Home > Article > Backend Development > How to sign in golang
How to sign in golang
- PHPzOriginal
- 2023-04-14 14:34:351606browse
With the continuous development of Internet technology, Go language, as a new programming language, has been welcomed by more and more developers. As a strongly typed language, Go language can provide more efficient, safe and stable support in development, and has been widely used. In the Go language, the signature mechanism is also one of the very important functions. Next, let's take a look at how to implement signatures in Go language.
First of all, we need to understand some concepts of signature.
The so-called signature is to encrypt the data and add some special marks to the data so that third parties cannot forge the data and tamper with the data. Digital signature is one of the forms of signature methods. Its core principle is to use asymmetric encryption technology, that is, a key pair composed of a private key and a public key for signature and verification.
In the Go language, we can use the functions provided in the crypto package to implement the digital signature function. The specific implementation steps are as follows:
- Generate key pair
We can use RSA to generate a key pair. The code is as follows:
package main
import (
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/pem"
"os"
)
func GenerateRsaKey() error {
// 生成私钥
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
return err
}
derPrivateKey := x509.MarshalPKCS1PrivateKey(privateKey)
privateKeyBlock := &pem.Block{
Type: "RSA PRIVATE KEY",
Bytes: derPrivateKey,
}
// 将私钥写入文件中
privateKeyFile, err := os.Create("private.pem")
if err != nil {
return err
}
defer privateKeyFile.Close()
pem.Encode(privateKeyFile, privateKeyBlock)
// 生成公钥
publicKey := privateKey.PublicKey
derPublicKey, err := x509.MarshalPKIXPublicKey(&publicKey)
if err != nil {
return err
}
publicKeyBlock := &pem.Block{
Type: "PUBLIC KEY",
Bytes: derPublicKey,
}
// 将公钥写入文件中
publicKeyFile, err := os.Create("public.pem")
if err != nil {
return err
}
defer publicKeyFile.Close()
pem.Encode(publicKeyFile, publicKeyBlock)
return nil
}
This function will generate a 2048-bit key pair and write the private key and public key into the private.pem and public.pem files respectively.
- Sign the data
We can use the RSA private key to sign the data. The signature function code is as follows:
package main
import (
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha256"
"encoding/hex"
)
func Sign(data []byte, privateKey *rsa.PrivateKey) (string, error) {
h := sha256.New()
h.Write(data)
hash := h.Sum(nil)
signature, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, hash)
if err != nil {
return "", err
}
return hex.EncodeToString(signature), nil
}
This function receives a byte array and private key as parameters, and returns the signed string.
- Verify signature
We can use the RSA public key to verify the signature. The verification function code is as follows:
package main
import (
"crypto"
"crypto/rsa"
"crypto/sha256"
"encoding/hex"
)
func Verify(signature string, data []byte, publicKey *rsa.PublicKey) bool {
h := sha256.New()
h.Write(data)
hash := h.Sum(nil)
decodedSignature, err := hex.DecodeString(signature)
if err != nil {
return false
}
err = rsa.VerifyPKCS1v15(publicKey, crypto.SHA256, hash, decodedSignature)
if err != nil {
return false
}
return true
}
This function receives the signature string, original data byte array and public key as parameters, and returns the signature verification result.
The above is some basic knowledge and operation code on how to implement digital signatures in Go language. In practical applications, the digital signature mechanism can effectively protect the security and reliability of data, improve the stability and credibility of application systems, and play a very important role in protecting user privacy and ensuring data integrity.
The above is the detailed content of How to sign in golang. For more information, please follow other related articles on the PHP Chinese website!