chrly/internal/security/signer.go
2024-03-05 13:07:54 +01:00

60 lines
1.1 KiB
Go

package security
import (
"crypto"
"crypto/rand"
"crypto/rsa"
"crypto/sha1"
"crypto/x509"
"encoding/pem"
"errors"
"io"
)
var randomReader = rand.Reader
var invalidKeyFormat = errors.New(`invalid key format: it should be"der" or "pem"`)
func NewSigner(key *rsa.PrivateKey) *Signer {
return &Signer{Key: key}
}
type Signer struct {
Key *rsa.PrivateKey
}
func (s *Signer) Sign(data io.Reader) ([]byte, error) {
messageHash := sha1.New()
_, err := io.Copy(messageHash, data)
if err != nil {
return nil, err
}
messageHashSum := messageHash.Sum(nil)
signature, err := rsa.SignPKCS1v15(randomReader, s.Key, crypto.SHA1, messageHashSum)
if err != nil {
return nil, err
}
return signature, nil
}
func (s *Signer) GetPublicKey(format string) ([]byte, error) {
if format != "der" && format != "pem" {
return nil, invalidKeyFormat
}
asn1Bytes, err := x509.MarshalPKIXPublicKey(s.Key.Public())
if err != nil {
return nil, err
}
if format == "pem" {
return pem.EncodeToMemory(&pem.Block{
Type: "PUBLIC KEY",
Bytes: asn1Bytes,
}), nil
}
return asn1Bytes, nil
}