func execLevelExamples() {
// 默认日志级别 debug
log.Printf("default log level: %s", log.GetLevel())
log.Tracef("IsTraceEnabled? %t", log.IsTraceEnabled())
log.Debugf("IsDebugEnabled? %t", log.IsDebugEnabled())
log.Infof("IsInfoEnabled? %t", log.IsInfoEnabled())
// trace 级别
log.SetLevel(log.Ltrace)
log.Tracef(msgFmt, 1)
// info 级别
log.SetLevel(log.Linfo)
log.Debugf(msgFmt, 2)
log.Infof(msgFmt, 2)
// warn 级别
log.SetLevel(log.Lwarn)
log.Infof(msgFmt, 3)
log.Warnf(msgFmt, 3)
// error 级别
log.SetLevel(log.Lerror)
log.Warnf(msgFmt, 4)
log.Errorf(msgFmt, 4)
// 恢复默认级别,防止影响其他测试
// debug 级别
log.SetLevel(log.Ldebug)
log.Tracef(msgFmt, 5)
log.Debugf(msgFmt, 5)
}
// AESCBCEncrypt 采用 CBC 模式的 AES 加密
func AESCBCEncrypt(src, key, iv []byte) (enc []byte, err error) {
log.Tracef("src: %s", src)
src = PKCS7Padding(src, len(key))
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
mode := cipher.NewCBCEncrypter(block, iv)
mode.CryptBlocks(src, src)
enc = src
log.Tracef("enc: % x", enc)
return enc, nil
}
// Signature 对加密的报文计算签名
func Signature(token, timestamp, nonce, encrypt string) string {
tmpArr := []string{token, timestamp, nonce, encrypt}
sort.Strings(tmpArr)
tmpStr := strings.Join(tmpArr, "")
actual := fmt.Sprintf("%x", sha1.Sum([]byte(tmpStr)))
log.Tracef("%s %s", tmpArr, actual)
return actual
}
// ValidateURL 验证 URL 以判断来源是否合法
func ValidateURL(token, timestamp, nonce, signature string) bool {
tmpArr := []string{token, timestamp, nonce}
sort.Strings(tmpArr)
tmpStr := strings.Join(tmpArr, "")
actual := fmt.Sprintf("%x", sha1.Sum([]byte(tmpStr)))
log.Tracef("%s %s", tmpArr, actual)
return actual == signature
}
// DecryptMsg 解密报文
func DecryptMsg(b64Enc string, aesKey []byte, appId string) (msg []byte, err error) {
log.Tracef("b64Enc: %s", b64Enc)
enc, err := base64.StdEncoding.DecodeString(b64Enc)
if err != nil {
return nil, err
}
// AES CBC 解密报文
src, err := AESCBCDecrypt(enc, aesKey, aesKey[:aes.BlockSize])
if err != nil {
return nil, err
}
log.Tracef("full message: %s", src)
_, _, msg, appId2 := ParseFullMsg(src)
if appId2 != appId {
return nil, fmt.Errorf("expected appId %s, but %s", appId, appId2)
}
return msg, nil
}
// AESCBCDecrypt 采用 CBC 模式的 AES 解密
func AESCBCDecrypt(enc, key, iv []byte) (src []byte, err error) {
log.Tracef("enc: % x", enc)
if len(enc) < len(key) {
return nil, fmt.Errorf("the length of encrypted message too short: %d", len(enc))
}
if len(enc)&(len(key)-1) != 0 { // or len(enc)%len(key) != 0
return nil, fmt.Errorf("encrypted message is not a multiple of the key size(%d), the length is %d", len(key), len(enc))
}
block, err := aes.NewCipher(key)
if err != nil {
return nil, err
}
mode := cipher.NewCBCDecrypter(block, iv)
mode.CryptBlocks(enc, enc)
src = PKCS7UnPadding(enc)
log.Tracef("src: %s", src)
return src, nil
}