37 lines
1020 B
Go
37 lines
1020 B
Go
package captcha
|
||
|
||
import (
|
||
"encoding/base64"
|
||
"fmt"
|
||
"time"
|
||
|
||
"ycc-server/pkg/lzkit/crypto"
|
||
)
|
||
|
||
// GenerateEncryptedSceneID 生成加密的场景ID
|
||
// 格式: sceneId×tamp&expireTime -> AES-256-CBC + PKCS7 -> Base64(IV + ciphertext)
|
||
func GenerateEncryptedSceneID(sceneId, ekey string, expireSeconds int) (string, error) {
|
||
// 参数校验
|
||
if expireSeconds <= 0 || expireSeconds > 86400 {
|
||
expireSeconds = 3600 // 默认1小时
|
||
}
|
||
|
||
// 构建明文: sceneId×tamp&expireTime
|
||
ts := time.Now().Unix()
|
||
plaintext := fmt.Sprintf("%s&%d&%d", sceneId, ts, expireSeconds)
|
||
|
||
// 解码 ekey(Base64 -> 32字节密钥)
|
||
keyBytes, err := base64.StdEncoding.DecodeString(ekey)
|
||
if err != nil {
|
||
return "", fmt.Errorf("decode ekey error: %w", err)
|
||
}
|
||
|
||
// 验证密钥长度(AES-256 需要 32 字节)
|
||
if len(keyBytes) != 32 {
|
||
return "", fmt.Errorf("invalid ekey length, need 32 bytes after base64 decode, got %d", len(keyBytes))
|
||
}
|
||
|
||
// 使用 AES 加密
|
||
return crypto.AesEncrypt([]byte(plaintext), keyBytes)
|
||
}
|