其实网上关于aes加密和解密的文章很多,尤其是 https://cloud.tencent.com/developer/section/1140748, 只是我个人喜欢用字符串形式,所以整理了一下:
package utils
import (
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"encoding/hex"
"fmt"
"io"
)
/*
AES CBC 加密
key:加密key
plaintext:加密明文
ciphertext:解密返回字节字符串[ 整型以十六进制方式显示]
*/
func AESCBCEncrypt(key, plaintext string) (ciphertext string) {
plainbyte := []byte(plaintext)
keybyte := []byte(key)
if len(plainbyte)%aes.BlockSize != 0 {
panic("plaintext is not a multiple of the block size")
}
block, err := aes.NewCipher(keybyte)
if err != nil {
panic(err)
}
cipherbyte := make([]byte, aes.BlockSize+len(plainbyte))
iv := cipherbyte[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
panic(err)
}
mode := cipher.NewCBCEncrypter(block, iv)
mode.CryptBlocks(cipherbyte[aes.BlockSize:], plainbyte)
ciphertext = fmt.Sprintf("%x\n", cipherbyte)
return
}
/*
AES CBC 解码
key:解密key
ciphertext:加密返回的串
plaintext:解密后的字符串
*/
func AESCBCDecrypter(key, ciphertext string) (plaintext string) {
cipherbyte, _ := hex.DecodeString(ciphertext)
keybyte := []byte(key)
block, err := aes.NewCipher(keybyte)
if err != nil {
panic(err)
}
if len(cipherbyte) < aes.BlockSize {
panic("ciphertext too short")
}
iv := cipherbyte[:aes.BlockSize]
cipherbyte = cipherbyte[aes.BlockSize:]
if len(cipherbyte)%aes.BlockSize != 0 {
panic("ciphertext is not a multiple of the block size")
}
mode := cipher.NewCBCDecrypter(block, iv)
mode.CryptBlocks(cipherbyte, cipherbyte)
//fmt.Printf("%s\n", ciphertext)
plaintext = string(cipherbyte[:])
return
}
/*
AES GCM 加密
key:加密key
plaintext:加密明文
ciphertext:解密返回字节字符串[ 整型以十六进制方式显示]
*/
func AESGCMEncrypt(key, plaintext string) (ciphertext, noncetext string) {
plainbyte := []byte(plaintext)
keybyte := []byte(key)
block, err := aes.NewCipher(keybyte)
if err != nil {
panic(err.Error())
}
// 由于存在重复的风险,请勿使用给定密钥使用超过2^32个随机值。
nonce := make([]byte, 12)
if _, err := io.ReadFull(rand.Reader, nonce); err != nil {
panic(err.Error())
}
aesgcm, err := cipher.NewGCM(block)
if err != nil {
panic(err.Error())
}
cipherbyte := aesgcm.Seal(nil, nonce, plainbyte, nil)
ciphertext = fmt.Sprintf("%x\n", cipherbyte)
noncetext = fmt.Sprintf("%x\n", nonce)
return
}
/*
AES CBC 解码
key:解密key
ciphertext:加密返回的串
plaintext:解密后的字符串
*/
func AESGCMDecrypter(key, ciphertext, noncetext string) (plaintext string) {
cipherbyte, _ := hex.DecodeString(ciphertext)
nonce, _ := hex.DecodeString(noncetext)
keybyte := []byte(key)
block, err := aes.NewCipher(keybyte)
if err != nil {
panic(err.Error())
}
aesgcm, err := cipher.NewGCM(block)
if err != nil {
panic(err.Error())
}
plainbyte, err := aesgcm.Open(nil, nonce, cipherbyte, nil)
if err != nil {
panic(err.Error())
}
//fmt.Printf("%s\n", ciphertext)
plaintext = string(plainbyte[:])
return
}
使用很简单:
key := "example key 1234"
plaintext := "exampleplaintext"
ciphertext := utils.AESCBCEncrypt(key, plaintext)
fmt.Println(ciphertext)
plaintext = utils.AESCBCDecrypter(key, ciphertext)
fmt.Println(plaintext)
///GCM
noncetext := ""
ciphertext, noncetext = utils.AESGCMEncrypt(key, plaintext)
fmt.Println(ciphertext)
plaintext = utils.AESGCMDecrypter(key, ciphertext, noncetext)
fmt.Println(plaintext)