Update MD5 组合签名

yifei337 · Oct 10, 2019 · 694736d · 694736d
1 parent ac7b948
commit 694736d
Show file tree

Hide file tree

Showing 3 changed files with 79 additions and 55 deletions.
diff --git a/app/config/config.go b/app/config/config.go
@@ -1,15 +1,27 @@
 package config
 
+var (
+	ApiAuthConfig = map[string] map[string]string {
+
+		// 调用方
+		"DEMO" : {
+			"md5" : "IgkibX71IEf382PT",
+			"aes" : "IgkibX71IEf382PT",
+			"rsa" : "rsa/public.pem",
+		},
+	}
+)
+
 const (
 	AppMode = "release" //debug or release
 	AppPort = ":9999"
 	AppName = "go-gin-api"
 
-	// MD5 密钥
-	AppMD5SignSecret = "4OhYXtDYNYxQsGetqASVOTP37jGt5gGY"
+	// 签名超时时间
+	AppSignExpiry = "120"
 
-	// MD5 超时时间
-	AppMD5SignExpiry = "120"
+	// RSA Private File
+	AppRsaPrivateFile = "rsa/private.pem"
 
 	// 超时时间
 	AppReadTimeout  = 120

diff --git a/app/route/middleware/sign/md5/md5.go b/app/route/middleware/sign/md5/md5.go
@@ -9,16 +9,19 @@ import (
 	"net/url"
 	"sort"
 	"strconv"
+	"strings"
 	"time"
 )
 
+var AppSecret string
+
 // MD5 组合加密
 func SetUp() gin.HandlerFunc {
 
 	return func(c *gin.Context) {
 		utilGin := util.Gin{Ctx: c}
 
-		sign, err := verifyMD5Sign(c)
+		sign, err := verifySign(c)
 
 		if sign != nil {
 			utilGin.Response(-1, "Debug Sign", sign)
@@ -36,74 +39,70 @@ func SetUp() gin.HandlerFunc {
 	}
 }
 
-// 创建签名
-func createMD5Sign(params url.Values) string {
-	var key []string
-	var str = ""
-	for k := range params {
-		if k != "sn" && k != "debug" {
-			key = append(key, k)
-		}
-	}
-	sort.Strings(key)
-	for i := 0; i < len(key); i++ {
-		if i == 0 {
-			str = fmt.Sprintf("%v=%v", key[i], params.Get(key[i]))
-		} else {
-			str = str + fmt.Sprintf("&%v=%v", key[i], params.Get(key[i]))
-		}
-	}
-
-	// 自定义签名算法
-	sign := util.MD5(config.AppMD5SignSecret + str + config.AppMD5SignSecret)
-	return sign
-}
-
 // 验证签名
-func verifyMD5Sign(c *gin.Context) (map[string]string, error) {
-	var method = c.Request.Method
-	var ts int64
-	var sn string
-	var req url.Values
-	var debug string
-
-	if method == "GET" {
-		req = c.Request.URL.Query()
-		sn = c.Query("sn")
-		debug = c.Query("debug")
-		ts, _ = strconv.ParseInt(c.Query("ts"), 10, 64)
-	} else if method == "POST" {
-		_ = c.Request.ParseForm()
-		req = c.Request.PostForm
-		sn = c.PostForm("sn")
-		debug = c.PostForm("debug")
-		ts, _ = strconv.ParseInt(c.PostForm("ts"), 10, 64)
+func verifySign(c *gin.Context) (map[string]string, error) {
+	_ = c.Request.ParseForm()
+	req   := c.Request.Form
+	debug := strings.Join(c.Request.Form["debug"], "")
+	ak    := strings.Join(c.Request.Form["ak"], "")
+	sn    := strings.Join(c.Request.Form["sn"], "")
+	ts    := strings.Join(c.Request.Form["ts"], "")
+
+	// 验证来源
+	value, ok := config.ApiAuthConfig[ak]
+	if ok {
+		AppSecret = value["md5"]
 	} else {
-		return nil, errors.New("非法请求")
+		return nil, errors.New("ak Error")
 	}
 
 	if debug == "1" {
 		currentUnix := util.GetCurrentUnix()
-		req.Add("ts", strconv.FormatInt(currentUnix, 10))
+		req.Set("ts", strconv.FormatInt(currentUnix, 10))
 		res := map[string]string{
 			"ts": strconv.FormatInt(currentUnix, 10),
-			"sn": createMD5Sign(req),
+			"sn": createSign(req),
 		}
 		return res, nil
 	}
 
-	exp, _ := strconv.ParseInt(config.AppMD5SignExpiry, 10, 64)
-
 	// 验证过期时间
 	timestamp := time.Now().Unix()
-	if ts > timestamp || timestamp-ts >= exp {
+	exp, _    := strconv.ParseInt(config.AppSignExpiry, 10, 64)
+	tsInt, _  := strconv.ParseInt(ts, 10, 64)
+	if tsInt > timestamp || timestamp - tsInt >= exp {
 		return nil, errors.New("ts Error")
 	}
 
 	// 验证签名
-	if sn == "" || sn != createMD5Sign(req) {
+	if sn == "" || sn != createSign(req) {
 		return nil, errors.New("sn Error")
 	}
 
 	return nil, nil
 }
+
+// 创建签名
+func createSign(params url.Values) string {
+	// 自定义 MD5 组合
+	return util.MD5(AppSecret + createEncryptStr(params) + AppSecret)
+}
+
+func createEncryptStr(params url.Values) string {
+	var key []string
+	var str = ""
+	for k := range params {
+		if k != "sn" && k != "debug" {
+			key = append(key, k)
+		}
+	}
+	sort.Strings(key)
+	for i := 0; i < len(key); i++ {
+		if i == 0 {
+			str = fmt.Sprintf("%v=%v", key[i], params.Get(key[i]))
+		} else {
+			str = str + fmt.Sprintf("&%v=%v", key[i], params.Get(key[i]))
+		}
+	}
+	return str
+}
diff --git a/app/route/route.go b/app/route/route.go
@@ -4,10 +4,10 @@ import (
 	"github.com/gin-gonic/gin"
 	"go-gin-api/app/controller/jaeger_conn"
 	"go-gin-api/app/controller/product"
+	"go-gin-api/app/controller/test"
 	"go-gin-api/app/route/middleware/exception"
 	"go-gin-api/app/route/middleware/jaeger"
 	"go-gin-api/app/route/middleware/logger"
-	signMD5 "go-gin-api/app/route/middleware/sign/md5"
 	"go-gin-api/app/util"
 )
 
@@ -32,7 +32,7 @@ func SetupRouter(engine *gin.Engine) {
 
 	//@todo 记录请求超时的路由
 
-	ProductRouter := engine.Group("/product").Use(signMD5.SetUp())
+	ProductRouter := engine.Group("/product")
 	{
 		// 新增产品
 		ProductRouter.POST("", product.Add)
@@ -46,4 +46,17 @@ func SetupRouter(engine *gin.Engine) {
 		// 获取产品详情
 		ProductRouter.GET("/:id", product.Detail)
 	}
+
+	// 测试加密性能
+	TestRouter := engine.Group("/test")
+	{
+		// 测试 MD5 组合 的性能
+		TestRouter.GET("/md5", test.Md5Test)
+
+		// 测试 AES 的性能
+		TestRouter.GET("/aes", test.AesTest)
+
+		// 测试 RSA 的性能
+		TestRouter.GET("/rsa", test.RsaTest)
+	}
 }