bsm-sdk
/
core
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 60 Wiki Activity

fix

This commit is contained in:
zhaoxiaorong 2025-07-29 09:43:14 +08:00
parent f8d7737723
commit 93491fa747
2 changed files with 91 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
README.md
View File

@ -5,3 +5,23 @@ go env -w GONOPROXY=git.apinb.com/*
go env -w GOINSECURE=git.apinb.com/* go env -w GOINSECURE=git.apinb.com/*
go env -w GONOSUMDB=git.apinb.com/* go env -w GONOSUMDB=git.apinb.com/*
``` ```
# crypto 加密与解密
## GCM加密
```
AESGCMEncrypt GCM 加密
AESGCMDecrypt GCM 解密
```
## CBC加密
```
Encrypt CBC加密
Decrypt CBC解密
```
## ECB加密
```
AesEncryptECB ECB加密
AesDecryptECB ECB解密
```
## 环境变量检测
```
AesKeyCheck 秘钥环境变量检测
```

73
crypto/aes/aes.go
View File

@ -4,10 +4,58 @@ import (
"bytes" "bytes"
"crypto/aes" "crypto/aes"
"crypto/cipher" "crypto/cipher"
"crypto/rand"
"encoding/base64" "encoding/base64"
"encoding/hex"
"errors"
"fmt"
"io"
"os"
) )
// AES加密 // =================== GCM ======================
// AEC GCM 加密
func AESGCMEncrypt(plaintext, key []byte) (string, error) {
block, err := aes.NewCipher(key)
if err != nil {
return "", err
}
gcm, err := cipher.NewGCM(block)
if err != nil {
return "", err
}
nonce := make([]byte, gcm.NonceSize())
if _, err = io.ReadFull(rand.Reader, nonce); err != nil {
return "", err
}
ciphertext := gcm.Seal(nonce, nonce, plaintext, nil)
return hex.EncodeToString(ciphertext), nil
}
// AEC GCM 解密
func AESGCMDecrypt(ciphertext string, key []byte) ([]byte, error) {
data, err := hex.DecodeString(ciphertext)
if err != nil {
return nil, err
}
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
gcm, err := cipher.NewGCM(block)
if err != nil {
return nil, err
}
nonceSize := gcm.NonceSize()
if len(data) < nonceSize {
return nil, errors.New("密文无效")
}
nonce, cipherbyte := data[:nonceSize], data[nonceSize:]
return gcm.Open(nil, nonce, cipherbyte, nil)
}
// =================== CBC ======================
// AES CBC加密
func Encrypt(key string, iv string, data string) string { func Encrypt(key string, iv string, data string) string {
if len(data) == 0 { if len(data) == 0 {
return "" return ""
@ -24,7 +72,7 @@ func Encrypt(key string, iv string, data string) string {
return data return data
} }
// AES解密 // AES CBC解密
func Decrypt(key string, iv string, data string) string { func Decrypt(key string, iv string, data string) string {
if len(data) == 0 { if len(data) == 0 {
return "" return ""
@ -102,3 +150,24 @@ func generateKey(key []byte) (genKey []byte) {
} }
return genKey return genKey
} }
func AesKeyCheck(key string) (string, error) {
// 从环境变量获取密钥
keyHex := os.Getenv("RST_KEY")
if keyHex == "" {
fmt.Println("环境变量 RST_KEY 未设置")
return "", errors.New("环境变量 RST_KEY 未设置")
}
// 解码十六进制字符串的密钥
byteKey, err := hex.DecodeString(keyHex)
if err != nil {
fmt.Printf("密钥解码失败: %v\n", err)
return "", errors.New("密钥解码失败")
}
// 检查密钥长度
if len(byteKey) != 16 && len(key) != 24 && len(key) != 32 {
fmt.Printf("无效的密钥长度: %d 字节 (需要16,24或32字节)\n", len(key))
return "", errors.New("无效的密钥长度,需要16,24或32字节")
}
return keyHex, nil
}