ca登录认证公钥校验

2023-08-23 17:21:50 +08:00
parent d40bdc39f2
commit efd3ff69a1
1 changed files with 34 additions and 0 deletions
--- a/core/utils/cakey.go
+++ b/core/utils/cakey.go
@@ -0,0 +1,34 @@
+package utils
+
+import (
+	"crypto"
+	"crypto/rsa"
+	"crypto/sha256"
+	"crypto/x509"
+	"encoding/pem"
+	"fmt"
+)
+
+// 解析PKCS1公钥
+// https://uutool.cn/rsa-generate/
+func ParsePKCS1PublicKey(publicKeyPEM string) (*rsa.PublicKey, error) {
+	block, _ := pem.Decode([]byte(publicKeyPEM))
+	if block == nil {
+		return nil, fmt.Errorf("无效的公钥 -----BEGIN RSA PUBLIC KEY----- 编码")
+	}
+
+	pubKey, err := x509.ParsePKCS1PublicKey(block.Bytes)
+	if err != nil {
+		return nil, err
+	}
+
+	return pubKey, nil
+}
+
+// 验证签名
+func VerifySignature(publicKey *rsa.PublicKey, data, signature []byte) bool {
+	hashed := sha256.Sum256(data)
+	err := rsa.VerifyPKCS1v15(publicKey, crypto.SHA256, hashed[:], signature)
+
+	return err == nil
+}