otherwise false.
// There is no check if RRSet is a proper (RFC 2181) RRSet.
// If OrigTTL is non zero, it is used as-is, otherwise the TTL of the RRset
// is used as the OrigTTL.
func (rr *RRSIG) Sign(k PrivateKey, rrset []RR) error {
	if k == nil {
		return ErrPrivKey
	}
	// s.Inception and s.Expiration may be 0 (rollover etc.), the rest must be set
	if rr.KeyTag == 0 || len(rr.SignerName) == 0 || rr.Algorithm == 0 {
		return ErrKey
	}

	rr.Hdr.Rrtype = TypeRRSIG
	rr.Hdr.Name = rrset[0].Header().Name
	rr.Hdr.Class = rrset[0].Header().Class
	if rr.OrigTtl == 0 { // If set don't override
		rr.OrigTtl = rrset[0].Header().Ttl
	}
	rr.TypeCovered = rrset[0].Header().Rrtype
	rr.Labels = uint8(CountLabel(rrset[0].Header().Name))

	if strings.HasPrefix(rrset[0].Header().Name, "*") {
		rr.Labels-- // wildcard, remove from label count
	}

	sigwire := new(rrsigWireFmt)
	sigwire.TypeCovered = rr.TypeCovered
	sigwire.Algorithm = rr.Algorithm
	sigwire.Labels = rr.Labels
	sigwire.OrigTtl = rr.OrigTtl
	sigwire.Expiration = rr.Expiration
	sigwire.Inception = rr.Inception
	sigwire.KeyTag = rr.KeyTag
	// For signing, lowercase this name
	sigwire.SignerName = strings.ToLower(rr.SignerName)

	// Create the desired binary blob
	signdata := make([]byte, DefaultMsgSize)
	n, err := PackStruct(sigwire, signdata, 0)
	if err != nil {
		return err
	}
	signdata = signdata[:n]
	wire, err := rawSignatureData(rrset, rr)
	if err != nil {
		return err
	}
	signdata = append(signdata, wire...)

	var sighash []byte
	var h hash.Hash
	var ch crypto.Hash // Only need for RSA
	var intlen int
	switch rr.Algorithm {
	case DSA, DSANSEC3SHA1:
		// Implicit in the ParameterSizes
	case RSASHA1, RSASHA1NSEC3SHA1:
		h = sha1.New()
		ch = crypto.SHA1
	case RSASHA256, ECDSAP256SHA256:
		h = sha256.New()
		ch = crypto.SHA256
		intlen = 32
	case ECDSAP384SHA384:
		h = sha512.New384()
		intlen = 48
	case RSASHA512:
		h = sha512.New()
		ch = crypto.SHA512
	case RSAMD5:
		fallthrough // Deprecated in RFC 6725
	default:
		return ErrAlg
	}
	io.WriteString(h, string(signdata))
	sighash = h.Sum(nil)

	switch p := k.(type) {
	case *dsa.PrivateKey:
		r1, s1, err := dsa.Sign(rand.Reader, p, sighash)
		if err != nil {
			return err
		}
		signature := []byte{0x4D} // T value, here the ASCII M for Miek (not used in DNSSEC)
		signature = append(signature, intToBytes(r1, 20)...)
		signature = append(signature, intToBytes(s1, 20)...)
		rr.Signature = toBase64(signature)
	case *rsa.PrivateKey:
		// We can use nil as rand.Reader here (says AGL)
		signature, err := rsa.SignPKCS1v15(nil, p, ch, sighash)
		if err != nil {
			return err
		}
		rr.Signature = toBase64(signature)
	case *ecdsa.PrivateKey:
		r1, s1, err := ecdsa.Sign(rand.Reader, p, sighash)
//.........这里部分代码省略.........
开发者ID:Clarifai,项目名称:kubernetes,代码行数:101,代码来源:dnssec.go


示例20: Sign

// Sign signs an RRSet. The signature needs to be filled in with
// the values: Inception, Expiration, KeyTag, SignerName and Algorithm.
// The rest is copied from the RRset. Sign returns true when the signing went OK,
// otherwise false.
// The signature data in the RRSIG is filled by this method.
// There is no check if RRSet is a proper (RFC 2181) RRSet.
func (s *RR_RRSIG) Sign(k PrivateKey, rrset []RR) error {
	if k == nil {
		return ErrPrivKey
	}
	// s.Inception and s.Expiration may be 0 (rollover etc.), the rest must be set
	if s.KeyTag == 0 || len(s.SignerName) == 0 || s.Algorithm == 0 {
		return ErrKey
	}

	s.Hdr.Rrtype = TypeRRSIG
	s.Hdr.Name = rrset[0].Header().Name
	s.Hdr.Class = rrset[0].Header().Class
	s.OrigTtl = rrset[0].Header().Ttl
	s.TypeCovered = rrset[0].Header().Rrtype
	s.TypeCovered = rrset[0].Header().Rrtype
	s.Labels, _, _ = IsDomainName(rrset[0].Header().Name)

	if strings.HasPrefix(rrset[0].Header().Name, "*") {
		s.Labels-- // wildcard, remove from label count
	}

	sigwire := new(rrsigWireFmt)
	sigwire.TypeCovered = s.TypeCovered
	sigwire.Algorithm = s.Algorithm
	sigwire.Labels = s.Labels
	sigwire.OrigTtl = s.OrigTtl
	sigwire.Expiration = s.Expiration
	sigwire.Inception = s.Inception
	sigwire.KeyTag = s.KeyTag
	// For signing, lowercase this name
	sigwire.SignerName = strings.ToLower(s.SignerName)

	// Create the desired binary blob
	signdata := make([]byte, DefaultMsgSize)
	n, ok := PackStruct(sigwire, signdata, 0)
	if !ok {
		return ErrPack
	}
	signdata = signdata[:n]
	wire := rawSignatureData(rrset, s)
	if wire == nil {
		return ErrSigGen
	}
	signdata = append(signdata, wire...)

	var sighash []byte
	var h hash.Hash
	var ch crypto.Hash // Only need for RSA
	switch s.Algorithm {
	case DSA, DSANSEC3SHA1:
		// Implicit in the ParameterSizes
	case RSAMD5:
		h = md5.New()
		ch = crypto.MD5
	case RSASHA1, RSASHA1NSEC3SHA1:
		h = sha1.New()
		ch = crypto.SHA1
	case RSASHA256, ECDSAP256SHA256:
		h = sha256.New()
		ch = crypto.SHA256
	case ECDSAP384SHA384:
		h = sha512.New384()
	case RSASHA512:
		h = sha512.New()
		ch = crypto.SHA512
	default:
		return ErrAlg
	}
	io.WriteString(h, string(signdata))
	sighash = h.Sum(nil)

	switch p := k.(type) {
	case *dsa.PrivateKey:
		r1, s1, err := dsa.Sign(rand.Reader, p, sighash)
		if err != nil {
			return err
		}
		signature := []byte{0x4D} // T value, here the ASCII M for Miek (not used in DNSSEC)
		signature = append(signature, r1.Bytes()...)
		signature = append(signature, s1.Bytes()...)
		s.Signature = unpackBase64(signature)
	case *rsa.PrivateKey:
		signature, err := rsa.SignPKCS1v15(rand.Reader, p, ch, sighash)
		if err != nil {
			return err
		}
		s.Signature = unpackBase64(signature)
	case *ecdsa.PrivateKey:
		r1, s1, err := ecdsa.Sign(rand.Reader, p, sighash)
		if err != nil {
			return err
		}
		signature := r1.Bytes()
		signature = append(signature, s1.Bytes()...)
//.........这里部分代码省略.........
开发者ID:wallrat,项目名称:dns,代码行数:101,代码来源:dnssec.go



注:本文中的crypto/dsa.Sign函数示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Golang dsa.Verify函数代码示例发布时间:2022-05-24
下一篇:
Golang dsa.GenerateParameters函数代码示例发布时间:2022-05-24
热门推荐
热门话题
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap