For the convenience of use, the implementation code is not used as a function but as a package, so that it can also be reused in the subsequent code.
Package and import
package encrypt import ( "crypto/aes" // Provide AES encryption algorithm implementation "crypto/cipher" // Provide encryption algorithm interfaces and modes (such as CFB) "crypto/rand" // Provides the function of generating random numbers "encoding/base64" // Provide Base64 encoding and decoding "fmt" // Format I/O "io" // Basic I/O interface)
package encrypt: Defines that the file belongs to the encrypt package.
Various imports are used to provide different functions, such as AES algorithm, CFB mode, Base64 encoding, etc.
Encrypt Function
// Encrypt AES-CFB encryption on plaintextfunc Encrypt(plaintext []byte, key string) (string, error) {
block, err := ([]byte(key))
if err != nil {
return "", err
}
iv := make([]byte, )
if _, err := (, iv); err != nil {
return "", err
}
stream := (block, iv)
ciphertext := make([]byte, len(plaintext))
(ciphertext, plaintext)
// Merge IV and ciphertext result := append(iv, ciphertext...)
// Use Base64 encoding to return return (result), nil
}- The Encrypt function receives plaintext and keys for AES encryption.
- ([]byte(key)): Use the provided key to generate an AES block password.
- iv (initialization vector) is a random number of AES block size (16 bytes), ensuring that the same plaintext results are different each time it is encrypted.
- Create CFB encryption using
- (ciphertext, plaintext): Encrypt the plaintext with stream encryption, and the results are saved in ciphertext.
- Merge iv and ciphertext into a slice and generate a string using Base64 encoding
Decrypt function
// Decrypt AES-CFB decryption of ciphertextfunc Decrypt(ciphertextBase64 string, key string) ([]byte, error) {
ciphertext, err := (ciphertextBase64)
if err != nil {
return nil, err
}
block, err := ([]byte(key))
if err != nil {
return nil, err
}
if len(ciphertext) < {
return nil, ("ciphertext too short")
}
iv := ciphertext[:]
ciphertext = ciphertext[:]
stream := (block, iv)
plaintext := make([]byte, len(ciphertext))
(plaintext, ciphertext)
return plaintext, nil
}- The Decrypt function receives Base64-encoded ciphertext and key. Decode the Base64 ciphertext into byte slices. Similar to the encryption process, an AES block password is generated.
- Verify the ciphertext length to make sure it is greater than the AES block size. Extract the iv from the decoded ciphertext, and the rest is the actual ciphertext. Use the function to create a CFB decrypted stream. Decrypt the cryptic text and get the plain text.
Things to note
- Use CFB mode without plaintext fill is required. The key length should be 16, 24 or 32 bytes to match AES-128, AES-192 or AES-256. Random iv is important, and every time you encrypt it, you use a new iv to enhance security.
This is the end of this article about the implementation of AES-CFB encryption in GO language. For more related GO languages, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!