英文:
Golang file encryption with crypto/aes lib
问题
我正在尝试使用Go语言的crypto/aes包对文件进行加密。目前我有以下代码:
func encrypt(source string, localdir string) error {
src := filepath.Join("/home/bacula/cloud-backup/"+localdir, source)
dst := filepath.Join(src + ".aes")
fmt.Println(src)
fmt.Println(dst)
key := []byte("example key 1234")
iv := []byte(key)[:aes.BlockSize]
aesBlockEncrypter, err := aes.NewCipher([]byte(key))
if err != nil {
return err
}
aesEncrypter := cipher.NewCFBEncrypter(aesBlockEncrypter, iv)
aesEncrypter.XORKeyStream([]byte(dst), []byte(src))
return nil
}
我的第一个问题是,我如何改进生成IV的方式?其次,由于没有输出文件,我该如何通过XORKeyStream方法流式传输文件?
英文:
I am trying to encrypt a file using the Go crypto/aes package. I have so far:
func encrypt(source string, localdir string) error {
src := filepath.Join("/home/bacula/cloud-backup/"+localdir, source)
dst := filepath.Join(src + ".aes")
fmt.Println(src)
fmt.Println(dst)
key := []byte("example key 1234")
iv := []byte(key)[:aes.BlockSize]
aesBlockEncrypter, err := aes.NewCipher([]byte(key))
if err != nil {
return err
}
aesEncrypter := cipher.NewCFBEncrypter(aesBlockEncrypter, iv)
aesEncrypter.XORKeyStream([]byte(dst), []byte(src))
return nil
}
My first question is, how can I improve the way I am generating the IV? And secondly, there is no output file, so how do I stream the file through XORKeyStream?
答案1
得分: 12
在crypto/cipher
包的文档中有一个示例。
我已经修改了示例,为您创建了一个新的示例:
func main() {
// 从文件中读取内容
plaintext, err := ioutil.ReadFile("you_file_to_be_encrypted")
if err != nil {
panic(err.Error())
}
// 这是一个密钥
key := []byte("example key 1234")
block, err := aes.NewCipher(key)
if err != nil {
panic(err)
}
// IV 需要是唯一的,但不需要是安全的。因此,在密文的开头包含它是常见的做法。
ciphertext := make([]byte, aes.BlockSize+len(plaintext))
iv := ciphertext[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
panic(err)
}
stream := cipher.NewCFBEncrypter(block, iv)
stream.XORKeyStream(ciphertext[aes.BlockSize:], plaintext)
// 创建一个新文件来保存加密数据。
f, err := os.Create("a_aes.txt")
if err != nil {
panic(err.Error())
}
_, err = io.Copy(f, bytes.NewReader(ciphertext))
if err != nil {
panic(err.Error())
}
// 完成
}
英文:
There is an example in the crypto/cipher
package documentation.
I've tweaked the example to make new example for you:
func main() {
// read content from your file
plaintext, err := ioutil.ReadFile("you_file_to_be_encrypted")
if err != nil {
panic(err.Error())
}
// this is a key
key := []byte("example key 1234")
block, err := aes.NewCipher(key)
if err != nil {
panic(err)
}
// The IV needs to be unique, but not secure. Therefore it's common to
// include it at the beginning of the ciphertext.
ciphertext := make([]byte, aes.BlockSize+len(plaintext))
iv := ciphertext[:aes.BlockSize]
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
panic(err)
}
stream := cipher.NewCFBEncrypter(block, iv)
stream.XORKeyStream(ciphertext[aes.BlockSize:], plaintext)
// create a new file for saving the encrypted data.
f, err := os.Create("a_aes.txt")
if err != nil {
panic(err.Error())
}
_, err = io.Copy(f, bytes.NewReader(ciphertext))
if err != nil {
panic(err.Error())
}
// done
}
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论