-
Notifications
You must be signed in to change notification settings - Fork 25
/
rsa_pss_sign.go
68 lines (50 loc) · 1.53 KB
/
rsa_pss_sign.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
package rsa
import (
"errors"
"crypto/rand"
"crypto/rsa"
"github.com/deatil/go-cryptobin/tool"
)
// 私钥签名
// 常用为: PS256[SHA256] | PS384[SHA384] | PS512[SHA512]
func (this Rsa) PSSSign(opts ...rsa.PSSOptions) Rsa {
if this.privateKey == nil {
err := errors.New("Rsa: [PSSSign()] privateKey error.")
return this.AppendError(err)
}
newHash := tool.NewHash()
hash := newHash.GetCryptoHash(this.signHash)
hashed := newHash.DataCryptoHash(this.signHash, this.data)
options := rsa.PSSOptions{
SaltLength: rsa.PSSSaltLengthEqualsHash,
}
if len(opts) > 0 {
options = opts[0]
}
paredData, err := rsa.SignPSS(rand.Reader, this.privateKey, hash, hashed, &options)
this.paredData = paredData
return this.AppendError(err)
}
// 公钥验证
// 使用原始数据[data]对比签名后数据
func (this Rsa) PSSVerify(data []byte, opts ...rsa.PSSOptions) Rsa {
if this.publicKey == nil {
err := errors.New("Rsa: [PSSVerify()] publicKey error.")
return this.AppendError(err)
}
newHash := tool.NewHash()
hash := newHash.GetCryptoHash(this.signHash)
hashed := newHash.DataCryptoHash(this.signHash, data)
options := rsa.PSSOptions{
SaltLength: rsa.PSSSaltLengthAuto,
}
if len(opts) > 0 {
options = opts[0]
}
err := rsa.VerifyPSS(this.publicKey, hash, hashed, this.data, &options)
if err != nil {
return this.AppendError(err)
}
this.verify = true
return this
}