feat: 资源密码加密处理&登录密码加密加强等

2025-11-04 08:20:25 +08:00 · 2022-08-02 21:44:01 +08:00
parent daa2ef5203
commit 12f8cf0111
33 changed files with 340 additions and 51 deletions
--- a/server/pkg/utils/crypto_utils.go
+++ b/server/pkg/utils/crypto_utils.go
@@ -2,6 +2,8 @@ package utils

 import (
 	"bytes"
+	"crypto/aes"
+	"crypto/cipher"
 	"crypto/md5"
 	"crypto/rand"
 	"crypto/rsa"
@@ -10,6 +12,8 @@ import (
 	"encoding/hex"
 	"encoding/pem"
 	"errors"
+
+	"golang.org/x/crypto/bcrypt"
 )

 // md5
@@ -19,6 +23,17 @@ func Md5(str string) string {
 	return hex.EncodeToString(h.Sum(nil))
 }

+// bcrypt加密密码
+func PwdHash(password string) string {
+	bytes, _ := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+	return string(bytes)
+}
+
+// 检查密码是否一致
+func CheckPwdHash(password, hash string) bool {
+	return bcrypt.CompareHashAndPassword([]byte(hash), []byte(password)) == nil
+}
+
 // 系统统一RSA秘钥对
 var RsaPair []string

@@ -130,3 +145,84 @@ func GetRsaPrivateKey() (string, error) {
 	RsaPair = append(RsaPair, publicKey)
 	return privateKey, nil
 }
+
+//AesEncrypt 加密
+func AesEncrypt(data []byte, key []byte) ([]byte, error) {
+	//创建加密实例
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	//判断加密快的大小
+	blockSize := block.BlockSize()
+	//填充
+	encryptBytes := pkcs7Padding(data, blockSize)
+	//初始化加密数据接收切片
+	crypted := make([]byte, len(encryptBytes))
+	//使用cbc加密模式
+	blockMode := cipher.NewCBCEncrypter(block, key[:blockSize])
+	//执行加密
+	blockMode.CryptBlocks(crypted, encryptBytes)
+	return crypted, nil
+}
+
+//AesDecrypt 解密
+func AesDecrypt(data []byte, key []byte) ([]byte, error) {
+	//创建实例
+	block, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, err
+	}
+	//获取块的大小
+	blockSize := block.BlockSize()
+	//使用cbc
+	blockMode := cipher.NewCBCDecrypter(block, key[:blockSize])
+	//初始化解密数据接收切片
+	crypted := make([]byte, len(data))
+	//执行解密
+	blockMode.CryptBlocks(crypted, data)
+	//去除填充
+	crypted, err = pkcs7UnPadding(crypted)
+	if err != nil {
+		return nil, err
+	}
+	return crypted, nil
+}
+
+// aes加密 后 再base64
+func AesEncryptBase64(data []byte, key []byte) (string, error) {
+	res, err := AesEncrypt(data, key)
+	if err != nil {
+		return "", err
+	}
+	return base64.StdEncoding.EncodeToString(res), nil
+}
+
+// base64解码后再 aes解码
+func AesDecryptBase64(data string, key []byte) ([]byte, error) {
+	dataByte, err := base64.StdEncoding.DecodeString(data)
+	if err != nil {
+		return nil, err
+	}
+	return AesDecrypt(dataByte, key)
+}
+
+//pkcs7Padding 填充
+func pkcs7Padding(data []byte, blockSize int) []byte {
+	//判断缺少几位长度。最少1，最多 blockSize
+	padding := blockSize - len(data)%blockSize
+	//补足位数。把切片[]byte{byte(padding)}复制padding个
+	padText := bytes.Repeat([]byte{byte(padding)}, padding)
+	return append(data, padText...)
+}
+
+//pkcs7UnPadding 填充的反向操作
+func pkcs7UnPadding(data []byte) ([]byte, error) {
+	length := len(data)
+	if length == 0 {
+		return nil, errors.New("加密字符串错误！")
+	}
+	//获取填充的个数
+	unPadding := int(data[length-1])
+	return data[:(length - unPadding)], nil
+}