Note the implementation of SM2 signature verification on some slightly larger files, only the core code is listed here, the rest of the code is not covered, or if you have any questions please check out my cryptology blog
/* Function name: sm2Sign Sm2 signature algorithm implementation of file signature parameters: filePathIn, to be signed file priKey, signature private key file Returned value: file name after signature Error message Created at and by: 2021-06-17 Yuan_sr */
func sm2Sign (filePathIn, priKey string) (string, error){
//1. Open the private key file of the disk
file, err := os.Open(priKey)
iferr ! =nil {
return "", err
}
defer file.Close()
//2. Read the contents of the private key file
fileInfo, err := file.Stat()
iferr ! =nil {
return "", err
}
buf := make([]byte, fileInfo.Size())
_, err = file.Read(buf)
iferr ! =nil {
return "", err
}
//3. Decode and deserialize the private key file in PEM format
privateKeyFromPem, err := gmx509.ReadPrivateKeyFromPem(buf, nil)
iferr ! =nil {
return "", err
}
// create a hash object
hash := sm3.New()
inFile, err := os.Open(filePathIn)
iferr ! =nil {
return "", err
}
defer inFile.Close()
for {
n, err := inFile.Read(buf)
if err == io.EOF{
break
}
iferr ! =nil&& err ! = io.EOF {return "", err
}
_, err = hash.Write(buf[:n])
iferr ! =nil {
return "", err
}
}
hashed := hash.Sum(nil)
/ / 5. Signature
signText, err := privateKeyFromPem.Sign(rand.Reader, hashed, nil)
iferr ! =nil {
return "", err
}
outFile, err := os.Create(signFileName)
iferr ! =nil {
return "", err
}
defer outFile.Close()
outFile.Write(signText)
return signFileName, nil
}
/* The sm2Verify algorithm can be used to check files: encFile, ciphertext file signFile, signature file pubKey, check public key Return value: check result Error message created at: 2021-06-17 Yuan_sr */
func sm2Verify(encFile, signFile, pubKey string) (bool, error) {
//1. Open the disk public key file
file, err := os.Open(pubKey)
iferr ! =nil {
return false, err
}
defer file.Close()
fileInfo, err := file.Stat()
iferr ! =nil {
return false, err
}
buf := make([]byte, fileInfo.Size())
_, err = file.Read(buf)
iferr ! =nil {
return false, err
}
//2. Decode and deserialize the public key in PEM format
publicKeyFromPem, err := gmx509.ReadPublicKeyFromPem(buf)
iferr ! =nil {
return false, err
}
//3. Perform the Hash operation
hash := sm3.New()
inFile, err := os.Open(dvOutPath + encFile)
iferr ! =nil {
return false, err
}
defer inFile.Close()
for {
n, err := inFile.Read(buf)
if err == io.EOF{
break
}
iferr ! =nil&& err ! = io.EOF {return false, err
}
_, err = hash.Write(buf[:n])
iferr ! =nil {
return false, err
}
}
hashed := hash.Sum(nil)
//4. Read the received signature value
sr, err := os.Open(dvOutPath + signFile)
iferr ! =nil {
return false, err
}
defer sr.Close()
srInfo, err := sr.Stat()
iferr ! =nil {
return false, err
}
srBuf := make([]byte, srInfo.Size())
_, err = sr.Read(srBuf)
iferr ! =nil {
return false, err
}
//5. Signature authentication
verify := publicKeyFromPem.Verify(hashed, srBuf)
return verify, nil
}
Copy the code