package main

import (
	"bytes"
	"crypto/aes"
	"crypto/cipher"
	"crypto/rand"
	"encoding/base64"
	"encoding/hex"
	"encoding/json"
	"errors"
	"fmt"
	"io"
)

// PKCS7填充
func PKCS7Padding(ciphertext []byte, blockSize int) []byte {
	padding := blockSize - len(ciphertext)%blockSize
	padtext := bytes.Repeat([]byte{byte(padding)}, padding)
	return append(ciphertext, padtext...)
}

// 去除PKCS7填充
func PKCS7UnPadding(origData []byte) ([]byte, error) {
	length := len(origData)
	if length == 0 {
		return nil, errors.New("input data error")
	}
	unpadding := int(origData[length-1])
	if unpadding > length {
		return nil, errors.New("unpadding size is invalid")
	}
	return origData[:(length - unpadding)], nil
}

// AES CBC模式加密，Base64传入传出
func AesEncrypt(plainText, key []byte) (string, error) {
	block, err := aes.NewCipher(key)
	if err != nil {
		return "", err
	}
	blockSize := block.BlockSize()
	plainText = PKCS7Padding(plainText, blockSize)

	cipherText := make([]byte, blockSize+len(plainText))
	iv := cipherText[:blockSize] // 使用前blockSize字节作为IV
	_, err = io.ReadFull(rand.Reader, iv)
	if err != nil {
		return "", err
	}

	mode := cipher.NewCBCEncrypter(block, iv)
	mode.CryptBlocks(cipherText[blockSize:], plainText)

	return base64.StdEncoding.EncodeToString(cipherText), nil
}

// AES CBC模式解密，Base64传入传出
func AesDecrypt(cipherTextBase64 string, key []byte) ([]byte, error) {
	cipherText, err := base64.StdEncoding.DecodeString(cipherTextBase64)
	if err != nil {
		return nil, err
	}

	block, err := aes.NewCipher(key)
	if err != nil {
		return nil, err
	}

	blockSize := block.BlockSize()
	if len(cipherText) < blockSize {
		return nil, errors.New("ciphertext too short")
	}

	iv := cipherText[:blockSize]
	cipherText = cipherText[blockSize:]

	if len(cipherText)%blockSize != 0 {
		return nil, errors.New("ciphertext is not a multiple of the block size")
	}

	mode := cipher.NewCBCDecrypter(block, iv)
	mode.CryptBlocks(cipherText, cipherText)

	plainText, err := PKCS7UnPadding(cipherText)
	if err != nil {
		return nil, err
	}

	return plainText, nil
}

func main() {
	// 定义 AES 密钥
	key, _ := hex.DecodeString("ff83609b2b24fc73196aac3d3dfb874f")

	var data interface{}

	decrypt, err := AesDecrypt("AEQHGRyEolE4o8GoZaWuEFGpGRLEvEMCNM54KzZ/HdnvfOtyFDfn1PVpD6Cb37rQpJm3CqZYLDJWmEcU0f7IeD0MG8Zh1PIvSEwJVEyI2OkZjooZNjuchARpqeG40sS8hFjQt/xVP3qBVsF6+tdnI8GNc8EdLpZ8ja4c/xVprhjr9yRmRHZOVvECFiJkqwrve8jq2vuC5CowNjc4THK8zRmJI+qWDazUL4vntdWFmqG4YmHDZm/UFecevDNMhWRfdeWE2aI9lTXZ/X/gtHEcVyzbx8cltdn+4KuR3t6VPf3edWDSDM0PTxSNbWwPgaTC1sMbBJiFJLW+cUgxJhfQqE1FF5yY+t6V7l8vfW6cUV4xRCFZ/clFvidnYev2CocvMKzf6gkbO/El2a4VA5ustRwL1G3hxMf9fd+5yGT5dEGci+cbysGHTKzNeHf75az1RgW2WEYUBUc7czNiZgkaIA==", key)
	if err != nil {
		return
	}
	err = json.Unmarshal(decrypt, &data)
	if err != nil {
		return
	}
	fmt.Println(data)
	//data = map[string]interface{}{
	//	"id_card": "45212220000827423X",
	//	"name":    "张荣宏",
	//}
	//
	//// 将结构体转为 JSON 字符串
	//jsonData, err := json.Marshal(data)
	//if err != nil {
	//	fmt.Println("JSON 序列化错误:", err)
	//	return
	//}
	//
	//// 对 JSON 数据进行加密
	//encryptedData, err := AesEncrypt(jsonData, key)
	//if err != nil {
	//	fmt.Println("加密错误:", err)
	//	return
	//}
	//
	//// 输出加密后的结果
	//fmt.Println("加密后的数据:", encryptedData)
}