package main

import (
	"bytes"
	"crypto/aes"
	"crypto/cipher"
	"crypto/rand"
	"encoding/base64"
	"encoding/hex"
	"encoding/json"
	"errors"
	"fmt"
	"io"
)

// PKCS7填充
func PKCS7Padding(ciphertext []byte, blockSize int) []byte {
	padding := blockSize - len(ciphertext)%blockSize
	padtext := bytes.Repeat([]byte{byte(padding)}, padding)
	return append(ciphertext, padtext...)
}

// 去除PKCS7填充
func PKCS7UnPadding(origData []byte) ([]byte, error) {
	length := len(origData)
	if length == 0 {
		return nil, errors.New("input data error")
	}
	unpadding := int(origData[length-1])
	if unpadding > length {
		return nil, errors.New("unpadding size is invalid")
	}
	return origData[:(length - unpadding)], nil
}

// AES CBC模式加密，Base64传入传出
func AesEncrypt(plainText, key []byte) (string, error) {
	block, err := aes.NewCipher(key)
	if err != nil {
		return "", err
	}
	blockSize := block.BlockSize()
	plainText = PKCS7Padding(plainText, blockSize)

	cipherText := make([]byte, blockSize+len(plainText))
	iv := cipherText[:blockSize] // 使用前blockSize字节作为IV
	_, err = io.ReadFull(rand.Reader, iv)
	if err != nil {
		return "", err
	}

	mode := cipher.NewCBCEncrypter(block, iv)
	mode.CryptBlocks(cipherText[blockSize:], plainText)

	return base64.StdEncoding.EncodeToString(cipherText), nil
}

// AES CBC模式解密，Base64传入传出
func AesDecrypt(cipherTextBase64 string, key []byte) ([]byte, error) {
	cipherText, err := base64.StdEncoding.DecodeString(cipherTextBase64)
	if err != nil {
		return nil, err
	}

	block, err := aes.NewCipher(key)
	if err != nil {
		return nil, err
	}

	blockSize := block.BlockSize()
	if len(cipherText) < blockSize {
		return nil, errors.New("ciphertext too short")
	}

	iv := cipherText[:blockSize]
	cipherText = cipherText[blockSize:]

	if len(cipherText)%blockSize != 0 {
		return nil, errors.New("ciphertext is not a multiple of the block size")
	}

	mode := cipher.NewCBCDecrypter(block, iv)
	mode.CryptBlocks(cipherText, cipherText)

	plainText, err := PKCS7UnPadding(cipherText)
	if err != nil {
		return nil, err
	}

	return plainText, nil
}

func main() {
	// 定义 AES 密钥
	key, _ := hex.DecodeString("ff83609b2b24fc73196aac3d3dfb874f")

	var data interface{}

	decrypt, err := AesDecrypt("gSSLA3V+MoabjTyPiCvYC6bg7TLk+ja/Zly3R8wjpK/xPC6ZK0QCwdpu9kGEuUVKdfOU2IU46Q6kSZHXmpF8MdXEa0NKNh85yhlFQVy0U2jJkTxojvoM+1Y/iZlVZpFrThUc4uu+iUSm3kzXTikM9sizYmLUcaO86ad7PfvQvT4=", key)
	if err != nil {
		fmt.Println("解密错误:", err)
		return
	}
	err = json.Unmarshal(decrypt, &data)
	if err != nil {
		fmt.Println("JSON解析错误:", err)
		return
	}

	// 打印解密后的数据
	fmt.Println("解密后的数据:", decrypt)

	// data = map[string]interface{}{
	// 	"id_card":    "45212220000827423X",
	// 	"name":       "张荣宏",
	// 	"time_range": "5",
	// 	"mobile_no":  "18276151590",
	// }

	// // 将结构体转为 JSON 字符串
	// jsonData, err := json.Marshal(data)
	// if err != nil {
	// 	fmt.Println("JSON 序列化错误:", err)
	// 	return
	// }

	// // 对 JSON 数据进行加密
	// encryptedData, err := AesEncrypt(jsonData, key)
	// if err != nil {
	// 	fmt.Println("加密错误:", err)
	// 	return
	// }

	// 输出加密后的结果
	// fmt.Println("加密后的数据:", encryptedData)
}