fnvtk/soul-yongping
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9aaffd8024797a3c26f1f171b71869904825d4ea
soul-yongping/soul-api/internal/wechat/transferv3/decrypt.go

53 lines
1.5 KiB
Go
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

package transferv3
import (
"crypto/aes"
"crypto/cipher"
"encoding/base64"
"encoding/json"
"fmt"
)
// DecryptResource 解密回调 resource文档AEAD_AES_256_GCM密钥 APIv3 32 字节,密文=实际密文+16 字节 tag
func DecryptResource(ciphertextBase64, nonce, associatedData string, apiV3Key []byte) ([]byte, error) {
if len(apiV3Key) != 32 {
return nil, fmt.Errorf("apiV3 key must be 32 bytes, got %d", len(apiV3Key))
}
raw, err := base64.StdEncoding.DecodeString(ciphertextBase64)
if err != nil {
return nil, fmt.Errorf("base64 decode: %w", err)
}
if len(raw) < 16 {
return nil, fmt.Errorf("ciphertext too short")
}
tag := raw[len(raw)-16:]
ctext := raw[:len(raw)-16]
block, err := aes.NewCipher(apiV3Key)
if err != nil {
return nil, err
}
aead, err := cipher.NewGCM(block)
if err != nil {
return nil, err
}
plain, err := aead.Open(nil, []byte(nonce), append(ctext, tag...), []byte(associatedData))
if err != nil {
return nil, fmt.Errorf("aes-gcm decrypt: %w", err)
}
return plain, nil
}
// DecryptResourceJSON 解密并解析为 JSON 对象(回调解密后的 resource
func DecryptResourceJSON(ciphertextBase64, nonce, associatedData string, apiV3Key []byte) (map[string]interface{}, error) {
plain, err := DecryptResource(ciphertextBase64, nonce, associatedData, apiV3Key)
if err != nil {
return nil, err
}
var out map[string]interface{}
if err := json.Unmarshal(plain, &out); err != nil {
return nil, err
}
return out, nil
}
Reference in New Issue View Git Blame Copy Permalink