-
Notifications
You must be signed in to change notification settings - Fork 0
/
secure.js
142 lines (120 loc) · 3.47 KB
/
secure.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
var parseuri;
try {
parseuri = require('./parseuri');
} catch (err) {
console.log('parseuri support is disabled!');
}
var crypto;
try {
crypto = require('crypto');
} catch (err) {
console.log('crypto support is disabled!');
}
const md5 = data => crypto.createHash('md5').update(data).digest("hex")
class Secure {
constructor(appid, cid, openid, secret, version, device = "ios_1.0.0", platform = "app") {
this.appid = appid;
this.cid = cid;
this.openid = openid;
this.secret = secret
this.version = version
this.device = device
this.platform = platform
}
// 解密数据
decrypt(json) {
if (json.crypto && json.crypto.length > 0) {
const ALGORITHM = 'aes-256-cbc';
const BLOCK_SIZE = 16;
let CIPHER_KEY = json.crypto
let cipherText = json.data
// Decrypts cipher text into plain text
const contents = Buffer.from(cipherText, 'hex');
const iv = contents.slice(0, BLOCK_SIZE);
const textBytes = contents.slice(BLOCK_SIZE);
const decipher = crypto.createDecipheriv(ALGORITHM, CIPHER_KEY, iv);
let decrypted = decipher.update(textBytes, 'hex', 'utf8');
decrypted += decipher.final('utf8');
json.data = JSON.parse(decrypted)
}
return json
}
checkBase64(data) {
try {
return JSON.parse(window.atob(data))
} catch (e) {
return data
}
}
// 获取签名后的地址
getSign(url) {
let debug = "false"
try {
debug = localStorage && localStorage['env'] == "local" ? "true" : "false"
} catch (e) {
}
let data = {
debug: debug,
appid: this.appid,
cid: this.cid,
openid: this.openid,
version: this.version,
device: this.device,
platform: this.platform,
nonce_str: this._generateNonceString(8),
nonce_time: this._generateNonceDateline()
}
if (debug == "false") {
delete (data.debug)
}
return this._generateSign(url, data)
}
// data = { "nonce_str": "nonce_str=xxx", "nonce_time": "nonce_time="xxx"}
_generateSign(url, data) {
var parseurl = parseuri(url)
let keys = []
// keys for url
for (var value in parseurl.queryKey) {
keys.push(value)
}
// keys for input
let inputKeys = Object.keys(data)
for (let i = 0; i < inputKeys.length; i++) {
keys.push(inputKeys[i]);
}
// sort keys
keys = keys.sort()
// get url params
let params = []
for (const element of keys) {
if (parseurl.queryKey[element]) {
params.push(element + "=" + parseurl.queryKey[element])
} else {
params.push(element + "=" + data[element])
}
}
let stringA = params.join("&")
let stringSignTemp = stringA + "&key=" + this.secret
let sign = md5(stringSignTemp).toLocaleUpperCase()
params.push("sign=" + sign)
if (parseurl.protocol.length > 2) {
return parseurl.protocol + "://" + parseurl.authority + parseurl.path + "?" + params.join("&")
} else {
return parseurl.host + parseurl.path + "?" + params.join("&")
}
}
_generateNonceDateline() {
return Date.parse(new Date()) / 1000
}
// 获取一次性字符串
_generateNonceString(length) {
var chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
var maxPos = chars.length;
var noceStr = "";
for (var i = 0; i < (length || 32); i++) {
noceStr += chars.charAt(Math.floor(Math.random() * maxPos));
}
return noceStr;
}
}
module.exports.Secure = Secure;