我正在尝试加密数据库中的一些文本,以在程序启动期间加载和解密。
我尝试了几种方法,包括第三方库https://github.com/richard-lyman/lithcrypt无效。使用以下方法加密/解密8/10个项目,但似乎在加密/解密中的某个时间点留下了一些填充残差。因为它是我的代码是这样的:
package client
import (
"encoding/base64"
"crypto/aes"
"crypto/cipher"
"fmt"
)
var iv = []byte{34,35,57,68,4,36,7,8,23,86,23}
func encodeBase64(b []byte) string {
return base64.StdEncoding.EncodeToString(b)
}
func decodeBase64(s string) []byte {
data,err := base64.StdEncoding.DecodeString(s)
if err != nil { panic(err) }
return data
}
func Encrypt(key,text string) string {
block,err := aes.NewCipher([]byte(key))
if err != nil { panic(err) }
plaintext := []byte(text)
cfb := cipher.NewCFBEncrypter(block,iv)
ciphertext := make([]byte,len(plaintext))
cfb.XORKeyStream(ciphertext,plaintext)
return encodeBase64(ciphertext)
}
func Decrypt(key,err := aes.NewCipher([]byte(key))
if err != nil { panic(err) }
ciphertext := decodeBase64(text)
cfb := cipher.NewCFBEncrypter(block,iv)
plaintext := make([]byte,len(ciphertext))
cfb.XORKeyStream(plaintext,ciphertext)
}
有人提到我可能需要填写字符串,但是看起来很奇怪,我必须填写流密码。
这是基于
NewCFBEncrypter / NewCFBDecrypter examples,似乎做你所需要的:
原文链接:https://www.f2er.com/go/187329.html编辑:基于Kluyg关于IV创建的评论,我修改了示例代码,使用与linked示例相同的密文创建IV的推荐方法,从密文创建IV。 (在生产代码中,每次应该单独生成IV,感谢RoundSparrow hilltx指出这一点。)
我认为你遇到的问题是由于密钥长度无效,但我不是100%肯定的。
package main
import (
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"encoding/base64"
"errors"
"fmt"
"io"
"log"
)
func main() {
key := []byte("a very very very very secret key") // 32 bytes
plaintext := []byte("some really really really long plaintext")
fmt.Printf("%s\n",plaintext)
ciphertext,err := encrypt(key,plaintext)
if err != nil {
log.Fatal(err)
}
fmt.Printf("%0x\n",ciphertext)
result,err := decrypt(key,ciphertext)
if err != nil {
log.Fatal(err)
}
fmt.Printf("%s\n",result)
}
// See alternate IV creation from ciphertext below
//var iv = []byte{35,46,24,85,74,87,88,98,66,32,14,05}
func encrypt(key,text []byte) ([]byte,error) {
block,err := aes.NewCipher(key)
if err != nil {
return nil,err
}
b := base64.StdEncoding.EncodeToString(text)
ciphertext := make([]byte,aes.BlockSize+len(b))
iv := ciphertext[:aes.BlockSize]
if _,err := io.ReadFull(rand.Reader,iv); err != nil {
return nil,err
}
cfb := cipher.NewCFBEncrypter(block,iv)
cfb.XORKeyStream(ciphertext[aes.BlockSize:],[]byte(b))
return ciphertext,nil
}
func decrypt(key,err
}
if len(text) < aes.BlockSize {
return nil,errors.New("ciphertext too short")
}
iv := text[:aes.BlockSize]
text = text[aes.BlockSize:]
cfb := cipher.NewCFBDecrypter(block,iv)
cfb.XORKeyStream(text,text)
data,err := base64.StdEncoding.DecodeString(string(text))
if err != nil {
return nil,err
}
return data,nil
}
产品:
some really really really long plaintext
54618bd6bb10612a7b590c53192df214501e01b685540b012581a0ed9ff3ddaa1f4177cc6186b501fb8cce0c2eb764daff475aab724d4d33e614d7d89cf556d8512fd920018c090f
some really really really long plaintext
希望有助于指出问题。
