# golang crypt包的AES加密函数的使用

golang AES加密函数的使用

1. 什么是AES

AES： Advanced Encryption Standard

AES加密算法的加密块必须是16字节(128bit)，所以不足部分需要填充，常用的填充算法是PKCS7。
AES加密算法的key可以是16字节(AES128)，或者24字节(AES192)，或者是32字节(AES256)

1. AES算法的具体实现种类

ECB：Electronic Codebook Book
CBC：Cipher Block Chaining：这是最常见的块加密实现

CTR：Counter
CFB：Cipher FeedBack
OFB：Output FeedBack

1. golang crypt库实现的加密函数

package main

import (
"io"
"fmt"
"crypto/aes"
"crypto/cipher"
"crypto/rand"
)

func main() {
key := []byte("12345678901234567890123456789012")    // 32 bytes long

plainText := []byte("123")
fmt.Printf("Original  Text: [%s]\n",plainText)

cipherText, _  := AESEncrypt(key, plainText)   // replace with corresponding encrypt implementation
decryptText, _ := AESDecrypt(key, cipherText)
fmt.Printf("AES Decrypted Text: [%s]\n", decryptText)
}

3.1 AES

func AESEncrypt(key []byte, data[]byte) ([]byte, error) {
data = pad(data, aes.BlockSize)
c, _ := aes.NewCipher(key)
out := make([]byte, len(data))
c.Encrypt(out, []byte(data))
return out, nil
}

func AESDecrypt(key []byte, data[]byte) ([]byte, error) {
c, _ := aes.NewCipher(key)
out := make([]byte, len(data))
c.Decrypt(out, data)

out, _ = unpad(out)
return out, nil
}

3.2 CBC

func CBCEncrypt(key []byte, data []byte) ([]byte, error) {
data = pad(data, aes.BlockSize)
block, _ := aes.NewCipher(key)
out := make([]byte, aes.BlockSize + len(data))
iv := out[:aes.BlockSize]
io.ReadFull(rand.Reader, iv)

mode := cipher.NewCBCEncrypter(block, iv)
mode.CryptBlocks(out[aes.BlockSize:], []byte(data))
return out, nil
}

func CBCDecrypt(key []byte, data []byte) ([]byte, error) {
block, _ := aes.NewCipher(key)
iv  := data[:aes.BlockSize]
data = data[aes.BlockSize:]
if len(data) % aes.BlockSize != 0 {
return nil, fmt.Errorf("data is not a multiple of the block size")
}

out := make([]byte, len(data))
mode := cipher.NewCBCDecrypter(block, iv)
mode.CryptBlocks(out, data)

out, _ = unpad(out)
return out, nil
}

3.3 CTR

func CTREncrypt(key []byte, data[]byte) ([]byte, error) {
data = pad(data, aes.BlockSize)
block, _ := aes.NewCipher([]byte(key))
out := make([]byte, aes.BlockSize + len(data))
iv := out[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err
}

stream := cipher.NewCTR(block, iv)
stream.XORKeyStream(out[aes.BlockSize:], data)
return out, nil
}

func CTRDecrypt(key []byte, data[]byte) ([]byte, error) {
block, _ := aes.NewCipher([]byte(key))
iv  := data[:aes.BlockSize]
data = data[aes.BlockSize:]
if len(data) % aes.BlockSize != 0 {
return nil, fmt.Errorf("data is not a multiple of the block size")
}

out := make([]byte, len(data))
mode := cipher.NewCTR(block, iv)
mode.XORKeyStream(out, data)

out, _ = unpad(out)
return out, nil
}

3.4 OFB

func OFBEncrypt(key []byte, data[]byte) ([]byte, error) {
data = pad(data, aes.BlockSize)
block, _ := aes.NewCipher([]byte(key))
out := make([]byte, aes.BlockSize + len(data))
iv := out[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err
}

stream := cipher.NewOFB(block, iv)
stream.XORKeyStream(out[aes.BlockSize:], data)
return out, nil
}

func OFBDecrypt(key []byte, data[]byte) ([]byte, error) {
block, _ := aes.NewCipher([]byte(key))
iv  := data[:aes.BlockSize]
data = data[aes.BlockSize:]
if len(data) % aes.BlockSize != 0 {
return nil, fmt.Errorf("data is not a multiple of the block size")
}

out := make([]byte, len(data))
mode := cipher.NewOFB(block, iv)
mode.XORKeyStream(out, data)

out, _ = unpad(out)
return out, nil
}

3.5 CFB

func CFBEncrypt(key []byte, data[]byte) ([]byte, error) {
data = pad(data, aes.BlockSize)
block, _ := aes.NewCipher([]byte(key))

out := make([]byte, aes.BlockSize + len(data))
iv := out[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
return nil, err
}

stream := cipher.NewCFBEncrypter(block, iv)
stream.XORKeyStream(out[aes.BlockSize:], data)
return out, nil
}

func CFBDecrypt(key []byte, data[]byte) ([]byte, error) {
block, _ := aes.NewCipher([]byte(key))
iv  := data[:aes.BlockSize]
data = data[aes.BlockSize:]
if len(data) % aes.BlockSize != 0 {
return nil, fmt.Errorf("data is not a multiple of the block size")
}

out := make([]byte, len(data))
mode := cipher.NewCFBDecrypter(block, iv)
mode.XORKeyStream(out, data)

out, _ = unpad(out)
return out, nil
}

3.6 GCM
GCM实现算法不需要pad。

func GCMEncrypt(key []byte, data[]byte) ([]byte, error) {
block, _ := aes.NewCipher([]byte(key))
aesgcm, _ := cipher.NewGCM(block)

nonce := make([]byte, aesgcm.NonceSize())
io.ReadFull(rand.Reader, nonce)

out := aesgcm.Seal(nonce, nonce, data, nil)
return out, nil
}

func GCMDecrypt(key []byte, data[]byte) ([]byte, error) {
block, _ := aes.NewCipher([]byte(key))
aesgcm, _ := cipher.NewGCM(block)

nonce, ciphertext := data[:aesgcm.NonceSize()], data[aesgcm.NonceSize():]
out, err := aesgcm.Open(nil, nonce, ciphertext, nil)

return out, nil
}