From ed94c373ffcca60c6b9f95ebde40783da581196a Mon Sep 17 00:00:00 2001 From: TsMask <340112800@qq.com> Date: Fri, 19 Apr 2024 19:55:20 +0800 Subject: [PATCH] =?UTF-8?q?fix:=20=E5=8A=A0=E5=AF=86=E5=B7=A5=E5=85=B7aes?= =?UTF-8?q?=E4=BC=98=E5=8C=96=E9=81=BF=E5=85=8Dpanic?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/framework/utils/crypto/aes.go | 87 ++++++++++++++++++------------- 1 file changed, 50 insertions(+), 37 deletions(-) diff --git a/src/framework/utils/crypto/aes.go b/src/framework/utils/crypto/aes.go index 4db36acc..290eb718 100644 --- a/src/framework/utils/crypto/aes.go +++ b/src/framework/utils/crypto/aes.go @@ -10,21 +10,17 @@ import ( "io" ) -// aesKey 字符串AES加解密密钥 -const aesKey = "AGT66VfY4SMaiT97" - // StringEncryptByAES 字符串AES加密 func StringEncryptByAES(text string) (string, error) { if len(text) == 0 { return "", nil } - pass := []byte(text) - xpass, err := aesEncryptWithSalt([]byte(aesKey), pass) - if err == nil { - pass64 := base64.StdEncoding.EncodeToString(xpass) - return pass64, err + xpass, err := aesEncryptWithSalt([]byte(text)) + if err != nil { + return "", err } - return "", err + pass64 := base64.StdEncoding.EncodeToString(xpass) + return pass64, nil } // StringDecryptByAES 字符串AES解密 @@ -36,53 +32,70 @@ func StringDecryptByAES(text string) (string, error) { if err != nil { return "", err } - var tpass []byte - tpass, err = aesDecryptWithSalt([]byte(aesKey), bytesPass) - if err == nil { - result := string(tpass[:]) - return result, err + + tpass, err := aesDecryptWithSalt(bytesPass) + if err != nil { + return "", err } - return "", err + return string(tpass), nil } -// aesEncryptWithSalt AES加密 -func aesEncryptWithSalt(key, plaintext []byte) ([]byte, error) { - blockSize := aes.BlockSize - padding := blockSize - len(plaintext)%blockSize - padtext := bytes.Repeat([]byte{byte(padding)}, padding) - plaintext = append(plaintext, padtext...) +// aesKey 字符串AES加解密密钥 +const aesKey = "AGT66VfY4SMaiT97a7df0aef1704d5c5" - block, err := aes.NewCipher(key) +// const aesKey = "AGT66VfY4SMaiT97" +// aesEncryptWithSalt AES加密 +func aesEncryptWithSalt(plaintext []byte) ([]byte, error) { + block, err := aes.NewCipher([]byte(aesKey)) if err != nil { return nil, err } + blockSize := aes.BlockSize + + padding := blockSize - (len(plaintext) % blockSize) + padtext := bytes.Repeat([]byte{byte(padding)}, padding) + plaintext = append(plaintext, padtext...) + ciphertext := make([]byte, blockSize+len(plaintext)) - iv := ciphertext[0:blockSize] + iv := ciphertext[:blockSize] if _, err := io.ReadFull(rand.Reader, iv); err != nil { return nil, err } - cbc := cipher.NewCBCEncrypter(block, iv) - cbc.CryptBlocks(ciphertext[blockSize:], plaintext) + + mode := cipher.NewCBCEncrypter(block, iv) + mode.CryptBlocks(ciphertext[blockSize:], plaintext) + return ciphertext, nil } // aesDecryptWithSalt AES解密 -func aesDecryptWithSalt(key, ciphertext []byte) ([]byte, error) { +func aesDecryptWithSalt(ciphertext []byte) ([]byte, error) { blockSize := aes.BlockSize - var block cipher.Block - block, err := aes.NewCipher(key) + if len(ciphertext) < blockSize { + return nil, fmt.Errorf("ciphertext too short") + } + + iv := ciphertext[:blockSize] + ciphertext = ciphertext[blockSize:] + + block, err := aes.NewCipher([]byte(aesKey)) if err != nil { return nil, err } - if len(ciphertext) < blockSize { - return nil, fmt.Errorf("iciphertext too short") + + if len(ciphertext)%blockSize != 0 { + return nil, fmt.Errorf("ciphertext is not a multiple of the block size") } - iv := ciphertext[:blockSize] - ciphertext = ciphertext[blockSize:] - cbc := cipher.NewCBCDecrypter(block, iv) - cbc.CryptBlocks(ciphertext, ciphertext) - length := len(ciphertext) - unpadding := int(ciphertext[len(ciphertext)-1]) - ciphertext = ciphertext[:(length - unpadding)] + + mode := cipher.NewCBCDecrypter(block, iv) + mode.CryptBlocks(ciphertext, ciphertext) + + // 去除填充 + padding := int(ciphertext[len(ciphertext)-1]) + if padding > blockSize || padding == 0 { + return nil, fmt.Errorf("invalid padding") + } + ciphertext = ciphertext[:len(ciphertext)-padding] + return ciphertext, nil }