package util import ( "bytes" "crypto/aes" "crypto/cipher" "crypto/rand" "encoding/base64" "io" ) // =================== CBC ====================== func EncryptAESByCBC(origData []byte, key []byte) (encrypted []byte) { // 分组秘钥 // NewCipher该函数限制了输入k的长度必须为16, 24或者32 block, _ := aes.NewCipher(key) blockSize := block.BlockSize() // 获取秘钥块的长度 origData = pkcs5Padding(origData, blockSize) // 补全码 blockMode := cipher.NewCBCEncrypter(block, key[:blockSize]) // 加密模式 encrypted = make([]byte, len(origData)) // 创建数组 blockMode.CryptBlocks(encrypted, origData) // 加密 return encrypted } func DecryptAESByCBC(encrypted []byte, key []byte) (decrypted []byte) { block, _ := aes.NewCipher(key) // 分组秘钥 blockSize := block.BlockSize() // 获取秘钥块的长度 blockMode := cipher.NewCBCDecrypter(block, key[:blockSize]) // 加密模式 decrypted = make([]byte, len(encrypted)) // 创建数组 blockMode.CryptBlocks(decrypted, encrypted) // 解密 decrypted = pkcs5UnPadding(decrypted) // 去除补全码 return decrypted } func pkcs5Padding(ciphertext []byte, blockSize int) []byte { padding := blockSize - len(ciphertext)%blockSize padtext := bytes.Repeat([]byte{byte(padding)}, padding) return append(ciphertext, padtext...) } func pkcs5UnPadding(origData []byte) []byte { length := len(origData) unpadding := int(origData[length-1]) return origData[:(length - unpadding)] } // =================== ECB ====================== func EncryptAESByECB(origData []byte, key string) (string, error) { cipherBLock, err := aes.NewCipher(generateKey([]byte(key))) if err != nil { return "", err } length := (len(origData) + aes.BlockSize) / aes.BlockSize plain := make([]byte, length*aes.BlockSize) copy(plain, origData) pad := byte(len(plain) - len(origData)) for i := len(origData); i < len(plain); i++ { plain[i] = pad } encrypted := make([]byte, len(plain)) // 分组分块加密 for bs, be := 0, cipherBLock.BlockSize(); bs <= len(origData); bs, be = bs+cipherBLock.BlockSize(), be+cipherBLock.BlockSize() { cipherBLock.Encrypt(encrypted[bs:be], plain[bs:be]) } encryptedBase64 := base64.StdEncoding.EncodeToString(encrypted) return encryptedBase64, nil } func DecryptAESByECB(decryptData, key string) ([]byte, error) { encrypted, err := base64.StdEncoding.DecodeString(decryptData) if err != nil { return nil, err } cipherBLock, err := aes.NewCipher(generateKey([]byte(key))) if err != nil { return nil, err } decrypted := make([]byte, len(encrypted)) for bs, be := 0, cipherBLock.BlockSize(); bs < len(encrypted); bs, be = bs+cipherBLock.BlockSize(), be+cipherBLock.BlockSize() { cipherBLock.Decrypt(decrypted[bs:be], encrypted[bs:be]) } trim := 0 if len(decrypted) > 0 { trim = len(decrypted) - int(decrypted[len(decrypted)-1]) } return decrypted[:trim], nil } func generateKey(key []byte) (genKey []byte) { genKey = make([]byte, 16) copy(genKey, key) for i := 16; i < len(key); { for j := 0; j < 16 && i < len(key); j, i = j+1, i+1 { genKey[j] ^= key[i] } } return genKey } // =================== CFB ====================== func EncryptAESByCFB(origData []byte, key []byte) (encrypted []byte) { block, err := aes.NewCipher(key) if err != nil { panic(err) } encrypted = make([]byte, aes.BlockSize+len(origData)) iv := encrypted[:aes.BlockSize] if _, err := io.ReadFull(rand.Reader, iv); err != nil { panic(err) } stream := cipher.NewCFBEncrypter(block, iv) stream.XORKeyStream(encrypted[aes.BlockSize:], origData) return encrypted } func DecryptAESByCFB(encrypted []byte, key []byte) (decrypted []byte) { block, _ := aes.NewCipher(key) if len(encrypted) < aes.BlockSize { panic("ciphertext too short") } iv := encrypted[:aes.BlockSize] encrypted = encrypted[aes.BlockSize:] stream := cipher.NewCFBDecrypter(block, iv) stream.XORKeyStream(encrypted, encrypted) return encrypted }