/
crypto.go
65 lines (55 loc) · 1.4 KB
/
crypto.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
package util
import (
"bytes"
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"io"
)
// AesDecrypt AES-CBC解密,PKCS#7,传入密文和密钥,[]byte
func AesDecrypt(src, key []byte) (dst []byte, err error) {
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
iv := make([]byte, aes.BlockSize)
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err
}
dst = make([]byte, len(src))
cipher.NewCBCDecrypter(block, iv).CryptBlocks(dst, src)
return PKCS7UnPad(dst), nil
}
// PKCS7UnPad PKSC#7解包
func PKCS7UnPad(msg []byte) []byte {
length := len(msg)
padlen := int(msg[length-1])
return msg[:length-padlen]
}
// AesEncrypt AES-CBC加密+PKCS#7打包,传入明文和密钥
func AesEncrypt(src []byte, key []byte) ([]byte, error) {
k := len(key)
if len(src)%k != 0 {
src = PKCS7Pad(src, k)
}
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
iv := make([]byte, aes.BlockSize)
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err
}
dst := make([]byte, len(src))
cipher.NewCBCEncrypter(block, iv).CryptBlocks(dst, src)
return dst, nil
}
// PKCS7Pad PKCS#7打包
func PKCS7Pad(msg []byte, blockSize int) []byte {
if blockSize < 1<<1 || blockSize >= 1<<8 {
panic("unsupported block size")
}
padlen := blockSize - len(msg)%blockSize
padding := bytes.Repeat([]byte{byte(padlen)}, padlen)
return append(msg, padding...)
}