ccfos
/
nightingale
Not watched
1
0
Fork 0
Code
Releases 20 Wiki evaluate Activity
Issues 0 Pull Requests 0 Datasets Model Cloudbrain HPC
You can not select more than 25 topics Topics must start with a chinese character,a letter or number, can include dashes ('-') and can be up to 35 characters long.
Tree: 765b3a57fe
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '765b3a57fe'
${ noResults }
nightingale/pkg/secu/aes.go

101 lines
2.4 kB
Raw Blame History 

  1. package secu

  2. 

  3. import (

  4. 	"bytes"

  5. 	"crypto/aes"

  6. 	"crypto/cipher"

  7. 	"encoding/base64"

  8. 	"strings"

  9. )

  10. 

  11. // BASE64StdEncode base64编码

  12. func BASE64StdEncode(src []byte) string {

  13. 	return base64.StdEncoding.EncodeToString(src)

  14. }

  15. 

  16. // BASE64StdDecode base64解码

  17. func BASE64StdDecode(src string) ([]byte, error) {

  18. 	dst, err := base64.StdEncoding.DecodeString(src)

  19. 	if err != nil {

  20. 		return nil, err

  21. 	}

  22. 	return dst, nil

  23. }

  24. 

  25. func PKCS7Padding(ciphertext []byte, blockSize int) []byte {

  26. 	padding := blockSize - len(ciphertext)%blockSize

  27. 	padtext := bytes.Repeat([]byte{byte(padding)}, padding)

  28. 	return append(ciphertext, padtext...)

  29. }

  30. 

  31. func PKCS7UnPadding(originData []byte) []byte {

  32. 	length := len(originData)

  33. 	unpadding := int(originData[length-1])

  34. 	return originData[:(length - unpadding)]

  35. }

  36. 

  37. //AES加密

  38. func AesEncrypt(origData, key []byte) ([]byte, error) {

  39. 	block, err := aes.NewCipher(key)

  40. 	if err != nil {

  41. 		return nil, err

  42. 	}

  43. 	//加密块填充

  44. 	blockSize := block.BlockSize()

  45. 	padOrigData := PKCS7Padding(origData, blockSize)

  46. 	//初始化CBC加密

  47. 	blockMode := cipher.NewCBCEncrypter(block, key[:blockSize])

  48. 	crypted := make([]byte, len(padOrigData))

  49. 	//加密

  50. 	blockMode.CryptBlocks(crypted, padOrigData)

  51. 	return crypted, nil

  52. }

  53. 

  54. //AES解密

  55. func AesDecrypt(crypted, key []byte) ([]byte, error) {

  56. 	block, err := aes.NewCipher(key)

  57. 	if err != nil {

  58. 		return nil, err

  59. 	}

  60. 	blockSize := block.BlockSize()

  61. 	blockMode := cipher.NewCBCDecrypter(block, key[:blockSize])

  62. 	origData := make([]byte, len(crypted))

  63. 	//解密

  64. 	blockMode.CryptBlocks(origData, crypted)

  65. 	//去除填充

  66. 	origData = PKCS7UnPadding(origData)

  67. 	return origData, nil

  68. }

  69. 

  70. // 针对配置文件属性进行解密处理

  71. func DealWithDecrypt(src string, key string) (string, error) {

  72. 	//如果是{{cipher}}前缀,则代表是加密过的属性,先解密

  73. 	if strings.HasPrefix(src, "{{cipher}}") {

  74. 		data := src[10:]

  75. 		decodeData, err := BASE64StdDecode(data)

  76. 		if err != nil {

  77. 			return src, err

  78. 		}

  79. 		//解密

  80. 		origin, err := AesDecrypt(decodeData, []byte(key))

  81. 		if err != nil {

  82. 			return src, err

  83. 		}

  84. 		//返回明文

  85. 		return string(origin), nil

  86. 	} else {

  87. 		return src, nil

  88. 	}

  89. }

  90. 

  91. // 针对配置文件属性进行加密处理

  92. func DealWithEncrypt(src string, key string) (string, error) {

  93. 	encrypted, err := AesEncrypt([]byte(src), []byte(key))

  94. 	if err != nil {

  95. 		return src, err

  96. 	}

  97. 

  98. 	data := BASE64StdEncode(encrypted)

  99. 	return "{{cipher}}" + data, nil

  100. }