Signature verification ensures interface security and identifies the caller. In addition, the following requirements must be met:
- Variability: Each signature must be different.
- Timeliness: The timeliness of each request.
- Uniqueness: Each signature is unique.
- Integrity: Ability to validate incoming data to prevent tampering.
The signature rules are similar. You can make them according to your own business conditions.
We will use several algorithms in the signature process, next to share the benchmark test of each algorithm, there may be errors, for your reference.
MD5 unidirectional hash encryption
func BenchmarkEncrypt(b *testing.B) { b.ResetTimer() for i := 0; i < b.N; I++ {New().Encrypt("123456")}} // output goos: Darwin goarch: amd64 PKG: github.com/xinliangnote/go-gin-api/pkg/md5 BenchmarkEncrypt-12 10000000 238 ns/op PASSCopy the codeAES symmetric encryption
func BenchmarkEncryptAndDecrypt(b *testing.B) { b.ResetTimer() aes := New(key, iv) for i := 0; i < b.N; Encrypt("123456") AES.decrypt (encryptString)}} goos: Darwin goarch: amd64 PKG: github.com/xinliangnote/go-gin-api/pkg/aes BenchmarkEncryptAndDecrypt-12 1000000 1009 ns/op PASSCopy the codeRSA asymmetric encryption
func BenchmarkEncryptAndDecrypt(b *testing.B) { b.ResetTimer() rsaPublic := NewPublic(publicKey) rsaPrivate := NewPrivate(privateKey) for i := 0; i < b.N; Encrypt("123456") rsAprivate.decrypt (encryptString)}} goos: Darwin goarch: amd64 pkg: github.com/xinliangnote/go-gin-api/pkg/rsa BenchmarkEncryptAndDecrypt-12 1000 1345384 ns/op PASSCopy the codeThe last
JWT signature validation is also used. Share the JWT benchmark, using the jwt.SigningMethodHS256 method.
func BenchmarkSignAndParse(b *testing.B) { b.ResetTimer() token := New(secret) for i := 0; i < b.N; I++ {tokenString, _ := token.Sign(123456789, "xinliangnote") token.Parse(tokenString)}} amd64 pkg: github.com/xinliangnote/go-gin-api/pkg/token BenchmarkSignAndParse-12 200000 11749 ns/op PASSCopy the codeThe above code is in the Go-Gin-API project at github.com/xinliangnot…