Detailed explanation of the process of Golang implementing AES symmetric encryption

AES encryption

Introduction to AES Symmetric Encryption
AES is a symmetric password designed to replace DES as a widely used standard. It is a block encryption standard adopted by the US federal government.

AES symmetric encryption process
The input to the encryption and decryption algorithm is a 128-bit packet. These packets are described as 4×4 byte square arrays, which are copied into the array and modified at each stage of encryption and decryption. In the byte square matrix, each grid is a word, containing 4 bytes. Words are sorted by columns in the matrix.
Encryption is composed of N rounds, and the number of rounds depends on the length of the key: 16-byte key corresponds to 10 rounds, 24-byte key corresponds to 12 rounds, and 32-byte key corresponds to 14 rounds.

AES encryption mode

1. Electronic Codebook Book (ECB)

The ECB mode is the earliest and simplest mode. It divides the encrypted data into several groups, each group has the same size as the length of the encryption key, and then each group is encrypted with the same key.

2. Password grouping link mode (Cipher Block Chaining (CBC))

This pattern is to first divide the plain text into several small segments, then each small segment is XORed with the initial block or the ciphertext segment of the previous segment, and then encrypted with the key.

3. Password feedback mode (Cipher FeedBack (CFB))
Hidden plaintext mode, the packet password is converted into stream mode, and data smaller than packets can be transmitted in time

(Output FeedBack, Output Feedback) Mode
Hidden plaintext mode;, the packet password is converted into stream mode, and data smaller than the packet can be transmitted in time

AES filling method
AES supports several types of padding: NoPadding, PKCS5Padding, ISO10126Padding, PaddingMode.PKCS7. For AES, PKCS5Padding and PKCS7Padding are exactly the same, the difference is that PKCS5 limits the block size to 8 bytes while PKCS7 does not limit. Therefore, the two are exactly the same for AES

Golang implements AES encryption and decryption

The following is the source code for Golang to implement AES encryption ECB mode:

package main
import (
	"bytes"
	"crypto/aes"
	"fmt"
	"testing"
)

//ECB mode decryptionfunc ECBDecrypt(crypted, key []byte) ([]byte, error) {
	if !validKey(key) {
		return nil, ("The key length is wrong, the current incoming length is %d",len(key))
	}
	if len(crypted) &lt; 1 {
		return nil, ("The source data length cannot be 0")
	}
	block, err := (key)
	if err != nil {
		return nil, err
	}
	if len(crypted)%() != 0 {
		return nil, ("The length of the source data must be an integer multiple of %d, the current length is: %d",(), len(crypted))
	}
	var dst []byte
	tmpData := make([]byte, ())

	for index := 0; index &lt; len(crypted); index += () {
		(tmpData, crypted[index:index+()])
		dst = append(dst, tmpData...)
	}
	dst, err = PKCS5UnPadding(dst)
	if err != nil {
		return nil, err
	}
	return dst, nil
}

//ECB mode encryptionfunc ECBEncrypt(src, key []byte) ([]byte, error) {
	if !validKey(key) {
		return nil, ("The key length is wrong, the current incoming length is %d",len(key))
	}
	block, err := (key)
	if err != nil {
		return nil, err
	}
	if len(src) &lt; 1 {
		return nil, ("The source data length cannot be 0")
	}
	src = PKCS5Padding(src, ())
	if len(src)%() != 0 {
		return nil, ("The length of the source data must be an integer multiple of %d, the current length is: %d",(), len(src))
	}
	var dst []byte
	tmpData := make([]byte, ())
	for index := 0; index &lt; len(src); index += () {
		(tmpData, src[index:index+()])
		dst = append(dst, tmpData...)
	}
	return dst, nil
}

// PKCS5 fillfunc PKCS5Padding(ciphertext []byte, blockSize int) []byte {
	padding := blockSize - len(ciphertext)%blockSize
	padtext := ([]byte{byte(padding)}, padding)
	return append(ciphertext, padtext...)
}

// Remove PKCS5 fillfunc PKCS5UnPadding(origData []byte) ([]byte, error) {
	length := len(origData)
	unpadding := int(origData[length-1])

	if length &lt; unpadding {
		return nil, ("invalid unpadding length")
	}
	return origData[:(length - unpadding)], nil
}

// Key length verificationfunc validKey(key []byte) bool {
	k := len(key)
	switch k {
	default:
		return false
	case 16, 24, 32:
		return true
	}
}

func TestAes(t *){
	srcData := "hello world !"
	key := []byte("abcdabcdabcdabcdabcdabcdabcdabcd")
	//Test encryption	encData ,err := ECBEncrypt([]byte(srcData),(key))
	if err != nil {
		(())
		return
	}

	//Test decryption	decData ,err := ECBDecrypt(encData,key)
	if err != nil {
		(())
		return
	}
	(string(decData))
}

The above is a detailed explanation of the process of Golang implementing AES symmetric encryption. For more information about go AES symmetric encryption, please follow my other related articles!