为什么我使用openssl和golang生成的RSA签名不同?

时间:2016-05-13 06:01:53

标签: go openssl rsa sign

我使用openssl命令对消息进行签名"测试。",使用hexdump输出

# echo "Test." | openssl rsautl -inkey privite.key -sign -hexdump
0000 - 09 1b ce e2 4b 69 86 be-d7 b1 fb f0 ec e4 53 0e   ....Ki........S.
0010 - ef 9c a4 7b db d3 21 d5-3e 78 23 61 89 34 7e bc   ...{..!.>x#a.4~.
0020 - e9 1e 5a e9 f4 40 e6 53-07 e4 dd 1a fe 31 ec 42   ..Z..@.S.....1.B
0030 - 98 a5 07 d4 7e d9 f4 01-2f ba a3 65 18 b7 69 a4   ....~.../..e..i. 

十六进制字符串是091bcee24b69 ...

我的私人钥匙

# cat private.Key
-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBALKZD0nEffqM1ACuak0bijtqE2QrI/KLADv7l3kK3ppMyCuLKoF0
fd7Ai2KW5ToIwzFofvJcS/STa6HA5gQenRUCAwEAAQJBAIq9amn00aS0h/CrjXqu
/ThglAXJmZhOMPVn4eiu7/ROixi9sex436MaVeMqSNf7Ex9a8fRNfWss7Sqd9eWu
RTUCIQDasvGASLqmjeffBNLTXV2A5g4t+kLVCpsEIZAycV5GswIhANEPLmax0ME/
EO+ZJ79TJKN5yiGBRsv5yvx5UiHxajEXAiAhAol5N4EUyq6I9w1rYdhPMGpLfk7A
IU2snfRJ6Nq2CQIgFrPsWRCkV+gOYcajD17rEqmuLrdIRexpg8N1DOSXoJ8CIGlS
tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V
-----END RSA PRIVATE KEY-----

使用Golang生成签名

var prvKeyPem = `-----BEGIN RSA PRIVATE KEY-----
MIIBOgIBAAJBALKZD0nEffqM1ACuak0bijtqE2QrI/KLADv7l3kK3ppMyCuLKoF0
fd7Ai2KW5ToIwzFofvJcS/STa6HA5gQenRUCAwEAAQJBAIq9amn00aS0h/CrjXqu
/ThglAXJmZhOMPVn4eiu7/ROixi9sex436MaVeMqSNf7Ex9a8fRNfWss7Sqd9eWu
RTUCIQDasvGASLqmjeffBNLTXV2A5g4t+kLVCpsEIZAycV5GswIhANEPLmax0ME/
EO+ZJ79TJKN5yiGBRsv5yvx5UiHxajEXAiAhAol5N4EUyq6I9w1rYdhPMGpLfk7A
IU2snfRJ6Nq2CQIgFrPsWRCkV+gOYcajD17rEqmuLrdIRexpg8N1DOSXoJ8CIGlS
tAboUGBxTDq3ZroNism3DaMIbKPyYrAqhKov1h5V
-----END RSA PRIVATE KEY-----`

func GenerateSignature() {
    block, _ := pem.Decode([]byte(prvKeyPem))
    if block == nil {
        panic("failed to parse root certificate PEM")
    }
    privKey, err := x509.ParsePKCS1PrivateKey(block.Bytes) //x509.ParseCertificate(block.Bytes)
    if err != nil {
        panic("failed to parse certificate: " + err.Error())
    }
    indata := "Test."
    h := sha256.New()
    h.Write([]byte(indata))
    digest := h.Sum(nil)

    s, err := rsa.SignPKCS1v15(rand.Reader, privKey, crypto.SHA256, digest)
    if err != nil {
        panic("failed to sign:" + err.Error())
    }
    fmt.Printf("%x\n", s)
}

func main() {
    GenerateSignature()
}

运行此代码,输出如下: 52e1cce3810c1a89693cf6965d1035618820a9e3a7b95203d885c4153dc3f7424b98e3ba628a186f1074d672bb59a1c0788a9c2064951ca2326eb1bf8e3e49e9

但我认为应该是:

091bcee24b69 ...

我的错在哪里?感谢

3 个答案:

答案 0 :(得分:7)

除了helmbert’s answer中描述的echo添加的换行符之外,OpenSSL rsautl命令直接对提供的数据进行操作,而Go代码首先使用SHA256对数据进行哈希处理,然后签署最终的摘要。

要使用OpenSSL执行与Go代码相同的操作,您可以将dgst command-sign选项一起使用(请注意我已将-n选项包含在echo中在这里):

$ echo -n "Test." | openssl dgst -sha256 -sign private.key -hex
52e1cce3810c1a89693cf6965d1035618820a9e3a7b95203d885c4153dc3f7424b98e3ba628a186f1074d672bb59a1c0788a9c2064951ca2326eb1bf8e3e49e9

要转到其他方式并在Go代码中不使用散列对原始邮件进行签名,您可以将0作为hash参数的值传递给rsa.SignPKCS1v15

indata := []byte("Test.")

s, err := rsa.SignPKCS1v15(nil, privKey, 0, indata)

答案 1 :(得分:3)

echo命令打印一个带有尾随换行符的字符串(\n0a):

> echo 'Test.' | hexdump -C
00000000  54 65 73 74 2e 0a                                 |Test..|
00000006

因此,在您的情况下,您第一次签署Test.\n,并在Go计划中第二次签署Test.。使用echo' -n开关来抑制尾随换行:

> echo -n 'Test.' | hexdump -C
00000000  54 65 73 74 2e                                    |Test.|
00000005

答案 2 :(得分:0)

这是一个非常有用的链接。

// Sign secret with rsa with PKCS 1.5 as the padding algorithm
// The result should be exactly same as "openssl rsautl -sign -inkey "YOUR_RSA_PRIVATE_KEY" -in "YOUR_PLAIN_TEXT""
signer, err := rsa.SignPKCS1v15(rand.Reader, rsaPrivateKey.(*rsa.PrivateKey), crypto.Hash(0), []byte(message))

https://github.com/bitmartexchange/bitmart-go-api/blob/master/bm_client.go