内容简介:golang AES加密函数的使用AES: Advanced Encryption Standard高阶加密标准,是用来代替 老的DES的。
golang AES加密函数的使用
- 什么是AES
AES: Advanced Encryption Standard
高阶加密标准,是用来代替 老的DES的。
AES加密算法的加密块必须是16字节(128bit),所以不足部分需要填充,常用的填充算法是PKCS7。
AES加密算法的key可以是16字节(AES128),或者24字节(AES192),或者是32字节(AES256)
- AES算法的具体实现种类
ECB:Electronic Codebook Book
CBC:Cipher Block Chaining:这是最常见的块加密实现
CTR:Counter
CFB:Cipher FeedBack
OFB:Output FeedBack
具体的差异我也没去弄明白,知道这么个意思,加密算法稍后差异。
- golang crypt库实现的加密函数
包括AES,CBC,CTR,OFB,CFB,GCM。
这其中GCM不需要加密块必须16字节长度,可以是任意长度,其他的都需要16字节对其,所以不足部分都需要补充。
package main
import (
"io"
"fmt"
"crypto/aes"
"crypto/cipher"
"crypto/rand"
)
func main() {
key := []byte("12345678901234567890123456789012") // 32 bytes long
plainText := []byte("123")
fmt.Printf("Original Text: [%s]\n",plainText)
cipherText, _ := AESEncrypt(key, plainText) // replace with corresponding encrypt implementation
decryptText, _ := AESDecrypt(key, cipherText)
fmt.Printf("AES Decrypted Text: [%s]\n", decryptText)
}
3.1 AES
func AESEncrypt(key []byte, data[]byte) ([]byte, error) {
data = pad(data, aes.BlockSize)
c, _ := aes.NewCipher(key)
out := make([]byte, len(data))
c.Encrypt(out, []byte(data))
return out, nil
}
func AESDecrypt(key []byte, data[]byte) ([]byte, error) {
c, _ := aes.NewCipher(key)
out := make([]byte, len(data))
c.Decrypt(out, data)
out, _ = unpad(out)
return out, nil
}
3.2 CBC
func CBCEncrypt(key []byte, data []byte) ([]byte, error) {
data = pad(data, aes.BlockSize)
block, _ := aes.NewCipher(key)
out := make([]byte, aes.BlockSize + len(data))
iv := out[:aes.BlockSize]
io.ReadFull(rand.Reader, iv)
mode := cipher.NewCBCEncrypter(block, iv)
mode.CryptBlocks(out[aes.BlockSize:], []byte(data))
return out, nil
}
func CBCDecrypt(key []byte, data []byte) ([]byte, error) {
block, _ := aes.NewCipher(key)
iv := data[:aes.BlockSize]
data = data[aes.BlockSize:]
if len(data) % aes.BlockSize != 0 {
return nil, fmt.Errorf("data is not a multiple of the block size")
}
out := make([]byte, len(data))
mode := cipher.NewCBCDecrypter(block, iv)
mode.CryptBlocks(out, data)
out, _ = unpad(out)
return out, nil
}
3.3 CTR
func CTREncrypt(key []byte, data[]byte) ([]byte, error) {
data = pad(data, aes.BlockSize)
block, _ := aes.NewCipher([]byte(key))
out := make([]byte, aes.BlockSize + len(data))
iv := out[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err
}
stream := cipher.NewCTR(block, iv)
stream.XORKeyStream(out[aes.BlockSize:], data)
return out, nil
}
func CTRDecrypt(key []byte, data[]byte) ([]byte, error) {
block, _ := aes.NewCipher([]byte(key))
iv := data[:aes.BlockSize]
data = data[aes.BlockSize:]
if len(data) % aes.BlockSize != 0 {
return nil, fmt.Errorf("data is not a multiple of the block size")
}
out := make([]byte, len(data))
mode := cipher.NewCTR(block, iv)
mode.XORKeyStream(out, data)
out, _ = unpad(out)
return out, nil
}
3.4 OFB
func OFBEncrypt(key []byte, data[]byte) ([]byte, error) {
data = pad(data, aes.BlockSize)
block, _ := aes.NewCipher([]byte(key))
out := make([]byte, aes.BlockSize + len(data))
iv := out[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err
}
stream := cipher.NewOFB(block, iv)
stream.XORKeyStream(out[aes.BlockSize:], data)
return out, nil
}
func OFBDecrypt(key []byte, data[]byte) ([]byte, error) {
block, _ := aes.NewCipher([]byte(key))
iv := data[:aes.BlockSize]
data = data[aes.BlockSize:]
if len(data) % aes.BlockSize != 0 {
return nil, fmt.Errorf("data is not a multiple of the block size")
}
out := make([]byte, len(data))
mode := cipher.NewOFB(block, iv)
mode.XORKeyStream(out, data)
out, _ = unpad(out)
return out, nil
}
3.5 CFB
func CFBEncrypt(key []byte, data[]byte) ([]byte, error) {
data = pad(data, aes.BlockSize)
block, _ := aes.NewCipher([]byte(key))
out := make([]byte, aes.BlockSize + len(data))
iv := out[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err
}
stream := cipher.NewCFBEncrypter(block, iv)
stream.XORKeyStream(out[aes.BlockSize:], data)
return out, nil
}
func CFBDecrypt(key []byte, data[]byte) ([]byte, error) {
block, _ := aes.NewCipher([]byte(key))
iv := data[:aes.BlockSize]
data = data[aes.BlockSize:]
if len(data) % aes.BlockSize != 0 {
return nil, fmt.Errorf("data is not a multiple of the block size")
}
out := make([]byte, len(data))
mode := cipher.NewCFBDecrypter(block, iv)
mode.XORKeyStream(out, data)
out, _ = unpad(out)
return out, nil
}
3.6 GCM
GCM实现算法不需要pad。
func GCMEncrypt(key []byte, data[]byte) ([]byte, error) {
block, _ := aes.NewCipher([]byte(key))
aesgcm, _ := cipher.NewGCM(block)
nonce := make([]byte, aesgcm.NonceSize())
io.ReadFull(rand.Reader, nonce)
out := aesgcm.Seal(nonce, nonce, data, nil)
return out, nil
}
func GCMDecrypt(key []byte, data[]byte) ([]byte, error) {
block, _ := aes.NewCipher([]byte(key))
aesgcm, _ := cipher.NewGCM(block)
nonce, ciphertext := data[:aesgcm.NonceSize()], data[aesgcm.NonceSize():]
out, err := aesgcm.Open(nil, nonce, ciphertext, nil)
return out, nil
}
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网
猜你喜欢:
- 微软开源SEAL简单加密算法函数库
- python中使用加盐哈希函数加密密码
- 加密原理详解:对称式加密 VS 非对称式加密
- 编码、摘要和加密(三)——数据加密
- 聊聊对称加密与非对称加密
- 手机游戏加密之2d资源加密
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。
The Black Box Society
Frank Pasquale / Harvard University Press / 2015-1-5 / USD 35.00
Every day, corporations are connecting the dots about our personal behavior—silently scrutinizing clues left behind by our work habits and Internet use. The data compiled and portraits created are inc......一起来看看 《The Black Box Society》 这本书的介绍吧!
