内容简介:golang AES加密函数的使用AES: Advanced Encryption Standard高阶加密标准,是用来代替 老的DES的。
golang AES加密函数的使用
- 什么是AES
AES: Advanced Encryption Standard
高阶加密标准,是用来代替 老的DES的。
AES加密算法的加密块必须是16字节(128bit),所以不足部分需要填充,常用的填充算法是PKCS7。
AES加密算法的key可以是16字节(AES128),或者24字节(AES192),或者是32字节(AES256)
- AES算法的具体实现种类
ECB:Electronic Codebook Book
CBC:Cipher Block Chaining:这是最常见的块加密实现
CTR:Counter
CFB:Cipher FeedBack
OFB:Output FeedBack
具体的差异我也没去弄明白,知道这么个意思,加密算法稍后差异。
- golang crypt库实现的加密函数
包括AES,CBC,CTR,OFB,CFB,GCM。
这其中GCM不需要加密块必须16字节长度,可以是任意长度,其他的都需要16字节对其,所以不足部分都需要补充。
package main import ( "io" "fmt" "crypto/aes" "crypto/cipher" "crypto/rand" ) func main() { key := []byte("12345678901234567890123456789012") // 32 bytes long plainText := []byte("123") fmt.Printf("Original Text: [%s]\n",plainText) cipherText, _ := AESEncrypt(key, plainText) // replace with corresponding encrypt implementation decryptText, _ := AESDecrypt(key, cipherText) fmt.Printf("AES Decrypted Text: [%s]\n", decryptText) }
3.1 AES
func AESEncrypt(key []byte, data[]byte) ([]byte, error) { data = pad(data, aes.BlockSize) c, _ := aes.NewCipher(key) out := make([]byte, len(data)) c.Encrypt(out, []byte(data)) return out, nil } func AESDecrypt(key []byte, data[]byte) ([]byte, error) { c, _ := aes.NewCipher(key) out := make([]byte, len(data)) c.Decrypt(out, data) out, _ = unpad(out) return out, nil }
3.2 CBC
func CBCEncrypt(key []byte, data []byte) ([]byte, error) { data = pad(data, aes.BlockSize) block, _ := aes.NewCipher(key) out := make([]byte, aes.BlockSize + len(data)) iv := out[:aes.BlockSize] io.ReadFull(rand.Reader, iv) mode := cipher.NewCBCEncrypter(block, iv) mode.CryptBlocks(out[aes.BlockSize:], []byte(data)) return out, nil } func CBCDecrypt(key []byte, data []byte) ([]byte, error) { block, _ := aes.NewCipher(key) iv := data[:aes.BlockSize] data = data[aes.BlockSize:] if len(data) % aes.BlockSize != 0 { return nil, fmt.Errorf("data is not a multiple of the block size") } out := make([]byte, len(data)) mode := cipher.NewCBCDecrypter(block, iv) mode.CryptBlocks(out, data) out, _ = unpad(out) return out, nil }
3.3 CTR
func CTREncrypt(key []byte, data[]byte) ([]byte, error) { data = pad(data, aes.BlockSize) block, _ := aes.NewCipher([]byte(key)) out := make([]byte, aes.BlockSize + len(data)) iv := out[:aes.BlockSize] if _, err := io.ReadFull(rand.Reader, iv); err != nil { return nil, err } stream := cipher.NewCTR(block, iv) stream.XORKeyStream(out[aes.BlockSize:], data) return out, nil } func CTRDecrypt(key []byte, data[]byte) ([]byte, error) { block, _ := aes.NewCipher([]byte(key)) iv := data[:aes.BlockSize] data = data[aes.BlockSize:] if len(data) % aes.BlockSize != 0 { return nil, fmt.Errorf("data is not a multiple of the block size") } out := make([]byte, len(data)) mode := cipher.NewCTR(block, iv) mode.XORKeyStream(out, data) out, _ = unpad(out) return out, nil }
3.4 OFB
func OFBEncrypt(key []byte, data[]byte) ([]byte, error) { data = pad(data, aes.BlockSize) block, _ := aes.NewCipher([]byte(key)) out := make([]byte, aes.BlockSize + len(data)) iv := out[:aes.BlockSize] if _, err := io.ReadFull(rand.Reader, iv); err != nil { return nil, err } stream := cipher.NewOFB(block, iv) stream.XORKeyStream(out[aes.BlockSize:], data) return out, nil } func OFBDecrypt(key []byte, data[]byte) ([]byte, error) { block, _ := aes.NewCipher([]byte(key)) iv := data[:aes.BlockSize] data = data[aes.BlockSize:] if len(data) % aes.BlockSize != 0 { return nil, fmt.Errorf("data is not a multiple of the block size") } out := make([]byte, len(data)) mode := cipher.NewOFB(block, iv) mode.XORKeyStream(out, data) out, _ = unpad(out) return out, nil }
3.5 CFB
func CFBEncrypt(key []byte, data[]byte) ([]byte, error) { data = pad(data, aes.BlockSize) block, _ := aes.NewCipher([]byte(key)) out := make([]byte, aes.BlockSize + len(data)) iv := out[:aes.BlockSize] if _, err := io.ReadFull(rand.Reader, iv); err != nil { return nil, err } stream := cipher.NewCFBEncrypter(block, iv) stream.XORKeyStream(out[aes.BlockSize:], data) return out, nil } func CFBDecrypt(key []byte, data[]byte) ([]byte, error) { block, _ := aes.NewCipher([]byte(key)) iv := data[:aes.BlockSize] data = data[aes.BlockSize:] if len(data) % aes.BlockSize != 0 { return nil, fmt.Errorf("data is not a multiple of the block size") } out := make([]byte, len(data)) mode := cipher.NewCFBDecrypter(block, iv) mode.XORKeyStream(out, data) out, _ = unpad(out) return out, nil }
3.6 GCM
GCM实现算法不需要pad。
func GCMEncrypt(key []byte, data[]byte) ([]byte, error) { block, _ := aes.NewCipher([]byte(key)) aesgcm, _ := cipher.NewGCM(block) nonce := make([]byte, aesgcm.NonceSize()) io.ReadFull(rand.Reader, nonce) out := aesgcm.Seal(nonce, nonce, data, nil) return out, nil } func GCMDecrypt(key []byte, data[]byte) ([]byte, error) { block, _ := aes.NewCipher([]byte(key)) aesgcm, _ := cipher.NewGCM(block) nonce, ciphertext := data[:aesgcm.NonceSize()], data[aesgcm.NonceSize():] out, err := aesgcm.Open(nil, nonce, ciphertext, nil) return out, nil }
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网
猜你喜欢:- 微软开源SEAL简单加密算法函数库
- python中使用加盐哈希函数加密密码
- 加密原理详解:对称式加密 VS 非对称式加密
- 编码、摘要和加密(三)——数据加密
- 聊聊对称加密与非对称加密
- 手机游戏加密之2d资源加密
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。