xxxxxxxxxx
func SnapAsymmetricSignature() {
salt := rand.Reader
headers := AsymmetricSignatureSnap{}
headers.ClientKey = clientId
headers.TimeStamp = timestamp
generatePrivateKey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
panic(fmt.Errorf("GenerateKey :%s", err.Error()))
}
parsePrivateKey, err := x509.ParsePKCS1PrivateKey(x509.MarshalPKCS1PrivateKey(generatePrivateKey))
if err != nil {
panic(fmt.Errorf("ParsePKCS1PrivateKey: %s", err.Error()))
}
cipherText := []byte(headers.ClientKey + ":" + headers.TimeStamp)
cipherTextHash256 := sha256.New()
cipherTextHash256.Write(cipherText)
cipherTextHash := cipherTextHash256.Sum(nil)
secretKey := []byte(privateKey)
secretKeyHash256 := sha256.New()
secretKeyHash256.Write(secretKey)
secretKeyHash := secretKeyHash256.Sum(nil)
err = rsa.DecryptPKCS1v15SessionKey(salt, parsePrivateKey, nil, secretKeyHash)
if err != nil {
panic(fmt.Errorf("DecryptPKCS1v15SessionKey: %s", err.Error()))
}
signPKCS1v15, err := rsa.SignPKCS1v15(salt, parsePrivateKey, crypto.SHA256, cipherTextHash)
if err != nil {
panic(fmt.Errorf("SignPKCS1v15: %s", err.Error()))
}
if err := rsa.VerifyPKCS1v15(&parsePrivateKey.PublicKey, crypto.SHA256, cipherTextHash, signPKCS1v15); err != nil {
panic(fmt.Errorf("VerifyPKCS1v15: %s", err.Error()))
}
fmt.Println("SnapAsymmetricSignature:", base64.StdEncoding.EncodeToString(signPKCS1v15))
}
xxxxxxxxxx
type AsymmetricSignatureSnap struct {
TimeStamp string `json:"timeStamp"`
ClientKey string `json:"clientKey"`
}
func SnapAsymmetricSignature() {
salt := rand.Reader
headers := AsymmetricSignatureSnap{}
headers.ClientKey = "82150823919040624621823174737537"
headers.TimeStamp = time.Now().Add(time.Duration(time.Second * 15)).Format(time.RFC3339)
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
panic(fmt.Errorf("GenerateKey :%s", err.Error()))
}
cipherText := []byte(headers.ClientKey + ":" + headers.TimeStamp)
secretKey := []byte("abcdefghijklmnopqrstuvwxyz")
sha256 := sha256.New()
sha256.Write(secretKey)
sha256Key := sha256.Sum(nil)
err = rsa.DecryptPKCS1v15SessionKey(salt, privateKey, cipherText, sha256Key)
if err != nil {
panic(fmt.Errorf("DecryptPKCS1v15SessionKey: %s", err.Error()))
}
privateKeySign, err := rsa.SignPSS(salt, privateKey, crypto.SHA256, sha256Key, nil)
if err != nil {
panic(fmt.Errorf("SignPSS: %s", err.Error()))
}
err = rsa.VerifyPSS(&privateKey.PublicKey, crypto.SHA256, sha256Key, privateKeySign, nil)
if err != nil {
panic(fmt.Errorf("VerifyPSS: %s", err.Error()))
}
x509Config := x509.Certificate{}
x509Config.SerialNumber = big.NewInt(2096)
x509Config.PublicKeyAlgorithm = x509.PublicKeyAlgorithm(x509.PEMCipherAES256)
x509Config.SignatureAlgorithm = x509.SignatureAlgorithm(x509.SHA256WithRSA)
x509Res, err := x509.CreateCertificate(salt, &x509Config, &x509Config, privateKey.Public(), privateKey)
if err != nil {
panic(fmt.Errorf("CreateCertificate: %s", err.Error()))
}
fmt.Println(hex.EncodeToString(x509Res))
}
xxxxxxxxxx
type AsymmetricSignatureSnap struct {
TimeStamp string `json:"timeStamp"`
ClientKey string `json:"clientKey"`
}
func SnapAsymmetricSignature() {
salt := rand.Reader
headers := AsymmetricSignatureSnap{}
headers.ClientKey = mandiriClientKey
headers.TimeStamp = time.Now().Add(time.Duration(time.Second * 10)).Format(time.RFC3339)
privateKey, err := rsa.GenerateKey(rand.Reader, 2048)
if err != nil {
panic(fmt.Errorf("GenerateKey :%s", err.Error()))
}
cipherText := []byte(headers.ClientKey + ":" + headers.TimeStamp)
cipherTextHash256 := sha256.New()
cipherTextHash256.Write(cipherText)
cipherTextHash := cipherTextHash256.Sum(nil)
secretKey := []byte(mandriPrivateKey)
secretKeyHash256 := sha256.New()
secretKeyHash256.Write(secretKey)
secretKeyHash := secretKeyHash256.Sum(nil)
err = rsa.DecryptPKCS1v15SessionKey(salt, privateKey, nil, secretKeyHash)
if err != nil {
panic(fmt.Errorf("DecryptPKCS1v15SessionKey: %s", err.Error()))
}
signPKCS1v15, err := rsa.SignPKCS1v15(salt, privateKey, crypto.SHA256, cipherTextHash)
if err != nil {
panic(fmt.Errorf("SignPKCS1v15: %s", err.Error()))
}
fmt.Println(base64.StdEncoding.EncodeToString(signPKCS1v15))
}