api-bpjs-surkon/handlers/bpjs/vClaim/Response.go

package Vclaim

import (
	"crypto/aes"
	"crypto/cipher"
	"crypto/sha256"
	"encoding/base64"
	"errors"
	"bridging-rssa/docs"

	lzstring "github.com/daku10/go-lz-string"
)

func ResponseVclaim(encrypted string, key string) (string, error) {

	cipherText, err := base64.StdEncoding.DecodeString(encrypted)
	if err != nil {
		return "", err
	}

	hash := sha256.Sum256([]byte(key))

	block, err := aes.NewCipher(hash[:])
	if err != nil {
		return "", err
	}

	if len(cipherText) < aes.BlockSize {
		return "", errors.New("cipherText too short")
	}

	iv := hash[:aes.BlockSize]

	if len(cipherText)%aes.BlockSize != 0 {
		return "", errors.New("cipherText is not a multiple of the block size")
	}

	mode := cipher.NewCBCDecrypter(block, iv)
	mode.CryptBlocks(cipherText, cipherText)

	// cipherText, _ = pkcs7.Unpad(cipherText, aes.BlockSize)
	cipherText = docs.RemovePKCS7Padding(cipherText)
	data, err := lzstring.DecompressFromEncodedURIComponent(string(cipherText))
	// data, err := helper.DecompressFromEncodedUriComponent(string(cipherText))
	if err != nil {
		return "", err
	}

	return data, nil
}