Search code examples
c#gorsa

How get SHA256 RSA with padding PKCS1 in GoLang?

  • Sign: For every request sent to the provider side, the information of the Request field must be JsonString should be converted and sent encrypted with the PrivateKey file at the disposal of the Provider.
  • Using RSA algorithm, it is necessary to create keys with a length of 2048.
  • Private Key remains in the possession of the company and the Public Key file is sent to provider. The length of the key is 2048 bits.
  • When creating the Sign, set the hash algorithm to SHA256 and Padding to Pkcs1.
  • The payment after receiving the request, the request string is received by the public key of the payer and signed Verify.
  • The value of the sign field is the Stringed data values ​​of the Request field.
  • Provider means the organization that uses our services.

example code in c# 

public string Sign(string content) {
    using(var rsa = new RSACryptoServiceProvider(2048)) {
      var rsaParameters =
        Common.Extensions.LoadFromXmlFile(@ "D:\Projects\iva-toll-
          service\ Key\ perivate.xml ");
          rsa.ImportParameters(rsaParameters);
          var dataBytes = Encoding.UTF8.GetBytes(content);
          var signBytes = rsa.SignData(dataBytes, HashAlgorithmName.SHA256,
            RSASignaturePadding.Pkcs1);
          var response = Convert.ToBase64String(signBytes);
          return response;
        }
    }

Solution

  • I found answer

    package main

import (
    "crypto"
    "crypto/rand"
    "crypto/rsa"
    "crypto/sha256"
    "crypto/x509"
    "encoding/base64"
    "encoding/pem"
    "fmt"
    "io/ioutil"
)

func main() {
    privateKey, publicKey := getKeys()
    requestHashSum := getRequestHashSum()

    signature := sign(privateKey, requestHashSum)
    fmt.Println(base64.StdEncoding.EncodeToString(signature))

    verify(publicKey, requestHashSum, signature)
    fmt.Println("The data was verified")
}

func getKeys() (*rsa.PrivateKey, *rsa.PublicKey) {
    privateKeyPem, err := ioutil.ReadFile("privateKey.pem")
    if err != nil {
        panic(err)
    }
    block, _ := pem.Decode(privateKeyPem)
    privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes)
    if err != nil {
        panic(err)
    }
    return privateKey, &privateKey.PublicKey
}

func getRequestHashSum() []byte {
    var data = []byte("text for sign")
    msgHash := sha256.New()
    _, err := msgHash.Write(data)
    if err != nil {
        panic(err)
    }
    return msgHash.Sum(nil)
}

func sign(privateKey *rsa.PrivateKey, requestHashSum []byte) []byte {
    sign, err := rsa.SignPKCS1v15(rand.Reader, privateKey, crypto.SHA256, requestHashSum)
    if err != nil {
        panic(err)
    }
    return sign
}

func verify(publicKey *rsa.PublicKey, requestHashSum, signature []byte) {
    err := rsa.VerifyPKCS1v15(publicKey, crypto.SHA256, requestHashSum, signature)
    if err != nil {
        panic(err)
    }
}