//VerifySignature verifies the signature of a message func (rsaKey *RsaKey) VerifySignature(message string, signature string) (err error) { hashAlgorithm := crypto.SHA256 if rsaKey.privateKey == nil { err = errors.New("privateKey is nil") return } messageBytes := bytes.NewBufferString(message) //hash pssh := hashAlgorithm.New() pssh.Write(messageBytes.Bytes()) messageHash := pssh.Sum(nil) var signatureBytes []byte signatureBytes, err = base64.StdEncoding.DecodeString(signature) if err != nil { return } //Verify signature var opts rsa.PSSOptions opts.SaltLength = rsa.PSSSaltLengthAuto err = rsa.VerifyPSS(&rsaKey.privateKey.PublicKey, hashAlgorithm, messageHash, signatureBytes, &opts) return }
// Verify the given payload func (ctx rsaEncrypterVerifier) verifyPayload(payload []byte, signature []byte, alg SignatureAlgorithm) error { var hash crypto.Hash switch alg { case RS256, PS256: hash = crypto.SHA256 case RS384, PS384: hash = crypto.SHA384 case RS512, PS512: hash = crypto.SHA512 default: return ErrUnsupportedAlgorithm } hasher := hash.New() // According to documentation, Write() on hash never fails _, _ = hasher.Write(payload) hashed := hasher.Sum(nil) switch alg { case RS256, RS384, RS512: return rsa.VerifyPKCS1v15(ctx.publicKey, hash, hashed, signature) case PS256, PS384, PS512: return rsa.VerifyPSS(ctx.publicKey, hash, hashed, signature, nil) } return ErrUnsupportedAlgorithm }
// Implements the Verify method from SigningMethod // For this verify method, key must be an rsa.PublicKey struct func (m *SigningMethodRSAPSS) Verify(signingString, signature string, key interface{}) error { var err error // Decode the signature var sig []byte if sig, err = DecodeSegment(signature); err != nil { return err } var rsaKey *rsa.PublicKey switch k := key.(type) { case *rsa.PublicKey: rsaKey = k default: return ErrInvalidKey } // Create hasher if !m.Hash.Available() { return ErrHashUnavailable } hasher := m.Hash.New() hasher.Write([]byte(signingString)) return rsa.VerifyPSS(rsaKey, m.Hash, hasher.Sum(nil), sig, m.Options) }
func (alg *RsaPssUsingSha) Verify(securedInput, signature []byte, key interface{}) error { if pubKey, ok := key.(*rsa.PublicKey); ok { return rsa.VerifyPSS(pubKey, hashFunc(alg.keySizeBits), sha(alg.keySizeBits, securedInput), signature, &rsa.PSSOptions{SaltLength: alg.saltSizeBytes}) } return errors.New("RsaPssUsingSha.Verify(): expects key to be '*rsa.PublicKey'") }
func verify(pub *rsa.PublicKey, msg string, signature string) (err error) { sig, _ := decodeBase64(signature) h := sha256.New() h.Write([]byte(msg)) d := h.Sum(nil) return rsa.VerifyPSS(pub, crypto.SHA256, d, sig, nil) }
// Verify implements the Verify method from SigningMethod. // For this verify method, key must be an *rsa.PublicKey. func (m *SigningMethodRSAPSS) Verify(raw []byte, signature Signature, key interface{}) error { rsaKey, ok := key.(*rsa.PublicKey) if !ok { return ErrInvalidKey } return rsa.VerifyPSS(rsaKey, m.Hash, m.sum(raw), signature, m.Options) }
func ValidateSignatureForMessage(msg string, sig []byte, pub *rsa.PublicKey) (err error) { hashFunction := sha256.New() io.WriteString(hashFunction, msg) hashSum := hashFunction.Sum(nil) err = rsa.VerifyPSS(pub, crypto.SHA256, hashSum, sig, nil) return }
func BenchmarkRsaVerify(b *testing.B) { key, _ := rsa.GenerateKey(rand.Reader, 2048) val := sha256.Sum256(make([]byte, 32, 32)) sig, _ := rsa.SignPSS(rand.Reader, key, crypto.SHA256, val[:], nil) b.ResetTimer() for i := 0; i < b.N; i++ { rsa.VerifyPSS(&key.PublicKey, crypto.SHA256, val[:], sig, nil) } }
func (r *rsaPSSSigner) verifyMessage(key crypto.PublicKey, msg, sig []byte) error { rsaKey, ok := key.(*rsa.PublicKey) if !ok { return errors.New("invalid key type for RSA-PSS") } h := r.hash.New() h.Write(msg) return rsa.VerifyPSS(rsaKey, r.hash, h.Sum(nil), sig, &pssOptions) }
func VerifyMessage(pmsg PeerMessage) error { if pmsg.Body.Action != "NewPeer" { newhash := crypto.SHA1 peer_pbkey := myPeerKeys.m[pmsg.Addr] err := rsa.VerifyPSS(&peer_pbkey, newhash, pmsg.Hashed, pmsg.Sig, nil) return err } else { return nil } }
func VerifySenderMessage(senderPublicKey *rsa.PublicKey, plainText, signature []byte) error { pssh := newhash.New() _, err := pssh.Write(plainText) if err != nil { return err } hashed := pssh.Sum(nil) return rsa.VerifyPSS(senderPublicKey, newhash, hashed, signature, opts) }
func verifyPSS(key interface{}, digest, sig []byte) error { rsaPub, ok := key.(*rsa.PublicKey) if !ok { logrus.Infof("value was not an RSA public key") return ErrInvalid } opts := rsa.PSSOptions{SaltLength: sha256.Size, Hash: crypto.SHA256} if err := rsa.VerifyPSS(rsaPub, crypto.SHA256, digest[:], sig, &opts); err != nil { logrus.Infof("failed RSAPSS verification: %s", err) return ErrInvalid } return nil }
func main() { priv, err := rsa.GenerateKey(rand.Reader, 2048) checkFatal(err) message := []byte("Binding contractual agreement...") h := sha256.New() h.Write(message) digest := h.Sum(nil) sig, err := rsa.SignPSS(rand.Reader, priv, crypto.SHA256, digest, nil) checkFatal(err) fmt.Printf("Signature: %x\n", sig) err = rsa.VerifyPSS(&priv.PublicKey, crypto.SHA256, digest, sig, nil) fmt.Printf("Signature OK: %v\n", err == nil) }
// VerifySignature validates the signature string func VerifySignature(key *rsa.PublicKey, signed []byte, signature string) error { dec, err := base64.URLEncoding.DecodeString(signature) if err != nil { return errors.New("Could not decode signature string") } h := sha256.New() h.Write(signed) d := h.Sum(nil) err = rsa.VerifyPSS(key, crypto.SHA256, d, dec, nil) if err != nil { return err } return nil }
func (v RsaVerify) PayloadVerify(payload, signature []byte) error { pubkey := v.pubkey hfunc := v.hash h := hfunc.New() h.Write(payload) var err error switch v.alg { case jwa.RS256, jwa.RS384, jwa.RS512: err = rsa.VerifyPKCS1v15(pubkey, hfunc, h.Sum(nil), signature) case jwa.PS256, jwa.PS384, jwa.PS512: err = rsa.VerifyPSS(pubkey, hfunc, h.Sum(nil), signature, nil) } if err != nil { return err } return nil }
// Decrypt decrypts the message using the private key and verifies that // the signature was made by the certificate. func Decrypt(priv *rsa.PrivateKey, cert *x509.Certificate, enc []byte) ([]byte, bool) { var pub *rsa.PublicKey switch certPub := cert.PublicKey.(type) { case *rsa.PublicKey: pub = certPub default: return nil, false } var message message _, err := asn1.Unmarshal(enc, &message) if err != nil { return nil, false } h := sha256.New() key, err := rsa.DecryptOAEP(h, rand.Reader, priv, message.Key, nil) if err != nil { return nil, false } dec, ok := aesgcm.Decrypt(key, message.Signed) if !ok { return nil, false } var signed signature _, err = asn1.Unmarshal(dec, &signed) if err != nil { return nil, false } h.Reset() h.Write(signed.Message) err = rsa.VerifyPSS(pub, crypto.SHA256, h.Sum(nil), signed.Signature, nil) if err != nil { return nil, false } return signed.Message, true }
func (m *Msg) Message(fromkey *rsa.PublicKey, dstkey *rsa.PrivateKey) (data []byte, err error) { hash := crypto.SHA256 data = make([]byte, 0) for i, d := range m.Data { plainText, err := rsa.DecryptOAEP(hash.New(), rand.Reader, dstkey, d, []byte("")) if err != nil { return nil, e.Push(err, "can't decrypt the message") } pssh := hash.New() pssh.Write(plainText) hashed := pssh.Sum(nil) var opts rsa.PSSOptions opts.SaltLength = rsa.PSSSaltLengthAuto err = rsa.VerifyPSS(fromkey, hash, hashed, m.Signature[i], &opts) if err != nil { return nil, e.Push(err, "can't verify the signature") } data = append(data, plainText...) } return data, nil }
// Verify does the actual check. // N.B. We have not been able to make this work in a way that is compatible // with PyCrypto. func (v RSAPSSVerifier) Verify(key data.Key, sig []byte, msg []byte) error { digest := sha256.Sum256(msg) k, _ := pem.Decode([]byte(key.Public())) pub, err := x509.ParsePKIXPublicKey(k.Bytes) if err != nil { logrus.Infof("Failed to parse public key: %s\n", err) return ErrInvalid } rsaPub, ok := pub.(*rsa.PublicKey) if !ok { logrus.Infof("Value returned from ParsePKIXPublicKey was not an RSA public key") return ErrInvalid } opts := rsa.PSSOptions{SaltLength: sha256.Size, Hash: crypto.SHA256} if err = rsa.VerifyPSS(rsaPub, crypto.SHA256, digest[:], sig, &opts); err != nil { logrus.Infof("Failed verification: %s", err) return ErrInvalid } return nil }
func (job *ProofVerifyJob) CheckSignature(cert *x509.Certificate) error { switch pub := cert.PublicKey.(type) { case *rsa.PublicKey: // cert.CheckSignature() uses PKCS1v15, not PSS. So we cannot use that on RSA h := sha256.New() h.Write(ProofSignatureLabel) h.Write(job.serverConfig) if err := rsa.VerifyPSS(pub, crypto.SHA256, h.Sum(nil), job.signature, nil); err != nil { return err } case *ecdsa.PublicKey: // TODO(hodduc): TEST needed if err := cert.CheckSignature(x509.ECDSAWithSHA256, job.serverConfig, job.signature); err != nil { return err } default: return errors.New("Unsupported Public key type") } return nil }
func verifyPSS(key interface{}, digest, sig []byte) error { rsaPub, ok := key.(*rsa.PublicKey) if !ok { logrus.Debugf("value was not an RSA public key") return ErrInvalid } if rsaPub.N.BitLen() < minRSAKeySizeBit { logrus.Debugf("RSA keys less than 2048 bits are not acceptable, provided key has length %d.", rsaPub.N.BitLen()) return ErrInvalidKeyLength{msg: fmt.Sprintf("RSA key must be at least %d bits.", minRSAKeySizeBit)} } if len(sig) < minRSAKeySizeByte { logrus.Debugf("RSA keys less than 2048 bits are not acceptable, provided signature has length %d.", len(sig)) return ErrInvalid } opts := rsa.PSSOptions{SaltLength: sha256.Size, Hash: crypto.SHA256} if err := rsa.VerifyPSS(rsaPub, crypto.SHA256, digest[:], sig, &opts); err != nil { logrus.Debugf("failed RSAPSS verification: %s", err) return ErrInvalid } return nil }
var rsaMethodPKCS1v15 = rsaMethod{ signFunc: rsa.SignPKCS1v15, verifyFunc: rsa.VerifyPKCS1v15, } // rsaMethodPSS provides a RSA method that signs and verifies with PSS. var rsaMethodPSS = rsaMethod{ signFunc: func(rand io.Reader, priv *rsa.PrivateKey, hash crypto.Hash, hashed []byte) ([]byte, error) { return rsa.SignPSS(rand, priv, hash, hashed, &rsa.PSSOptions{ SaltLength: rsa.PSSSaltLengthAuto, Hash: hash, }) }, verifyFunc: func(pub *rsa.PublicKey, hash crypto.Hash, hashed []byte, sig []byte) error { return rsa.VerifyPSS(pub, hash, hashed, sig, &rsa.PSSOptions{ SaltLength: rsa.PSSSaltLengthAuto, Hash: hash, }) }, } // rsaSigner provides a RSA Signer. type rsaSigner struct { alg Algorithm method RSASignerVerifier hash crypto.Hash priv *rsa.PrivateKey pub *rsa.PublicKey } // NewRSASigner creates an RSA Signer for the specified Algorithm and provided // low level RSA implementation.
// Verify verifies an RSA digital signature for the given public key. func Verify(pub *rsa.PublicKey, m, sig []byte) (err error) { h := sha256.New() h.Write(m) d := h.Sum(nil) return rsa.VerifyPSS(pub, crypto.SHA256, d, sig, nil) }
func main() { // Generate RSA Keys miryanPrivateKey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { fmt.Println(err.Error) os.Exit(1) } miryanPublicKey := &miryanPrivateKey.PublicKey raulPrivateKey, err := rsa.GenerateKey(rand.Reader, 2048) if err != nil { fmt.Println(err.Error) os.Exit(1) } raulPublicKey := &raulPrivateKey.PublicKey fmt.Println("Private Key : ", miryanPrivateKey) fmt.Println("Public key ", miryanPublicKey) fmt.Println("Private Key : ", raulPrivateKey) fmt.Println("Public key ", raulPublicKey) //Encrypt Miryan Message message := []byte("the code must be like a piece of music") label := []byte("") hash := sha256.New() ciphertext, err := rsa.EncryptOAEP(hash, rand.Reader, raulPublicKey, message, label) if err != nil { fmt.Println(err) os.Exit(1) } fmt.Printf("OAEP encrypted [%s] to \n[%x]\n", string(message), ciphertext) fmt.Println() // Message - Signature var opts rsa.PSSOptions opts.SaltLength = rsa.PSSSaltLengthAuto // for simple example PSSmessage := message newhash := crypto.SHA256 pssh := newhash.New() pssh.Write(PSSmessage) hashed := pssh.Sum(nil) signature, err := rsa.SignPSS(rand.Reader, miryanPrivateKey, newhash, hashed, &opts) if err != nil { fmt.Println(err) os.Exit(1) } fmt.Printf("PSS Signature : %x\n", signature) // Decrypt Message plainText, err := rsa.DecryptOAEP(hash, rand.Reader, raulPrivateKey, ciphertext, label) if err != nil { fmt.Println(err) os.Exit(1) } fmt.Printf("OAEP decrypted [%x] to \n[%s]\n", ciphertext, plainText) //Verify Signature err = rsa.VerifyPSS(miryanPublicKey, newhash, hashed, signature, &opts) if err != nil { fmt.Println("Who are U? Verify Signature failed") os.Exit(1) } else { fmt.Println("Verify Signature successful") } }
// Verify verifies signature against key k and digest func (csp *impl) Verify(k bccsp.Key, signature, digest []byte, opts bccsp.SignerOpts) (valid bool, err error) { // Validate arguments if k == nil { return false, errors.New("Invalid Key. It must not be nil.") } if len(signature) == 0 { return false, errors.New("Invalid signature. Cannot be empty.") } if len(digest) == 0 { return false, errors.New("Invalid digest. Cannot be empty.") } // Check key type switch k.(type) { case *ecdsaPrivateKey: ecdsaSignature := new(ecdsaSignature) _, err := asn1.Unmarshal(signature, ecdsaSignature) if err != nil { return false, fmt.Errorf("Failed unmashalling signature [%s]", err) } return ecdsa.Verify(&(k.(*ecdsaPrivateKey).privKey.PublicKey), digest, ecdsaSignature.R, ecdsaSignature.S), nil case *ecdsaPublicKey: ecdsaSignature := new(ecdsaSignature) _, err := asn1.Unmarshal(signature, ecdsaSignature) if err != nil { return false, fmt.Errorf("Failed unmashalling signature [%s]", err) } return ecdsa.Verify(k.(*ecdsaPublicKey).pubKey, digest, ecdsaSignature.R, ecdsaSignature.S), nil case *rsaPrivateKey: if opts == nil { return false, errors.New("Invalid options. It must not be nil.") } switch opts.(type) { case *rsa.PSSOptions: err := rsa.VerifyPSS(&(k.(*rsaPrivateKey).privKey.PublicKey), (opts.(*rsa.PSSOptions)).Hash, digest, signature, opts.(*rsa.PSSOptions)) return err == nil, err default: return false, fmt.Errorf("Opts type not recognized [%s]", opts) } case *rsaPublicKey: if opts == nil { return false, errors.New("Invalid options. It must not be nil.") } switch opts.(type) { case *rsa.PSSOptions: err := rsa.VerifyPSS(k.(*rsaPublicKey).pubKey, (opts.(*rsa.PSSOptions)).Hash, digest, signature, opts.(*rsa.PSSOptions)) return err == nil, err default: return false, fmt.Errorf("Opts type not recognized [%s]", opts) } default: return false, fmt.Errorf("Key type not recognized [%s]", k) } }