doufocheng6233 2018-02-11 10:04
浏览 342
已采纳

Golang使用rsa签署结构

I have a struct Transaction with the following fields, 

type Transaction struct {
    Sender    string `json:"sender"`
    Receiver  string `json:"receiver"`
    Signature string `json:"signature"`
    Amount    int64  `json:"amount"`
}

I also have a function GetPrivateKey() which returns a *rsa.PrivateKey

func GetPrivateKey() (*rsa.PrivateKey, error) {
    key, err := ioutil.ReadFile("/Users/xxx/.ssh/id_rsa")
    if err != nil {
        return nil, err
    }

    block, _ := pem.Decode(key)
    der, err := x509.ParsePKCS1PrivateKey(block.Bytes)
    if err != nil {
       return nil, err
    }
    return der, err
 }

My plan here is to sign the contents of the struct transaction using a private key already in the system and then store it as a string in the field signature in the struct, For this, I have a function SignPayload()

func SignPayload(txnObj *Transaction) error {
    privateKey, err := GetPrivateKey()
    if err != nil {
        panic(err)
    }
    bodyHash, err := rsa.SignPKCS1v15(rand.Reader, privateKey, 
                     crypto.SHA256, []byte(fmt.Sprintf("%v", *txnObj)))
    if err != nil {
        panic(err)
    }
    txnObj.Signature = string(bodyHash)
    log.Println(txnObj.Signature)
    return err
}

Unfortunately, this is not working,rsa.SignPKCS1v15() throws an error saying:

crypto/rsa: input must be hashed message

The end goal here is to use this signature to verify the authenticity of the struct by comparing it with the public key present in the field sender. I'm an absolute newbie in cryptography, What am I doing wrong here? and more importantly, How can I do this?

Thanks in advance!

  • 写回答

1条回答 默认 最新

  • ds211107 2018-02-11 10:16
    关注

    Two things here:

    • only small messages can be signed, which is why it's usually a hash. rsa.SignPKCS1v15 expects a message length matching the hash algorithm's output (256 bits, or 32 bytes for sha-256)
    • don't use the %v representation of your struct, serialize it instead

    The first is spelled out in the rsa docs. Given a message, you can sign it using the following:

    message := []byte("message to be signed")
hashed := sha256.Sum256(message)

signature, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, hashed[:])
if err != nil {
    panic(err)}
}

    The second point is more about making your code more robust. You don't want a change in %v logic or addition of non-exported fields to cause issues. You may also want to check the signature from a language other than Go.

    Thus, you should first marshal your struct. You already have json tags on it, so it's fairly easy:

    message, err := json.Marshal(txnObj)
if err != nil {
    panic(err)
}

    Message is the byte slice passed to sha256.Sum256 above.

    When verifying the signature, you'll need to make sure to zero out the Signature field of your struct, marshal it, hash it, and call rsa.VerifyPKCS1v15.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

  • Golang使用rsa签署结构
    2018-02-11 10:04
    回答 1 已采纳 Two things here: only small messages can be signed, which is why it's usually a hash. rsa.SignPK
  • 如何使用Go Golang签署文件
    2018-10-03 19:31
    回答 1 已采纳 To satisfy the requirements I needed to accomplish with Go & OpenSSL, it's as straight forward as
  • golang rsa解密没有填充?
    2016-11-29 15:55
    回答 2 已采纳 Decrypting a ciphertext block using rsa with no padding is a single modulo exponent operation. c
  • grpc的使用
    2022-10-08 11:53
    HashFlag的博客 1. 需要保证电脑中安装了:[protobuf安装教程]...3. 基本使用demo地址:[demo](https://gitee.com/wylshkjj/grpc-demo) 4. 安全传输、流式传输的demo地址:[demo2](https://g
  • 如何在Golang使用rsa密钥对进行AES加密和解密
    2017-04-18 03:45
    回答 1 已采纳 As suggested in comments, i searched "hybrid cryptography" . And this example has solved my proble
  • golang使用嵌套结构
    2014-09-05 09:51
    回答 1 已采纳 The following should achieve what you want: lab := class{[]person{s, t}} Test it here. Bef
  • Golang RSA加密,错误为“无法解析公钥”
    2018-07-24 04:10
    回答 1 已采纳 You need to use x509.ParsePKIXPublicKey, check the error returned by the Parse... function, and pe
  • golang:gRPC 证书认证
    2020-07-06 14:59
    Karl_zhujt的博客 《GO语言高级编程》设计中案例,仅作为笔记进行收藏。...客户端在链接服务器中通过 grpc.WithInsecure() 选项...1.结构目录 2.为服务器和客户端分别生成私钥和证书,存放在 tls-config/ 目录下,命令如下: // Makefi
  • Ruby RSA公钥加密到Golang ruby
    2017-12-26 17:19
    回答 1 已采纳 I am no knowledgeable about golang, however I may know something about RSA. The difference seems
  • 如何在Go和Android之间使用RSA android
    2019-01-22 10:44
    回答 1 已采纳 I have tested it and it worked. in Go i use this fnction: func rusdec(encryptedString string , p
  • 验证Java中在golang中生成的rsa.SignPKCS1v15签名 android java
    2015-04-02 21:25
    回答 2 已采纳 In Java you don't need to hash the message before signing or verifying it. That means that the byt
  • golang x509包 数字证书相关介绍
    2019-08-02 16:34
    whatday的博客 在go语言提供的系统包中包含了大量和数字证书有关的方法。在这些方法中就有私钥生成的方法、私钥解析的方法、证书请求生成的方法、证书生成的方法等等。...在go的x509包下有go定义的证书的结构,该结构如下:...
  • RSA OAEP,Golang解密,Java加密 java
    2016-06-14 04:16
    回答 1 已采纳 The hash functions in the two programs are not the same. In Java version, SHA-256 is used, but in
  • 数字证书和golang的研究
    2018-08-23 09:54
    秋天的春的博客 数字证书和golang的研究 在go语言提供的系统包中包含了大量和数字证书有关的方法。在这些方法中就有私钥生成的方法、私钥解析的方法、证书请求生成的方法、证书生成的方法等等。通过这些方法应该能够实现和openssl...
  • go-zero 基础 -- 进阶指南
    2023-03-22 17:48
    chinusyan的博客 可以使用秘钥(使用HMAC算法)或使用RSA或ECDSA的公钥/私钥对对JWT进行签名。 5.1 什么时候应该使用JWT 授权:这是使用JWT的最常见方案。一旦用户登录,每个后续请求将包括JWT,从而允许用户访问该令牌允许的路由,...
  • 没有解决我的问题, 去提问

悬赏问题

  • ¥15 虚幻5 UE美术毛发渲染
  • ¥15 CVRP 图论 物流运输优化
  • ¥15 Tableau online 嵌入ppt失败
  • ¥100 支付宝网页转账系统不识别账号
  • ¥15 基于单片机的靶位控制系统
  • ¥15 真我手机蓝牙传输进度消息被关闭了,怎么打开?(关键词-消息通知)
  • ¥15 装 pytorch 的时候出了好多问题,遇到这种情况怎么处理?
  • ¥20 IOS游览器某宝手机网页版自动立即购买JavaScript脚本
  • ¥15 手机接入宽带网线,如何释放宽带全部速度
  • ¥30 关于#r语言#的问题:如何对R语言中mfgarch包中构建的garch-midas模型进行样本内长期波动率预测和样本外长期波动率预测