package main

import (
	"bytes"
	"crypto/aes"
	"crypto/cipher"
	"crypto/rand"
	"encoding/base64"
	"encoding/hex"
	"encoding/json"
	"errors"
	"fmt"
	"io"
)

// PKCS7填充
func PKCS7Padding(ciphertext []byte, blockSize int) []byte {
	padding := blockSize - len(ciphertext)%blockSize
	padtext := bytes.Repeat([]byte{byte(padding)}, padding)
	return append(ciphertext, padtext...)
}

// 去除PKCS7填充
func PKCS7UnPadding(origData []byte) ([]byte, error) {
	length := len(origData)
	if length == 0 {
		return nil, errors.New("input data error")
	}
	unpadding := int(origData[length-1])
	if unpadding > length {
		return nil, errors.New("unpadding size is invalid")
	}
	return origData[:(length - unpadding)], nil
}

// AES CBC模式加密，Base64传入传出
func AesEncrypt(plainText, key []byte) (string, error) {
	block, err := aes.NewCipher(key)
	if err != nil {
		return "", err
	}
	blockSize := block.BlockSize()
	plainText = PKCS7Padding(plainText, blockSize)

	cipherText := make([]byte, blockSize+len(plainText))
	iv := cipherText[:blockSize] // 使用前blockSize字节作为IV
	_, err = io.ReadFull(rand.Reader, iv)
	if err != nil {
		return "", err
	}

	mode := cipher.NewCBCEncrypter(block, iv)
	mode.CryptBlocks(cipherText[blockSize:], plainText)

	return base64.StdEncoding.EncodeToString(cipherText), nil
}

// AES CBC模式解密，Base64传入传出
func AesDecrypt(cipherTextBase64 string, key []byte) ([]byte, error) {
	cipherText, err := base64.StdEncoding.DecodeString(cipherTextBase64)
	if err != nil {
		return nil, err
	}

	block, err := aes.NewCipher(key)
	if err != nil {
		return nil, err
	}

	blockSize := block.BlockSize()
	if len(cipherText) < blockSize {
		return nil, errors.New("ciphertext too short")
	}

	iv := cipherText[:blockSize]
	cipherText = cipherText[blockSize:]

	if len(cipherText)%blockSize != 0 {
		return nil, errors.New("ciphertext is not a multiple of the block size")
	}

	mode := cipher.NewCBCDecrypter(block, iv)
	mode.CryptBlocks(cipherText, cipherText)

	plainText, err := PKCS7UnPadding(cipherText)
	if err != nil {
		return nil, err
	}

	return plainText, nil
}

func main() {
	// 定义 AES 密钥
	key, _ := hex.DecodeString("ff83609b2b24fc73196aac3d3dfb874f")

	var data interface{}

	//decrypt, err := AesDecrypt("ELKXVN8ZOhxUUsLWbHVIhbvTT94rU+u69vuE9JonsQYSAcNFKn4xQXoyRKd7mJCRIQ/4rlSj5A1KqHlR7jLIcyHaCCdvbEF1pGVw4oRpw6i8sFPWSjvnUuOUgKsaniJ6lb1SYBpZRlBSzG36NiAufdEeH0gcHDu9x9IGzkmdXk8=", key)
	//if err != nil {
	//	return
	//}
	//err = json.Unmarshal(decrypt, &data)
	//if err != nil {
	//	return
	//}
	//fmt.Println(data)

	data = map[string]interface{}{
		"id_card":    "45212220000827423X",
		"name":       "张荣宏",
		"time_range": "5",
		"mobile_no":  "18276151590",
	}

	// 将结构体转为 JSON 字符串
	jsonData, err := json.Marshal(data)
	if err != nil {
		fmt.Println("JSON 序列化错误:", err)
		return
	}

	// 对 JSON 数据进行加密
	encryptedData, err := AesEncrypt(jsonData, key)
	if err != nil {
		fmt.Println("加密错误:", err)
		return
	}

	// 输出加密后的结果
	fmt.Println("加密后的数据:", encryptedData)
}