crypt/crypt.go at master · topology-zero/crypt · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
package crypt

import (
	"crypto/cipher"
	"errors"
)

type crypt struct {
	key []byte
	iv  []byte

	algorithmName algorithmName
	algorithmMode algorithmMode

	padding   func(src []byte) ([]byte, error)
	unPadding func(src []byte) ([]byte, error)
}

type ICrypt interface {
	Encrypt(data []byte) ([]byte, error)
	Decrypt(data []byte) ([]byte, error)
}

type CryptOption func(c *crypt)

// NewCrypt 实例化 crypt 对象
// 注意 key 参数的长度有所限制 (没有在代码中限制)
// 在 SM4 算法下的长度为 16 位 key := make([]byte, 16)
// 在 DES 算法下的长度为 8 位
func NewCrypt(key []byte, opt ...CryptOption) ICrypt {
	target := new(crypt)
	target.key = key

	for _, fn := range opt {
		fn(target)
	}

	if target.padding == nil {
		target.padding = NonePadding
	}

	if target.unPadding == nil {
		target.unPadding = NoneUnPadding
	}
	return target
}

func (c *crypt) Encrypt(data []byte) ([]byte, error) {
	data, err := c.padding(data)
	if err != nil {
		return nil, err
	}
	block, err := c.getCipherBlock(c.algorithmName)
	if err != nil {
		return nil, err
	}

	out := make([]byte, len(data))
	block.Encrypt(out, data)

	return out, nil
}

func (c *crypt) Decrypt(data []byte) ([]byte, error) {
	block, err := c.getCipherBlock(c.algorithmName)
	if err != nil {
		return nil, err
	}

	out := make([]byte, len(data))
	block.Decrypt(out, data)
	return c.unPadding(out)
}

func (c *crypt) getCipherBlock(name algorithmName) (cipher.Block, error) {
	switch name {
	case SM4:
		return newSM4Cipher(c.key, c.iv, c.algorithmMode)
	case DES:
		return newDESCipher(c.key, c.iv, c.algorithmMode)
	case DESEDE:
		return newDESEDECipher(c.key, c.iv, c.algorithmMode)
	case AES:
		return newAESCipher(c.key, c.iv, c.algorithmMode)
	default:
		return nil, errors.New("not found algorithm name")
	}
}