Rust范例:哈希摘要和数字签名
1. 计算文件的 SHA-256 码
将一些数据写入文件,然后获得文件的内容,再用使用 digest::Context,最后使用 digest::Digest 计算 SHA-256 码。
# #[macro_use] # extern crate error_chain; extern crate data_encoding; extern crate ring; use data_encoding::HEXUPPER; use ring::digest::{Context, Digest, SHA256}; use std::fs::File; use std::io::{BufReader, Read, Write}; # # error_chain! { # foreign_links { # Io(std::io::Error); # Decode(data_encoding::DecodeError); # } # } fn sha256_digest<R: Read>(mut reader: R) -> Result<Digest> { let mut context = Context::new(&SHA256); let mut buffer = [0; 1024]; loop { let count = reader.read(&mut buffer)?; if count == 0 { break; } context.update(&buffer[..count]); } Ok(context.finish()) } fn run() -> Result<()> { let path = "file.txt"; let mut output = File::create(path)?; write!(output, "We will generate a digest of this text")?; let input = File::open(path)?; let reader = BufReader::new(input); let digest = sha256_digest(reader)?; println!("SHA-256 digest is {}", HEXUPPER.encode(digest.as_ref())); Ok(()) } # # quick_main!(run);
2. 签署并验证消息
使用 ring::hmac 创建一个 hmac::Signature ,然后验证签名是否正确。
extern crate ring; use ring::{digest, hmac, rand}; use ring::rand::SecureRandom; use ring::error::Unspecified; fn main() -> Result<(), Unspecified> { let mut key_value = [0u8; 48]; let rng = rand::SystemRandom::new(); rng.fill(&mut key_value)?; let key = hmac::SigningKey::new(&digest::SHA256, &key_value); let message = "Legitimate and important message."; let signature = hmac::sign(&key, message.as_bytes()); hmac::verify_with_own_key(&key, message.as_bytes(), signature.as_ref())?; Ok(()) }