|
|
|
@@ -2,6 +2,8 @@
|
|
|
|
|
package spiral
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
stdaes "crypto/aes"
|
|
|
|
|
"crypto/cipher"
|
|
|
|
|
"errors"
|
|
|
|
|
"fmt"
|
|
|
|
|
"strings"
|
|
|
|
@@ -26,17 +28,51 @@ func generateKey(key string) []byte {
|
|
|
|
|
return keyBytes[4:36]
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 使用原始密钥进行AES-CBC-256加密(不经过二次SHA256处理)
|
|
|
|
|
func encryptWithRawKey(data []byte, key []byte, ivGenerator aes.IVGenerator) ([]byte, error) {
|
|
|
|
|
block, err := stdaes.NewCipher(key)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("创建加密单元失败,%w", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var key32 [32]byte
|
|
|
|
|
copy(key32[:], key)
|
|
|
|
|
iv := ivGenerator(key32)
|
|
|
|
|
|
|
|
|
|
plainText := encryption.Padding(data, block.BlockSize(), encryption.PKCS7Padding)
|
|
|
|
|
cipherText := make([]byte, len(plainText))
|
|
|
|
|
mode := cipher.NewCBCEncrypter(block, iv[:])
|
|
|
|
|
mode.CryptBlocks(cipherText, plainText)
|
|
|
|
|
|
|
|
|
|
return cipherText, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 使用原始密钥进行AES-CBC-256解密(不经过二次SHA256处理)
|
|
|
|
|
func decryptWithRawKey(data []byte, key []byte, ivGenerator aes.IVGenerator) ([]byte, error) {
|
|
|
|
|
block, err := stdaes.NewCipher(key)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, fmt.Errorf("创建加密单元失败,%w", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var key32 [32]byte
|
|
|
|
|
copy(key32[:], key)
|
|
|
|
|
iv := ivGenerator(key32)
|
|
|
|
|
|
|
|
|
|
plainText := make([]byte, len(data))
|
|
|
|
|
mode := cipher.NewCBCDecrypter(block, iv[:])
|
|
|
|
|
mode.CryptBlocks(plainText, data)
|
|
|
|
|
|
|
|
|
|
return encryption.Unpadding(plainText, encryption.PKCS7Padding), nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// 对给定的数据进行加密。
|
|
|
|
|
func Encrypt(data string, strength ...Strength) (string, error) {
|
|
|
|
|
var ivGen aes.IVGenerator
|
|
|
|
|
if append(strength, Enhanced)[0] == Compatible {
|
|
|
|
|
ivGen = aes.PrefixIVGenerator
|
|
|
|
|
} else {
|
|
|
|
|
ivGen = aes.XorIVGenerator
|
|
|
|
|
}
|
|
|
|
|
// 为了与Rust版本兼容,固定使用PrefixIVGenerator
|
|
|
|
|
ivGen := aes.PrefixIVGenerator
|
|
|
|
|
key := verifyCode.RandStr(20)
|
|
|
|
|
keyBytes := generateKey(key)
|
|
|
|
|
cipherData, err := aes.Encrypt([]byte(data), keyBytes, encryption.PKCS7Padding, ivGen)
|
|
|
|
|
// 直接使用keyBytes,不经过aes包的二次SHA256处理
|
|
|
|
|
cipherData, err := encryptWithRawKey([]byte(data), keyBytes, ivGen)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "", fmt.Errorf("加密计算失败,%w", err)
|
|
|
|
|
}
|
|
|
|
@@ -49,12 +85,8 @@ func Encrypt(data string, strength ...Strength) (string, error) {
|
|
|
|
|
|
|
|
|
|
// 对给定的数据进行解密。
|
|
|
|
|
func Decrypt(data string, strength ...Strength) (string, error) {
|
|
|
|
|
var ivGen aes.IVGenerator
|
|
|
|
|
if append(strength, Enhanced)[0] == Compatible {
|
|
|
|
|
ivGen = aes.PrefixIVGenerator
|
|
|
|
|
} else {
|
|
|
|
|
ivGen = aes.XorIVGenerator
|
|
|
|
|
}
|
|
|
|
|
// 为了与Rust版本兼容,固定使用PrefixIVGenerator
|
|
|
|
|
ivGen := aes.PrefixIVGenerator
|
|
|
|
|
if message, found := strings.CutPrefix(data, "["); found {
|
|
|
|
|
if len(message) > 20 {
|
|
|
|
|
keySeed := message[:20]
|
|
|
|
@@ -63,7 +95,8 @@ func Decrypt(data string, strength ...Strength) (string, error) {
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "", fmt.Errorf("密文损坏无法解析,%w", err)
|
|
|
|
|
}
|
|
|
|
|
plainText, err := aes.Decrypt(cipherData, key, encryption.PKCS7Padding, ivGen)
|
|
|
|
|
// 直接使用key,不经过aes包的二次SHA256处理
|
|
|
|
|
plainText, err := decryptWithRawKey(cipherData, key, ivGen)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "", fmt.Errorf("密文解密计算失败,%w", err)
|
|
|
|
|
}
|
|
|
|
|
徐涛