package util import ( "bytes" "crypto/aes" "crypto/cipher" ) func PKCS5Padding(plaintext []byte, blockSize int) []byte { padding := blockSize - len(plaintext)%blockSize padtext := bytes.Repeat([]byte{byte(padding)}, padding) return append(plaintext, padtext...) } //@brief:去除填充数据 func PKCS5UnPadding(origData []byte, blockSize int) []byte { length := len(origData) unpadding := int(origData[length-1]) return origData[:(length - unpadding)] } // PKCS7Padding right-pads the given byte slice with 1 to n bytes, where // n is the block size. The size of the result is x times n, where x // is at least 1. func PKCS7Padding(b []byte, blockSize int) []byte { if blockSize <= 0 { return nil } if b == nil || len(b) == 0 { return nil } n := blockSize - (len(b) % blockSize) pb := make([]byte, len(b)+n) copy(pb, b) copy(pb[len(b):], bytes.Repeat([]byte{byte(n)}, n)) return pb } // PKCS7UnPadding validates and unpads data from the given bytes slice. // The returned value will be 1 to n bytes smaller depending on the // amount of padding, where n is the block size. func PKCS7UnPadding(b []byte, blockSize int) []byte { if blockSize <= 0 { return nil } if b == nil || len(b) == 0 { return nil } if len(b)%blockSize != 0 { return nil } c := b[len(b)-1] n := int(c) if n == 0 || n > len(b) { return nil } for i := 0; i < n; i++ { if b[len(b)-n+i] != c { return nil } } return b[:len(b)-n] } // AES加密 func AesEncrypt(origData, key []byte) ([]byte, error) { block, err := aes.NewCipher(key) if err != nil { return nil, err } //AES分组长度为128位,所以blockSize=16,单位字节 blockSize := block.BlockSize() origData = PKCS7Padding(origData, blockSize) blockMode := cipher.NewCBCEncrypter(block, key[:blockSize]) //初始向量的长度必须等于块block的长度16字节 crypted := make([]byte, len(origData)) blockMode.CryptBlocks(crypted, origData) return crypted, nil } // AES解密 func AesDecrypt(crypted, key []byte) ([]byte, error) { block, err := aes.NewCipher(key) if err != nil { return nil, err } //AES分组长度为128位,所以blockSize=16,单位字节 blockSize := block.BlockSize() blockMode := cipher.NewCBCDecrypter(block, key[:blockSize]) //初始向量的长度必须等于块block的长度16字节 origData := make([]byte, len(crypted)) blockMode.CryptBlocks(origData, crypted) origData = PKCS7UnPadding(origData, blockSize) return origData, nil } func ECBEncrypt(block cipher.Block, src, key []byte) ([]byte, error) { blockSize := block.BlockSize() encryptData := make([]byte, len(src)) tmpData := make([]byte, blockSize) for index := 0; index < len(src); index += blockSize { block.Encrypt(tmpData, src[index:index+blockSize]) copy(encryptData, tmpData) } return encryptData, nil } func ECBDecrypt(block cipher.Block, src, key []byte) ([]byte, error) { dst := make([]byte, len(src)) blockSize := block.BlockSize() tmpData := make([]byte, blockSize) for index := 0; index < len(src); index += blockSize { block.Decrypt(tmpData, src[index:index+blockSize]) copy(dst, tmpData) } return dst, nil }