package encrypt import ( "bytes" "crypto/aes" "crypto/cipher" "encoding/hex" ) /*CBC加密 按照golang标准库的例子代码 不过里面没有填充的部分,所以补上,根据key来决定填充blocksize */ //使用PKCS7进行填充,IOS也是7 func pkcs7Padding(ciphertext []byte, blockSize int) []byte { padding := blockSize - len(ciphertext)%blockSize padtext := bytes.Repeat([]byte{byte(0)}, padding) return append(ciphertext, padtext...) } func pkcs7UnPadding(ciphertext []byte, blockSize int) []byte { padding := blockSize - len(ciphertext)%blockSize padtext := bytes.Repeat([]byte{0}, padding) //用0去填充 return append(ciphertext, padtext...) } //aes加密,填充模式由key决定,16位,24,32分别对应AES-128, AES-192, or AES-256.源码好像是写死16了 func AesCBCEncrypt(rawData, key []byte) ([]byte, error) { block, err := aes.NewCipher(key) if err != nil { panic(err) } //填充原文 blockSize := block.BlockSize() rawData = pkcs7Padding(rawData, blockSize) cipherText := make([]byte, len(rawData)) //block大小和初始向量大小一定要一致 mode := cipher.NewCBCEncrypter(block, key) mode.CryptBlocks(cipherText, rawData) return cipherText, nil } func AesCBCDecrypt(encryptData, key []byte) ([]byte, error) { block, err := aes.NewCipher(key) if err != nil { panic(err) } blockSize := block.BlockSize() if len(encryptData) < blockSize { panic("ciphertext too short") } // CBC mode always works in whole blocks. if len(encryptData)%blockSize != 0 { panic("ciphertext is not a multiple of the block size") } mode := cipher.NewCBCDecrypter(block, key) // CryptBlocks can work in-place if the two arguments are the same. mode.CryptBlocks(encryptData, encryptData) //解填充 encryptData = pkcs7UnPadding(encryptData, blockSize) return encryptData, nil } func Encrypt(rawData, key []byte) (string, error) { data, err := AesCBCEncrypt(rawData, key) if err != nil { return "", err } encryptData := hex.EncodeToString(data) return encryptData, nil } func Decrypt(rawData string, key []byte) (string, error) { data, err := hex.DecodeString(rawData) if err != nil { return "", err } dnData, err := AesCBCDecrypt(data, key) if err != nil { return "", err } return string(dnData), nil }