优化 cryptobin 目录签名相关函数

deatil · Feb 21, 2024 · fde9ff7 · fde9ff7
1 parent cfcb268
commit fde9ff7
Show file tree

Hide file tree

Showing 17 changed files with 480 additions and 313 deletions.
diff --git a/cryptobin/dsa/dsa_test.go b/cryptobin/dsa/dsa_test.go
@@ -39,7 +39,7 @@ func Test_XMLSign(t *testing.T) {
     objSign := NewDSA().
         FromString(data).
         FromXMLPrivateKey([]byte(prikeyXML)).
-        SignASN1()
+        Sign()
     signed := objSign.ToBase64String()
 
     assertError(objSign.Error(), "XMLSign-Sign")
@@ -49,12 +49,66 @@ func Test_XMLSign(t *testing.T) {
     objVerify := NewDSA().
         FromBase64String(signed).
         FromXMLPublicKey([]byte(pubkeyXML)).
-        VerifyASN1([]byte(data))
+        Verify([]byte(data))
 
     assertError(objVerify.Error(), "XMLSign-Verify")
     assertBool(objVerify.ToVerify(), "XMLSign-Verify")
 }
 
+func Test_XMLSignASN1(t *testing.T) {
+    assertNotEmpty := cryptobin_test.AssertNotEmptyT(t)
+    assertBool := cryptobin_test.AssertBoolT(t)
+    assertError := cryptobin_test.AssertErrorT(t)
+
+    data := "test-pass"
+
+    // 签名
+    objSign := NewDSA().
+        FromString(data).
+        FromXMLPrivateKey([]byte(prikeyXML)).
+        SignASN1()
+    signed := objSign.ToBase64String()
+
+    assertError(objSign.Error(), "XMLSignASN1-Sign")
+    assertNotEmpty(signed, "XMLSignASN1-Sign")
+
+    // 验证
+    objVerify := NewDSA().
+        FromBase64String(signed).
+        FromXMLPublicKey([]byte(pubkeyXML)).
+        VerifyASN1([]byte(data))
+
+    assertError(objVerify.Error(), "XMLSignASN1-Verify")
+    assertBool(objVerify.ToVerify(), "XMLSignASN1-Verify")
+}
+
+func Test_XMLSignBytes(t *testing.T) {
+    assertNotEmpty := cryptobin_test.AssertNotEmptyT(t)
+    assertBool := cryptobin_test.AssertBoolT(t)
+    assertError := cryptobin_test.AssertErrorT(t)
+
+    data := "test-pass"
+
+    // 签名
+    objSign := NewDSA().
+        FromString(data).
+        FromXMLPrivateKey([]byte(prikeyXML)).
+        SignBytes()
+    signed := objSign.ToBase64String()
+
+    assertError(objSign.Error(), "XMLSignBytes-Sign")
+    assertNotEmpty(signed, "XMLSignBytes-Sign")
+
+    // 验证
+    objVerify := NewDSA().
+        FromBase64String(signed).
+        FromXMLPublicKey([]byte(pubkeyXML)).
+        VerifyBytes([]byte(data))
+
+    assertError(objVerify.Error(), "XMLSignBytes-Verify")
+    assertBool(objVerify.ToVerify(), "XMLSignBytes-Verify")
+}
+
 var testPEMCiphers = []string{
     "DESCBC",
     "DESEDE3CBC",
@@ -119,3 +173,44 @@ func test_CreatePKCS1PrivateKeyWithPassword(t *testing.T, gen DSA, cipher string
         assertEqual(newPrikey, prikey, "Test_CreatePKCS1PrivateKeyWithPassword")
     })
 }
+
+func Test_SignBytes(t *testing.T) {
+    types := []string{
+        "L1024N160",
+        "L2048N224",
+        "L2048N256",
+        "L3072N256",
+    }
+
+    for _, name := range types {
+        t.Run(name, func(t *testing.T) {
+            gen := New().GenerateKey(name)
+            test_SignBytes(t, gen)
+        })
+    }
+}
+
+func test_SignBytes(t *testing.T, gen DSA) {
+    assertNotEmpty := cryptobin_test.AssertNotEmptyT(t)
+    assertBool := cryptobin_test.AssertBoolT(t)
+    assertError := cryptobin_test.AssertErrorT(t)
+
+    data := "test-pass"
+
+    // 签名
+    objSign := gen.
+        FromString(data).
+        SignBytes()
+    signed := objSign.ToBase64String()
+
+    assertError(objSign.Error(), "SignBytes-Sign")
+    assertNotEmpty(signed, "SignBytes-Sign")
+
+    // 验证
+    objVerify := gen.
+        FromBase64String(signed).
+        VerifyBytes([]byte(data))
+
+    assertError(objVerify.Error(), "SignBytes-Verify")
+    assertBool(objVerify.ToVerify(), "SignBytes-Verify")
+}
diff --git a/cryptobin/dsa/sign.go b/cryptobin/dsa/sign.go
@@ -72,17 +72,15 @@ func (this DSA) Verify(data []byte, separator ...string) DSA {
         return this.AppendError(err)
     }
 
-    rStr := split[0]
-    sStr := split[1]
     rr := new(big.Int)
     ss := new(big.Int)
 
-    err = rr.UnmarshalText([]byte(rStr))
+    err = rr.UnmarshalText([]byte(split[0]))
     if err != nil {
         return this.AppendError(err)
     }
 
-    err = ss.UnmarshalText([]byte(sStr))
+    err = ss.UnmarshalText([]byte(split[1]))
     if err != nil {
         return this.AppendError(err)
     }
@@ -94,7 +92,7 @@ func (this DSA) Verify(data []byte, separator ...string) DSA {
 
 // ===============
 
-type DSASignature struct {
+type dsaSignature struct {
     R, S *big.Int
 }
 
@@ -115,9 +113,7 @@ func (this DSA) SignASN1() DSA {
         return this.AppendError(err)
     }
 
-    parsedData, err := asn1.Marshal(DSASignature{r, s})
-
-    this.parsedData = parsedData
+    this.parsedData, err = asn1.Marshal(dsaSignature{r, s})
 
     return this.AppendError(err)
 }
@@ -130,7 +126,7 @@ func (this DSA) VerifyASN1(data []byte) DSA {
         return this.AppendError(err)
     }
 
-    var dsaSign DSASignature
+    var dsaSign dsaSignature
     _, err := asn1.Unmarshal(this.data, &dsaSign)
     if err != nil {
         return this.AppendError(err)
@@ -141,10 +137,7 @@ func (this DSA) VerifyASN1(data []byte) DSA {
         return this.AppendError(err)
     }
 
-    r := dsaSign.R
-    s := dsaSign.S
-
-    this.verify = dsa.Verify(this.publicKey, hashed, r, s)
+    this.verify = dsa.Verify(this.publicKey, hashed, dsaSign.R, dsaSign.S)
 
     return this
 }
@@ -153,7 +146,7 @@ func (this DSA) VerifyASN1(data []byte) DSA {
 
 const (
     // 字节大小
-    dsaSubgroupBytes = 32
+    dsaByteLen = 32
 )
 
 // 私钥签名
@@ -173,18 +166,17 @@ func (this DSA) SignBytes() DSA {
         return this.AppendError(err)
     }
 
-    rBytes := r.Bytes()
-    sBytes := s.Bytes()
-    if len(rBytes) > dsaSubgroupBytes || len(sBytes) > dsaSubgroupBytes {
+    if r.BitLen() > (dsaByteLen * 8) || s.BitLen() > (dsaByteLen * 8) {
         err := errors.New("dsa: DSA signature too large.")
         return this.AppendError(err)
     }
 
-    out := make([]byte, 2*dsaSubgroupBytes)
-    copy(out[dsaSubgroupBytes-len(rBytes):], rBytes)
-    copy(out[len(out)-len(sBytes):], sBytes)
+    buf := make([]byte, 2*dsaByteLen)
+
+    r.FillBytes(buf[         0:  dsaByteLen])
+    s.FillBytes(buf[dsaByteLen:2*dsaByteLen])
 
-    this.parsedData = out
+    this.parsedData = buf
 
     return this
 }
@@ -200,13 +192,13 @@ func (this DSA) VerifyBytes(data []byte) DSA {
     // 签名结果数据
     sig := this.data
 
-    if len(sig) != 2*dsaSubgroupBytes {
+    if len(sig) != 2*dsaByteLen {
         err := errors.New("dsa: sig data error.")
         return this.AppendError(err)
     }
 
-    r := new(big.Int).SetBytes(sig[:dsaSubgroupBytes])
-    s := new(big.Int).SetBytes(sig[dsaSubgroupBytes:])
+    r := new(big.Int).SetBytes(sig[:dsaByteLen])
+    s := new(big.Int).SetBytes(sig[dsaByteLen:])
 
     hashed, err := this.dataHash(this.signHash, data)
     if err != nil {