完成数据库敏感信息的加密
This commit is contained in:
dushixiang
@ -5,6 +5,8 @@ import (
|
||||
"crypto/aes"
|
||||
"crypto/cipher"
|
||||
"crypto/md5"
|
||||
"crypto/rand"
|
||||
"crypto/sha256"
|
||||
"database/sql/driver"
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
@ -19,6 +21,8 @@ import (
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"golang.org/x/crypto/pbkdf2"
|
||||
|
||||
"github.com/gofrs/uuid"
|
||||
"github.com/sirupsen/logrus"
|
||||
"golang.org/x/crypto/bcrypt"
|
||||
@ -239,6 +243,7 @@ func PKCS5UnPadding(origData []byte) []byte {
|
||||
return origData[:(length - unPadding)]
|
||||
}
|
||||
|
||||
// AesEncryptCBC /*
|
||||
func AesEncryptCBC(origData, key []byte) ([]byte, error) {
|
||||
block, err := aes.NewCipher(key)
|
||||
if err != nil {
|
||||
@ -266,3 +271,15 @@ func AesDecryptCBC(encrypted, key []byte) ([]byte, error) {
|
||||
origData = PKCS5UnPadding(origData)
|
||||
return origData, nil
|
||||
}
|
||||
|
||||
func Pbkdf2(password string) ([]byte, error) {
|
||||
//生成随机盐
|
||||
salt := make([]byte, 32)
|
||||
_, err := rand.Read(salt)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
//生成密文
|
||||
dk := pbkdf2.Key([]byte(password), salt, 1, 32, sha256.New)
|
||||
return dk, nil
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user