golang 在golang中使用AES256 GCM加密文本
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了golang 在golang中使用AES256 GCM加密文本相关的知识,希望对你有一定的参考价值。
AES/ECB/PKCS5Padding-128在JAVA,PHP,JavaScript, Python,Golang五种语言中的相互加解密
java版本AES/ECB/PKCS5Padding-128:
package test;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.Base64;
public class DigestUtil
//用于构建十六进制输出
private static final char[] DIGITS_LOWER = '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f';
/**
* AES解密 128 AES/ECB/PKCS5Padding
*
* @param source 需要解密的字符串
* @param key 需要解密的秘钥
* @param hexOrBase64 true:hex,false:base64
* @return 返回解密结果
*/
public static String decryptAES(String source, String key, boolean hexOrBase64)
try
SecretKey secretKey = new SecretKeySpec(key.getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, secretKey);
if (hexOrBase64)
return new String(cipher.doFinal(DigestUtil.hex2bytes(source)));
else
return new String(cipher.doFinal(DigestUtil.decodeBase64(source)));
catch (Exception e)
System.out.println(e.getMessage());
throw new RuntimeException("出错啦!", e);
public static byte[] hex2bytes(String hexStr)
byte[] result = new byte[hexStr.length() / 2];
for (int i = 0; i < hexStr.length() / 2; i++)
int high = Integer.parseInt(hexStr.substring(i * 2, i * 2 + 1), 16);
int low = Integer.parseInt(hexStr.substring(i * 2 + 1, i * 2 + 2), 16);
result[i] = (byte) (high * 16 + low);
return result;
public static byte[] decodeBase64(String text)
return java.util.Base64.getDecoder().decode(text);
public static char[] bytes2hex(final byte[] data)
final int l = data.length;
final char[] out = new char[l << 1];
// two characters form the hex value.
for (int i = 0, j = 0; i < l; i++)
out[j++] = DIGITS_LOWER[(0xF0 & data[i]) >>> 4];
out[j++] = DIGITS_LOWER[0x0F & data[i]];
return out;
public static String encodeBase64(byte[] data)
return Base64.getEncoder().encodeToString(data);
/**
* AES加密 128 AES/ECB/PKCS5Padding
*
* @param source 需要加密的字符串
* @param key 需要加密的秘钥
* @param hexOrBase64 true:hex,false:base64
* @return 返回加密结果
*/
public static String encryptAES(String source, String key, boolean hexOrBase64)
try
SecretKey secretKey = new SecretKeySpec(key.getBytes(), "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.ENCRYPT_MODE, secretKey);
if (hexOrBase64)
return new String(DigestUtil.bytes2hex(cipher.doFinal(source.getBytes())));
else
return DigestUtil.encodeBase64(cipher.doFinal(source.getBytes()));
catch (Exception e)
throw new RuntimeException("出错啦!", e);
public static void main(String[] args) throws Exception
String value = "nwflag=1&empno=BEJY3293";
//"HmtaYAN+n8dzKifi50/sA4Sv/dLKR5MnfZKcJVSzmST0D7ZkbmM8AebuNNkKBc4Z7DoXDnDwwwap2hg+6ztWQAZdQZOfAHR5bueqpApDN9il6gIuQadcdPcvrurRRiTifOQYsE9nRQKy6smol0jrz0wLEDxyPh3ZfBZG0e5KxrEq6Es6E3/05F4jIBYy+dUtvYBPSrVi3kzkblFex6qZOf/6jbtSlchWJVXMuEgA05LplUlUvNr5vwNC65KIy6beHcyhntIO2wJHx5uknjtidXUft3s87ZlxTzMEiKV6cXU9ejuCxdOz9n0c7UPeAOqHprxW2FvOhytVSMoSPP6No9pSochmKdXBPgOQd15rswBi0ejSZ+qWG4/MrBhVFD5OaQ8Cr7wy9hoWdnYrd0tcxPZv4EiwF3DDqctffYgQjy8=";
//"openid=ouQdHv18KY5HPhW16cDk43Y5-yyk&nickname=%e6%9d%8e%e5%a8%81&headimg=http%3a%2f%2fthirdwx.qlogo.cn%2fmmopen%2fajNVdqHZLLB6qkUjQibrUJniaBhLf8hjS5L4roMR84T62m7NyHiaIAXKh1cl2vJwfdSfEzju8HicugEXbJQFHx1pZw%2f132&rytype=1&nwflag=1&empno=BEJY3293&stime=1603340863000";
String key = "5678998765123322";
//加密
String s = encryptAES(value, key, false);
System.out.println(s);
//解密
String k = decryptAES(s, key, false);
System.out.println(k);
PHP版本:
class Aes
/**
* @param $input string 待加密字符串
* @param $key string 秘钥
* @param bool $hexOutput 默认true hex 输出, false base64输出
* @return string 加密结果
*/
public static function encrypt($input, $key, $hexOutput = true)
$data = openssl_encrypt($input, 'AES-128-ECB', $key, OPENSSL_RAW_DATA);
if ($hexOutput)
$data = bin2hex($data);
else
$data = base64_encode($data);
return $data;
/**
* @param $sStr 解密字符串
* @param $sKey 解密秘钥
* @param bool $hexInput 解密模式 默认true hex输入, false base64输入
* @return string 解密结果
*/
public static function decrypt($sStr, $sKey, $hexInput = true)
if ($hexInput)
$sStr = hex2bin($sStr);
else
$sStr = base64_decode($sStr);
$decrypted = openssl_decrypt($sStr, 'AES-128-ECB', $sKey, OPENSSL_RAW_DATA);
return $decrypted;
JavaScript 使用GitHub - ihsmarkitosi/CryptoJS-v3.1.2: CryptoJS v3.1.2, 下载后按html示例引入
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<script src="rollups/aes.js"></script>
<script src="components/mode-ecb.js"></script>
<script src="components/pad-nopadding.js"></script>
<script>
/**
*
* @param data string 待加密字符串
* @param key string 秘钥
* @returns * 返回base64或hex格式的密文
*/
function encodeAesString(data, key, hexInput=true)
var key = CryptoJS.enc.Utf8.parse(key);
var encrypted = CryptoJS.AES.encrypt(data, key,
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
);
if (hexInput)
return encrypted.ciphertext.toString();
else
return encrypted;
/**
*
* @param encrypted base64格式或hex格式的密文
* @param key sting 秘钥
* @returns string 解密后的字符串
*/
function decodeAesString(data, key, hexInput=true)
var key = CryptoJS.enc.Utf8.parse(key);
if (hexInput)
data = CryptoJS.enc.Hex.parse(data);
data = CryptoJS.enc.Base64.stringify(data);
var decrypted = CryptoJS.AES.decrypt(data, key,
mode: CryptoJS.mode.ECB,
padding: CryptoJS.pad.Pkcs7
);
return decrypted.toString(CryptoJS.enc.Utf8);
// 测试加、解密
function testAES()
var key = "5678998765123321";
var data = "openid=ouQdHv18KY5HPhW16cDk43Y5-yyk&nickname=%e6%9d%8e%e5%a8%81&headimg=http%3a%2f%2fthirdwx.qlogo.cn%2fmmopen%2fajNVdqHZLLB6qkUjQibrUJniaBhLf8hjS5L4roMR84T62m7NyHiaIAXKh1cl2vJwfdSfEzju8HicugEXbJQFHx1pZw%2f132&rytype=1&nwflag=1&empno=BEJY3293&stime=1603340863000";
console.log("加密前:" + data);
var encrypted = encodeAesString(data, key); // 密文
console.log("加密后: " + encrypted);
console.log(encrypted == "e016d67088b27cba729f264def4d0633da66e046cdcb7bc7cef6b3be1334c45d8e68ab5108845a0e58b364725c81503c416f161c6aa02b136e2f3e62ca12228bb2a590ff8089a84487a0e1a283a93293615b83056b8633f137df25fb10cda385d8838d9f8d1afa092047963d3fb682bfbd804f4ab562de4ce46e515ec7aa9939fffa8dbb5295c8562555ccb84800d392e9954954bcdaf9bf0342eb9288cba6de1dcca19ed20edb0247c79ba49e3b6275751fb77b3ced99714f330488a57a7175b45b61f10a8099464ab4eee2c083255f2824bd38d84e0e89731861a9dd4b58b60c594e2664a2d8497fd749d19162d62d2fbe7fc086e983aad528890cf76a6d6f01603d003f1b59e51b4fa5edc9476c20");
// console.log("加密后: " + encrypted == "4BbWcIiyfLpynyZN700GM9pm4EbNy3vHzvazvhM0xF2OaKtRCIRaDlizZHJcgVA8QW8WHGqgKxNuLz5iyhIii7KlkP+AiahEh6DhooOpMpNhW4MFa4Yz8TffJfsQzaOF2IONn40a+gkgR5Y9P7aCv72AT0q1Yt5M5G5RXseqmTn/+o27UpXIViVVzLhIANOS6ZVJVLza+b8DQuuSiMum3h3MoZ7SDtsCR8ebpJ47YnV1H7d7PO2ZcU8zBIilenF1tFth8QqAmUZKtO7iwIMlXygkvTjYTg6Jcxhhqd1LWLYMWU4mZKLYSX/XSdGRYtYtL75/wIbpg6rVKIkM92ptbwFgPQA/G1nlG0+l7clHbCA=");
// var s = "4BbWcIiyfLpynyZN700GM9pm4EbNy3vHzvazvhM0xF2OaKtRCIRaDlizZHJcgVA8QW8WHGqgKxNuLz5iyhIii7KlkP+AiahEh6DhooOpMpNhW4MFa4Yz8TffJfsQzaOF2IONn40a+gkgR5Y9P7aCv72AT0q1Yt5M5G5RXseqmTn/+o27UpXIViVVzLhIANOS6ZVJVLza+b8DQuuSiMum3h3MoZ7SDtsCR8ebpJ47YnV1H7d7PO2ZcU8zBIilenF1tFth8QqAmUZKtO7iwIMlXygkvTjYTg6Jcxhhqd1LWLYMWU4mZKLYSX/XSdGRYtYtL75/wIbpg6rVKIkM92ptbwFgPQA/G1nlG0+l7clHbCA=";
var decryptedStr = decodeAesString(encrypted, key);
console.log("解密后: " + decryptedStr);
testAES();
// t = decodeURIComponent(t);
</script>
<body>
</body>
</html>
python AES
import hashlib
import binascii
from Crypto.Cipher import AES
import base64
# padding算法
BLOCK_SIZE = 16
pad = lambda s: bytes(s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * chr(BLOCK_SIZE - len(s) % BLOCK_SIZE), encoding='utf8')
unpad = lambda s: s[0:-ord(s[-1:])]
class AES_ENCRYPT(object):
def __init__(self, key, hex=True):
self.key = key
self.hex_mode = hex
# 加密函数
def encrypt(self, text):
cryptor = AES.new(self.key, AES.MODE_ECB)
ciphertext = cryptor.encrypt(pad(text))
if self.hex_mode:
return binascii.b2a_hex(ciphertext)
else:
return base64.b64encode(ciphertext)
# 解密函数
def decrypt(self, text):
if self.hex_mode:
decode = binascii.a2b_hex(text)
else:
decode = base64.b64decode(text)
cryptor = AES.new(self.key, AES.MODE_ECB)
plain_text = cryptor.decrypt(decode)
return unpad(plain_text)
if __name__ == '__main__':
aes_encrypt = AES_ENCRYPT("5678998765123321", False)
text = "openid=ouQdHv18KY5HPhW16cDk43Y5-yyk&nickname=%e6%9d%8e%e5%a8%81&headimg=http%3a%2f%2fthirdwx.qlogo.cn%2fmmopen%2fajNVdqHZLLB6qkUjQibrUJniaBhLf8hjS5L4roMR84T62m7NyHiaIAXKh1cl2vJwfdSfEzju8HicugEXbJQFHx1pZw%2f132&rytype=1&nwflag=1&empno=BEJY3293&stime=1603340863000"
e = aes_encrypt.encrypt(text)
print(e)
d = aes_encrypt.decrypt(e)
print(text)
print(d)Golang AES
package main
import (
"encoding/base64"
"encoding/base64"
"encoding/hex"
"fmt"
"github.com/forgoer/openssl"
)
func main()
src := []byte("openid=ouQdHv18KY5HPhW16cDk43Y5-yyk&nickname=%e6%9d%8e%e5%a8%81&headimg=http%3a%2f%2fthirdwx.qlogo.cn%2fmmopen%2fajNVdqHZLLB6qkUjQibrUJniaBhLf8hjS5L4roMR84T62m7NyHiaIAXKh1cl2vJwfdSfEzju8HicugEXbJQFHx1pZw%2f132&rytype=1&nwflag=1&empno=BEJY3293&stime=1603340863000")
key := []byte("5678998765123321")
//加密
dst , _ := openssl.AesECBEncrypt(src, key, openssl.PKCS7_PADDING)
fmt.Printf(base64.StdEncoding.EncodeToString(dst))
fmt.Printf(hex.EncodeToString(dst))
//解密
dst , _ = openssl.AesECBDecrypt(dst, key, openssl.PKCS7_PADDING)
fmt.Println(string(dst)) //
以上是关于golang 在golang中使用AES256 GCM加密文本的主要内容,如果未能解决你的问题,请参考以下文章
为啥带有 GCM 的 AES-256 会在密文大小上增加 16 个字节?
golang GoLang使用AES加密将字符串加密到base64,反之亦然。
golang GoLang使用AES加密将字符串加密到base64,反之亦然。