actions/docker-compose-updater
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cea9b941cf7ab53bed1e07a0c767dfc902b508a6
docker-compose-updater/internal/auth/sign.go
T
ilovintit cea9b941cf
Build and Push / build (push) Failing after 13m20s
Details
Initial commit: docker-compose-updater 
Go 项目,包含:
- 服务端 updater:两阶段协议,ECDSA 签名验证,AES-GCM 加密
- 发送端 dcu-send:Gitea Action CLI
- internal/auth:加解密/签名/会话管理
- internal/docker:Docker CLI 容器查找/拉取/重建
- action/:Gitea Action 定义
- deploy/Dockerfile:多阶段构建
- .gitea/workflows/build.yaml:CI/CD
2026-06-08 15:16:46 +08:00

31 lines
762 B
Go
Raw Blame History

package auth
import (
"crypto/ecdsa"
"crypto/rand"
"crypto/sha256"
"encoding/base64"
"fmt"
)
// Sign ECDSA P-256 签名,返回 DER 编码的 Base64 签名。
func Sign(key *ecdsa.PrivateKey, data []byte) (string, error) {
hash := sha256.Sum256(data)
sig, err := ecdsa.SignASN1(rand.Reader, key, hash[:])
if err != nil {
return "", fmt.Errorf("ecdsa sign: %w", err)
}
return base64.StdEncoding.EncodeToString(sig), nil
}
// Verify 验证 ECDSA P-256 签名。
// sigBase64 是 DER 编码的 Base64 签名。
func Verify(key *ecdsa.PublicKey, data []byte, sigBase64 string) bool {
sig, err := base64.StdEncoding.DecodeString(sigBase64)
if err != nil {
return false
}
hash := sha256.Sum256(data)
return ecdsa.VerifyASN1(key, hash[:], sig)
}
Reference in New Issue View Git Blame Copy Permalink