f

2026-02-24 18:42:06 +08:00
parent 2d40d589e2
commit d80076e2c7
2 changed files with 8 additions and 38 deletions
--- a/pkg/captcha/encrypt_scene.go
+++ b/pkg/captcha/encrypt_scene.go
@@ -1,14 +1,11 @@
 package captcha

 import (
-	"bytes"
-	"crypto/aes"
-	"crypto/cipher"
-	"crypto/rand"
 	"encoding/base64"
 	"fmt"
-	"io"
 	"time"
+
+	lzcrypto "tyc-server/pkg/lzkit/crypto"
 )

 // GenerateEncryptedSceneID 按阿里云文档生成 EncryptedSceneId（仅适用于 V3 架构加密模式）。
@@ -30,32 +27,6 @@ func GenerateEncryptedSceneID(sceneId, ekey string, expireSeconds int) (string,
 		return "", fmt.Errorf("invalid ekey length, need 32 bytes after base64 decode, got %d", len(keyBytes))
 	}

-	block, err := aes.NewCipher(keyBytes)
-	if err != nil {
-		return "", fmt.Errorf("new cipher error: %w", err)
-	}
-
-	iv := make([]byte, aes.BlockSize)
-	if _, err := io.ReadFull(rand.Reader, iv); err != nil {
-		return "", fmt.Errorf("read iv error: %w", err)
-	}
-
-	padded := pkcs7Pad([]byte(plaintext), aes.BlockSize)
-	ciphertext := make([]byte, len(padded))
-
-	mode := cipher.NewCBCEncrypter(block, iv)
-	mode.CryptBlocks(ciphertext, padded)
-
-	out := append(iv, ciphertext...)
-	return base64.StdEncoding.EncodeToString(out), nil
+	// 复用已有的 AES-CBC + PKCS7 实现，输出即为 Base64(IV + ciphertext)
+	return lzcrypto.AesEncrypt([]byte(plaintext), keyBytes)
 }
-
-func pkcs7Pad(src []byte, blockSize int) []byte {
-	padLen := blockSize - len(src)%blockSize
-	if padLen == 0 {
-		padLen = blockSize
-	}
-	pad := bytes.Repeat([]byte{byte(padLen)}, padLen)
-	return append(src, pad...)
-}
-