我正在尝试加密数据库中的一些文本,以在程序启动期间加载和解密。
我尝试了几种方法,包括第三方库https://github.com/richard-lyman/lithcrypt无效。使用以下方法加密/解密8/10个项目,但似乎在加密/解密中的某个时间点留下了一些填充残差。因为它是我的代码是这样的:
package client import ( "encoding/base64" "crypto/aes" "crypto/cipher" "fmt" ) var iv = []byte{34,35,57,68,4,36,7,8,23,86,23} func encodeBase64(b []byte) string { return base64.StdEncoding.EncodeToString(b) } func decodeBase64(s string) []byte { data,err := base64.StdEncoding.DecodeString(s) if err != nil { panic(err) } return data } func Encrypt(key,text string) string { block,err := aes.NewCipher([]byte(key)) if err != nil { panic(err) } plaintext := []byte(text) cfb := cipher.NewCFBEncrypter(block,iv) ciphertext := make([]byte,len(plaintext)) cfb.XORKeyStream(ciphertext,plaintext) return encodeBase64(ciphertext) } func Decrypt(key,err := aes.NewCipher([]byte(key)) if err != nil { panic(err) } ciphertext := decodeBase64(text) cfb := cipher.NewCFBEncrypter(block,iv) plaintext := make([]byte,len(ciphertext)) cfb.XORKeyStream(plaintext,ciphertext) }
有人提到我可能需要填写字符串,但是看起来很奇怪,我必须填写流密码。
这是基于
NewCFBEncrypter / NewCFBDecrypter examples,似乎做你所需要的:
编辑:基于Kluyg关于IV创建的评论,我修改了示例代码,使用与linked示例相同的密文创建IV的推荐方法,从密文创建IV。 (在生产代码中,每次应该单独生成IV,感谢RoundSparrow hilltx指出这一点。)
我认为你遇到的问题是由于密钥长度无效,但我不是100%肯定的。
package main import ( "crypto/aes" "crypto/cipher" "crypto/rand" "encoding/base64" "errors" "fmt" "io" "log" ) func main() { key := []byte("a very very very very secret key") // 32 bytes plaintext := []byte("some really really really long plaintext") fmt.Printf("%s\n",plaintext) ciphertext,err := encrypt(key,plaintext) if err != nil { log.Fatal(err) } fmt.Printf("%0x\n",ciphertext) result,err := decrypt(key,ciphertext) if err != nil { log.Fatal(err) } fmt.Printf("%s\n",result) } // See alternate IV creation from ciphertext below //var iv = []byte{35,46,24,85,74,87,88,98,66,32,14,05} func encrypt(key,text []byte) ([]byte,error) { block,err := aes.NewCipher(key) if err != nil { return nil,err } b := base64.StdEncoding.EncodeToString(text) ciphertext := make([]byte,aes.BlockSize+len(b)) iv := ciphertext[:aes.BlockSize] if _,err := io.ReadFull(rand.Reader,iv); err != nil { return nil,err } cfb := cipher.NewCFBEncrypter(block,iv) cfb.XORKeyStream(ciphertext[aes.BlockSize:],[]byte(b)) return ciphertext,nil } func decrypt(key,err } if len(text) < aes.BlockSize { return nil,errors.New("ciphertext too short") } iv := text[:aes.BlockSize] text = text[aes.BlockSize:] cfb := cipher.NewCFBDecrypter(block,iv) cfb.XORKeyStream(text,text) data,err := base64.StdEncoding.DecodeString(string(text)) if err != nil { return nil,err } return data,nil }
产品:
some really really really long plaintext
54618bd6bb10612a7b590c53192df214501e01b685540b012581a0ed9ff3ddaa1f4177cc6186b501fb8cce0c2eb764daff475aab724d4d33e614d7d89cf556d8512fd920018c090f
some really really really long plaintext
希望有助于指出问题。