Skip to content

Commit 6ea76e8

Browse files
quixote-liuquixote-liu
committed
Add sign PKCS1v15
1 parent 53b7dc4 commit 6ea76e8

File tree

2 files changed

+79
-0
lines changed

2 files changed

+79
-0
lines changed

rsa.go

Lines changed: 21 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@ package codealg
22

33
import (
44
"bytes"
5+
"crypto"
56
"crypto/rand"
67
"crypto/rsa"
78
"crypto/sha256"
@@ -46,6 +47,26 @@ func DecryptPKCS1v15(ciphertext []byte, privateKey []byte) ([]byte, error) {
4647
return rsa.DecryptPKCS1v15(rand.Reader, priv, ciphertext)
4748
}
4849

50+
// ---------------- sign PKCS1v15 --------------------------
51+
52+
func SignPKCS1v15(message, privateKey []byte) ([]byte, error) {
53+
priv, err := parsePrivateKey(privateKey)
54+
if err != nil {
55+
return nil, err
56+
}
57+
hashed := sha256.Sum256(message)
58+
return rsa.SignPKCS1v15(rand.Reader, priv, crypto.SHA256, hashed[:])
59+
}
60+
61+
func VerifyPKCS1v15(signature, message, publicKey []byte) error {
62+
pub, err := parsePublicKey(publicKey)
63+
if err != nil {
64+
return err
65+
}
66+
hashed := sha256.Sum256(message)
67+
return rsa.VerifyPKCS1v15(pub, crypto.SHA256, hashed[:], signature)
68+
}
69+
4970
// ----------------- common --------------------------------
5071

5172
const (

rsa_test.go

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -96,6 +96,64 @@ func TestDecryptOAEP(t *testing.T) {
9696
}
9797
}
9898

99+
func TestSignPKCS1v15(t *testing.T) {
100+
privateKey, publicKey, err := GenRSAKey(RsaKeyBits2048)
101+
assert.Nil(t, err)
102+
tests := []struct {
103+
name string
104+
message []byte
105+
privKey []byte
106+
wantErr bool
107+
}{
108+
{"should pass with correct private key", []byte("hello, world"), privateKey, false},
109+
{"should return err with incorrect private key", []byte("hello, world"), []byte("error_privateKey"), true},
110+
{"should pass with empty message", []byte("hello, world"), privateKey, false},
111+
}
112+
for _, tt := range tests {
113+
t.Run(tt.name, func(t *testing.T) {
114+
sig, err := SignPKCS1v15(tt.message, tt.privKey)
115+
if tt.wantErr {
116+
assert.NotNil(t, err)
117+
return
118+
} else {
119+
assert.Nil(t, err)
120+
}
121+
err = VerifyPKCS1v15(sig, tt.message, publicKey)
122+
assert.Nil(t, err)
123+
})
124+
}
125+
}
126+
127+
func TestVerifyPKCS1v15(t *testing.T) {
128+
privateKey, publicKey, err := GenRSAKey(RsaKeyBits2048)
129+
assert.Nil(t, err)
130+
message := []byte("hello, world")
131+
sig, err := SignPKCS1v15(message, privateKey)
132+
assert.Nil(t, err)
133+
tests := []struct {
134+
name string
135+
signature []byte
136+
message []byte
137+
pubKey []byte
138+
wantErr bool
139+
}{
140+
{"should pass with correct message and signature", sig, message, publicKey, false},
141+
{"should return error with incorrect signature", []byte("error_signature"), message, publicKey, true},
142+
{"should return error with incorrect message", sig, []byte("error_message"), publicKey, true},
143+
{"should return error with incorrect public key", sig, message, []byte("error_public_key"), true},
144+
}
145+
for _, tt := range tests {
146+
t.Run(tt.name, func(t *testing.T) {
147+
err = VerifyPKCS1v15(tt.signature, tt.message, tt.pubKey)
148+
if tt.wantErr {
149+
assert.NotNil(t, err)
150+
return
151+
}
152+
assert.Nil(t, err)
153+
})
154+
}
155+
}
156+
99157
func TestEncryptPKCS1v15(t *testing.T) {
100158
privKey, pubKey, err := GenRSAKey(1024)
101159
assert.Nil(t, err)

0 commit comments

Comments
 (0)