-
Notifications
You must be signed in to change notification settings - Fork 0
/
aes.go
142 lines (127 loc) · 3.55 KB
/
aes.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
package aes
import (
"bytes"
"crypto/aes"
"crypto/cipher"
)
func CBCEncrypt(origData, key, iv []byte) ([]byte, error) {
if len(iv) == 0 {
iv = key
}
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
blockSize := block.BlockSize()
origData = Pkcs7Padding(origData, blockSize)
blockMode := cipher.NewCBCEncrypter(block, iv[:blockSize])
crypted := make([]byte, len(origData))
blockMode.CryptBlocks(crypted, origData)
return crypted, nil
}
func CBCDecrypt(crypted, key, iv []byte) ([]byte, error) {
if len(iv) == 0 {
iv = key
}
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
blockSize := block.BlockSize()
blockMode := cipher.NewCBCDecrypter(block, iv[:blockSize])
origData := make([]byte, len(crypted))
blockMode.CryptBlocks(origData, crypted)
origData = UnPadding(origData)
return origData, nil
}
func Pkcs7Padding(cipherText []byte, blockSize int) []byte {
padding := blockSize - len(cipherText)%blockSize
padText := bytes.Repeat([]byte{byte(padding)}, padding)
return append(cipherText, padText...)
}
func UnPadding(origData []byte) []byte {
length := len(origData)
if length == 0 {
return origData
}
// 去掉最后一个字节 unpadding 次
unPadding := int(origData[length-1])
//解密去补码时需取最后一个字节,值为m,则从数据尾部删除m个字节,剩余数据即为加密前的原文
return origData[:(length - unPadding)]
}
func Pkcs5Padding(cipherText []byte, blockSize int) []byte {
return Pkcs7Padding(cipherText, 8)
}
func ECBEncrypt(data, key []byte) ([]byte, error) {
cipher, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
blockSize := cipher.BlockSize()
origData := Pkcs7Padding(data, blockSize)
ecb := NewECBEncrypter(cipher)
crypted := make([]byte, len(origData))
ecb.CryptBlocks(crypted, origData)
return crypted, nil
}
func ECBDecrypt(crypted, key []byte) ([]byte, error) {
cipher, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
blockMode := NewECBDecrypter(cipher)
origData := make([]byte, len(crypted)-len(crypted)%cipher.BlockSize())
blockMode.CryptBlocks(origData, crypted)
origData = UnPadding(origData)
return origData, nil
}
type ecb struct {
b cipher.Block
blockSize int
}
func newECB(b cipher.Block) *ecb {
return &ecb{
b: b,
blockSize: b.BlockSize(),
}
}
type ecbEncrypter ecb
// NewECBEncrypter returns a BlockMode which encrypts in electronic code book
// mode, using the given Block.
func NewECBEncrypter(b cipher.Block) cipher.BlockMode {
return (*ecbEncrypter)(newECB(b))
}
func (x *ecbEncrypter) BlockSize() int { return x.blockSize }
func (x *ecbEncrypter) CryptBlocks(dst, src []byte) {
if len(src)%x.blockSize != 0 {
panic("crypto/cipher: input not full blocks")
}
if len(dst) < len(src) {
panic("crypto/cipher: output smaller than input")
}
for len(src) > 0 {
x.b.Encrypt(dst, src[:x.blockSize])
src = src[x.blockSize:]
dst = dst[x.blockSize:]
}
}
type ecbDecrypter ecb
// NewECBDecrypter returns a BlockMode which decrypts in electronic code book
// mode, using the given Block
func NewECBDecrypter(b cipher.Block) cipher.BlockMode {
return (*ecbDecrypter)(newECB(b))
}
func (x *ecbDecrypter) BlockSize() int { return x.blockSize }
func (x *ecbDecrypter) CryptBlocks(dst, src []byte) {
/* if len(src)%x.blockSize != 0 {
panic("crypto/cipher: input not full blocks")
}
if len(dst) < len(src) {
panic("crypto/cipher: output smaller than input")
}*/
for len(src) >= x.blockSize {
x.b.Decrypt(dst, src[:x.blockSize])
src = src[x.blockSize:]
dst = dst[x.blockSize:]
}
}