通过加载pem公钥证书对签名进行验签
package main
import (
"crypto"
"crypto/rsa"
"crypto/sha1"
"crypto/x509"
"encoding/base64"
"encoding/hex"
"encoding/pem"
"fmt"
"strings"
)
func verfiy() {
cer := `-----BEGIN CERTIFICATE-----
MIIENDCCAxygAwIBAgIFE0RwNCMwDQYJKoZIhvcNAQEFBQAwITELMAkGA1UEBhMC
Q04xEjAQBgNVBAoTCUNGQ0EgT0NBMTAeFw0yMTA5MDgwNTUxMDlaFw0yNjA5MDgw
NTUxMDlaMIGfMQswCQYDVQQGEwJjbjESMBAGA1UEChMJQ0ZDQSBPQ0ExMRYwFAYD
VQQLEw1DaGluYUNsZWFyaW5nMRQwEgYDVQQLEwtFbnRlcnByaXNlczFOMEwGA1UE
AwxFMDQxQDg5MTUwMDAwMDM0NTg4OTQxNTlA6ams5LiK5raI6LS56YeR6J6N6IKh
5Lu95pyJ6ZmQ5YWs5Y+4QDAwMDAwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA4Q2h2gCWO0yR1tVHsZJ/iPdgNZ7TlLF559kkrerXv7sYL+iHjy9y
RncFxPXE/hhp7Fnid6PkM4I+kWGANObzykTLuVkLYUZjhU1IKmG1CgO60oPd7Fe9
wzoNDe2/YtRonBtBdLZSXoIq0Hi3ZWnq7Y3Vy5V8S8zfBlq6/p8uYXOIqqjelMV4
OsUAqwWkMFW9V8hKoiR2o70pdAohZkmNPesUNaDGZjiEEDhDiDg00ONePfU1UQ3i
ljZBT7CEE1MyRIi3g1Sbf2Yc2V1JSGxA2bfbn/iS81an58M1Kr3IyH7jazNfsGaY
oS6dFVsLHOVePymwQo4MJeb6QGYYM64eZQIDAQABo4HzMIHwMB8GA1UdIwQYMBaA
FNHb6YiC5d0aj0yqAIy+fPKrG/bZMEgGA1UdIARBMD8wPQYIYIEchu8qAQEwMTAv
BggrBgEFBQcCARYjaHR0cDovL3d3dy5jZmNhLmNvbS5jbi91cy91cy0xNC5odG0w
OAYDVR0fBDEwLzAtoCugKYYnaHR0cDovL2NybC5jZmNhLmNvbS5jbi9SU0EvY3Js
Mjg0NzYuY3JsMAsGA1UdDwQEAwID6DAdBgNVHQ4EFgQUVN7VDIx7YSMQfBt6j8T8
BQUAA4IBAQAlF9NYVrCW9syA4GY4zy8doDyjBe12SdHsUpL4U5FftJkD2Gj+66Kf
V/7sqLlKqNqvkyaQScJ45hKCYjBvPjNhtkxzxgNDPJKk4kW4KiU8OFewB5ab/YmR
0Mmk+hV5eFWHxRdCiGGRIvKHr9mtC/l5U2K5LvwuKypqnVPv28qf4EVVFu2l2bPW
tTvtxIQrPOxnG6IyqrfJZA4EM/+67NTX3+FTSNthyviK0ovcHq39tNErqIZ7ph2q
ss9c2JF/MX/qoUDDDjdKy+0DFX/inPw6wlyp0WNDgipA4bSjh9C/B4Y/vJ5lsnvH
6UoTiUeglvQH3vmyLpDlAF9U4AMise2b
-----END CERTIFICATE-----`
message := "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+CjxSZXF1ZXN0IHZlcnNpb249IjIuMSI+CiAgICA8SGVhZD4KICAgICAgICA8VHhjDwvQnJhbmNoTmFtZT4KICAgICAgICA8Tm90aWNlVVJMPmh0dHA6Ly9zcGF5Z3cubXN4Zi5jb20vb3V0dGVyL2NwY25feXFmL3NpZ25Bc3lOb3RpZnkvMDA3MjE1PC9Ob3RpY2VVUkw+CiAgICA8L0JvZHk+CjwvUmVxdWVzdD4="
signature := "cafa78c2ecb8bca795330647fbd3eb198eb6c452700eee781474a989ab85668ca2e5c3167a6eda6cd66070c887b71c2681e7c1db5e25064be56a17361df23b3d53f6b666fc37d5a2ff3b581197630fdda2a431fcd9faff8a1156b6de455cf360fefdbf519a19b960ceb22f0d28e088df67cee2dc0d04e413b73bde55ac96944120c36a66ffa1b9fafb331db457418b5e67b8aa2d4c57fadc0f4a1674fc6ff8fac6933f750e591aed68332014fdb497bec1fd8ff9b35f15f8e9548"
cerDecode, _ := pem.Decode([]byte(cer))
x509Cer, _ := x509.ParseCertificate(cerDecode.Bytes)
publicKey := x509Cer.PublicKey.(*rsa.PublicKey)
sign, _ := hex.DecodeString(signature)
m, _ := base64.StdEncoding.DecodeString(message)
fmt.Println(string(m))
hash := sha1.New()
hash.Write(m)
err := rsa.VerifyPKCS1v15(publicKey, crypto.SHA1, hash.Sum(nil), sign)
fmt.Println(err)
}
|