doufocheng6233 2018-02-11 10:04
浏览 342
已采纳

Golang使用rsa签署结构

I have a struct Transaction with the following fields, 

type Transaction struct {
    Sender    string `json:"sender"`
    Receiver  string `json:"receiver"`
    Signature string `json:"signature"`
    Amount    int64  `json:"amount"`
}

I also have a function GetPrivateKey() which returns a *rsa.PrivateKey

func GetPrivateKey() (*rsa.PrivateKey, error) {
    key, err := ioutil.ReadFile("/Users/xxx/.ssh/id_rsa")
    if err != nil {
        return nil, err
    }

    block, _ := pem.Decode(key)
    der, err := x509.ParsePKCS1PrivateKey(block.Bytes)
    if err != nil {
       return nil, err
    }
    return der, err
 }

My plan here is to sign the contents of the struct transaction using a private key already in the system and then store it as a string in the field signature in the struct, For this, I have a function SignPayload()

func SignPayload(txnObj *Transaction) error {
    privateKey, err := GetPrivateKey()
    if err != nil {
        panic(err)
    }
    bodyHash, err := rsa.SignPKCS1v15(rand.Reader, privateKey, 
                     crypto.SHA256, []byte(fmt.Sprintf("%v", *txnObj)))
    if err != nil {
        panic(err)
    }
    txnObj.Signature = string(bodyHash)
    log.Println(txnObj.Signature)
    return err
}

Unfortunately, this is not working,rsa.SignPKCS1v15() throws an error saying:

crypto/rsa: input must be hashed message

The end goal here is to use this signature to verify the authenticity of the struct by comparing it with the public key present in the field sender. I'm an absolute newbie in cryptography, What am I doing wrong here? and more importantly, How can I do this?

Thanks in advance!

  • 写回答

1条回答 默认 最新

  • ds211107 2018-02-11 10:16
    关注

    Two things here:

    • only small messages can be signed, which is why it's usually a hash. rsa.SignPKCS1v15 expects a message length matching the hash algorithm's output (256 bits, or 32 bytes for sha-256)
    • don't use the %v representation of your struct, serialize it instead

    The first is spelled out in the rsa docs. Given a message, you can sign it using the following:

    message := []byte("message to be signed")
hashed := sha256.Sum256(message)

signature, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, hashed[:])
if err != nil {
    panic(err)}
}

    The second point is more about making your code more robust. You don't want a change in %v logic or addition of non-exported fields to cause issues. You may also want to check the signature from a language other than Go.

    Thus, you should first marshal your struct. You already have json tags on it, so it's fairly easy:

    message, err := json.Marshal(txnObj)
if err != nil {
    panic(err)
}

    Message is the byte slice passed to sha256.Sum256 above.

    When verifying the signature, you'll need to make sure to zero out the Signature field of your struct, marshal it, hash it, and call rsa.VerifyPKCS1v15.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

  • 如何使用Go Golang签署文件
    2018-10-03 19:31
    回答 1 已采纳 To satisfy the requirements I needed to accomplish with Go & OpenSSL, it's as straight forward as
  • 如何在Golang使用rsa密钥对进行AES加密和解密
    2017-04-18 03:45
    回答 1 已采纳 As suggested in comments, i searched "hybrid cryptography" . And this example has solved my proble
  • golang rsa解密没有填充?
    2016-11-29 15:55
    回答 2 已采纳 Decrypting a ciphertext block using rsa with no padding is a single modulo exponent operation. c
  • grpc的使用
    2022-10-08 11:53
    HashFlag的博客 1. 需要保证电脑中安装了:[protobuf安装教程]...3. 基本使用demo地址:[demo](https://gitee.com/wylshkjj/grpc-demo) 4. 安全传输、流式传输的demo地址:[demo2](https://g
  • golang使用嵌套结构
    2014-09-05 09:51
    回答 1 已采纳 The following should achieve what you want: lab := class{[]person{s, t}} Test it here. Bef
  • Golang RSA加密,错误为“无法解析公钥”
    2018-07-24 04:10
    回答 1 已采纳 You need to use x509.ParsePKIXPublicKey, check the error returned by the Parse... function, and pe
  • Ruby RSA公钥加密到Golang ruby
    2017-12-26 17:19
    回答 1 已采纳 I am no knowledgeable about golang, however I may know something about RSA. The difference seems
  • golang:gRPC 证书认证
    2020-07-06 14:59
    Karl_zhujt的博客 《GO语言高级编程》设计中案例,仅作为笔记进行收藏。...客户端在链接服务器中通过 grpc.WithInsecure() 选项...1.结构目录 2.为服务器和客户端分别生成私钥和证书,存放在 tls-config/ 目录下,命令如下: // Makefi
  • 如何在Go和Android之间使用RSA android
    2019-01-22 10:44
    回答 1 已采纳 I have tested it and it worked. in Go i use this fnction: func rusdec(encryptedString string , p
  • 使用变量访问golang结构字段
    2018-03-21 23:13
    回答 1 已采纳 One of the main points when using structs is that the way how to access the fields is known at com
  • 验证Java中在golang中生成的rsa.SignPKCS1v15签名 android java
    2015-04-02 21:25
    回答 2 已采纳 In Java you don't need to hash the message before signing or verifying it. That means that the byt
  • golang x509包 数字证书相关介绍
    2019-08-02 16:34
    whatday的博客 在go语言提供的系统包中包含了大量和数字证书有关的方法。在这些方法中就有私钥生成的方法、私钥解析的方法、证书请求生成的方法、证书生成的方法等等。...在go的x509包下有go定义的证书的结构,该结构如下:...
  • 数字证书和golang的研究
    2017-01-12 00:20
    hsulei的博客 数字证书和golang的研究 在go语言提供的系统包中包含了大量和数字证书有关的方法。在这些方法中就有私钥生成的方法、私钥解析的方法、证书请求生成的方法、证书生成的方法等等。通过这些方法应该能够实现和openssl...
  • go-zero 基础 -- 进阶指南
    2023-03-22 17:48
    chinusyan的博客 可以使用秘钥(使用HMAC算法)或使用RSA或ECDSA的公钥/私钥对对JWT进行签名。 5.1 什么时候应该使用JWT 授权:这是使用JWT的最常见方案。一旦用户登录,每个后续请求将包括JWT,从而允许用户访问该令牌允许的路由,...
  • gRPC框架
    2024-06-09 11:04
    江小年的博客 强类型 流式处理 安装gRPC go get google.golang.org/grpc go get google.golang.org/protobuf 安装protor,etcd,etcdkeeper protor是可用于通信协议、数据存储等领域的语言无关、平台无关、可扩展的序列化结构数据...
  • 没有解决我的问题, 去提问

悬赏问题

  • ¥15 做个有关计算的小程序
  • ¥15 MPI读取tif文件无法正常给各进程分配路径
  • ¥15 如何用MATLAB实现以下三个公式(有相互嵌套)
  • ¥30 关于#算法#的问题:运用EViews第九版本进行一系列计量经济学的时间数列数据回归分析预测问题 求各位帮我解答一下
  • ¥15 setInterval 页面闪烁,怎么解决
  • ¥15 如何让企业微信机器人实现消息汇总整合
  • ¥50 关于#ui#的问题:做yolov8的ui界面出现的问题
  • ¥15 如何用Python爬取各高校教师公开的教育和工作经历
  • ¥15 TLE9879QXA40 电机驱动
  • ¥20 对于工程问题的非线性数学模型进行线性化