dongtangu8615 2015-08-13 23:17
浏览 63
已采纳

在Go中验证有效负载签名

I am verifying the identity of the sender of a piece of data. I am provided the RSA public key in a PEM format and I know the data is passed through the SHA256 hashing function. The equivalent verification on the node.js platform:

Ticket.prototype.verify = function (ticket) {
    if (!ticket) return null;

    var pubkey = fs.readFileSync('/etc/SCAMP/auth/ticket_verify_public_key.pem');

    var parts = ticket.split(',');

    if (parts[0] != '1') return null;

    var sig = new Buffer(parts.pop().replace(/-/g,'+').replace(/_/g,'/'), 'base64');

    var valid = crypto.createVerify('sha256').update( new Buffer(parts.join(',')) ).verify( pubkey, sig )

Which can verify:

1,3063,21,1438783424,660,1+20+31+32+34+35+36+37+38+39+40+41+42+43+44+46+47+48+50+53+56+59+60+61+62+67+68+69+70+71+75+76+80+81+82+86+87+88+102+104+105+107+109+110+122+124,PcFNyWjoz_iiVMgEe8I3IBfzSlUcqUGtsuN7536PTiBW7KDovIqCaSi_8nZWcj-j1dfbQRA8mftwYUWMhhZ4DD78-BH8MovNVucbmTmf2Wzbx9bsI-dmUADY5Q2ol4qDXG4YQJeyZ6f6F9s_1uxHTH456QcsfNxFWh18ygo5_DVmQQSXCHN7EXM5M-u2DSol9MSROeBolYnHZyE093LgQ2veWQREbrwg5Fcp2VZ6VqIC7yu6f_xYHEvU0-ZsSSRMAMUmhLNhmFM4KDjl8blVgC134z7XfCTDDjCDiynSL6b-D-

by splitting on the last ,. The left side of the split is the ticket data I care about, the right side is the signature which I need to verify before I can use the ticket data.

I have tried to port the logic to go:

func TestSigVerification(t *testing.T) {
    block, _ := pem.Decode(signingPubKey)
    if block == nil {
        t.Errorf("expected to block to be non-nil CERTIFICATE", block)
    }

    key, err := x509.ParsePKIXPublicKey(block.Bytes)
    if err != nil {
        t.Errorf("could not parse PKIXPublicKey: `%s`", key)
    }

    rsaPubKey, ok := key.(*rsa.PublicKey)
    if !ok {
        t.Errorf("couldn't cast to rsa.PublicKey!")
    }

    ticket,_ := ParseTicketBytes(fullTicketBytes)

    h := sha256.New()
    h.Write(ticketBytes)
    digest := h.Sum(nil)

    err = rsa.VerifyPKCS1v15(rsaPubKey, crypto.SHA256, digest, ticket.Signature)
    if err != nil {
        t.Errorf("could not verify ticket: `%s` (digest: `%v`)", err, digest )
    }
}

But I'm pretty sure VerifyPKCS1v15 is not equivalent to node's crypto.createVerify and this test case fails. What should I be using? How can I use the public key to decrypt the signature and get the sha256? once I have the decrypted sha256 value I could just do a basic comparison with the sha256 I have generated.

Here's a runnable playground example: http://play.golang.org/p/COx2OG-AiA

  • 写回答

2条回答 默认 最新

  • dongmi4035 2015-08-17 22:29
    关注

    I tried running your code and it doesn't look like your ticket is well formed. It's not long enough. Where did you get the value from?

    Double check that ticket -- that may just be enough to get you going.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 使用C#,asp.net读取Excel文件并保存到Oracle数据库
  • ¥15 C# datagridview 单元格显示进度及值
  • ¥15 thinkphp6配合social login单点登录问题
  • ¥15 HFSS 中的 H 场图与 MATLAB 中绘制的 B1 场 部分对应不上
  • ¥15 如何在scanpy上做差异基因和通路富集?
  • ¥20 关于#硬件工程#的问题,请各位专家解答!
  • ¥15 关于#matlab#的问题:期望的系统闭环传递函数为G(s)=wn^2/s^2+2¢wn+wn^2阻尼系数¢=0.707,使系统具有较小的超调量
  • ¥15 FLUENT如何实现在堆积颗粒的上表面加载高斯热源
  • ¥30 截图中的mathematics程序转换成matlab
  • ¥15 动力学代码报错,维度不匹配