fanwh / dingtalk-encrypt · 提交

提交 ad3d77643a64bd2c202581eb91a5c52910650846

作者 fanwh
1 个父辈 ec190fad
构建: 未知

fixbug

内嵌 并排对比
正在显示 3 个修改的文件 包含 37 行增加20 行删除
@@ -29,20 +29,17 @@ class DingTalkEncryptor { @@ -29,20 +29,17 @@ class DingTalkEncryptor {
29 29
30 encrypt(random, plainText) { 30 encrypt(random, plainText) {
31 try { 31 try {
32 - const randomBuf = Buffer.from(random);  
33 - const plainTextBuf = Buffer.from(plainText);  
34 - const textLen = plainTextBuf.length;  
35 - const textLenBuf = Buffer.from([(textLen >> 24 & 255), (textLen >> 16 & 255), (textLen >> 8 & 255), (textLen & 255)]);  
36 - const cropIdBuf = Buffer.from(this.corpId);  
37 - const padCount = 32 - (randomBuf.length + textLenBuf.length + plainTextBuf.length + cropIdBuf.length) % 32;  
38 - const padBuf = Buffer.from(new Array(padCount).fill(padCount));  
39 - const finalBuf = Buffer.concat([randomBuf, textLenBuf, plainTextBuf, cropIdBuf, padBuf]);  
40 -  
41 - const encrypted = CryptoJS.AES.encrypt( CryptoJS.enc.Hex.parse(finalBuf.toString('hex')), this.keySpec, { 32 + const wordArray = CryptoJS.lib.WordArray.create([],16);
  33 + const textLen = plainText.length;
  34 + const textLenBuf = CryptoJS.lib.WordArray.create([textLen & 255]);
  35 + const plainTextBuf = CryptoJS.enc.Utf8.parse(plainText);
  36 + const cropIdBuf = CryptoJS.enc.Utf8.parse(this.corpId);
  37 + const finalBuf =wordArray.concat(textLenBuf).concat(plainTextBuf).concat(cropIdBuf)
  38 + const encrypted = CryptoJS.AES.encrypt(finalBuf, this.keySpec, {
42 iv: this.iv, 39 iv: this.iv,
43 mode: CryptoJS.mode.CBC, 40 mode: CryptoJS.mode.CBC,
44 padding:CryptoJS.pad.Pkcs7 41 padding:CryptoJS.pad.Pkcs7
45 - }); 42 + });
46 return encrypted.toString(); 43 return encrypted.toString();
47 } catch (e) { 44 } catch (e) {
48 console.log(e) 45 console.log(e)
@@ -78,7 +75,7 @@ class DingTalkEncryptor { @@ -78,7 +75,7 @@ class DingTalkEncryptor {
78 } 75 }
79 76
80 if (cropId != this.corpId) { 77 if (cropId != this.corpId) {
81 - console.log(cropId, this.corpId) 78 + console.log(cropId, this.corpId,plainText,cropId.length ,this.corpId.length)
82 throw new DingTalkEncryptException(900010); 79 throw new DingTalkEncryptException(900010);
83 } else { 80 } else {
84 return plainText; 81 return plainText;
1 'use strict'; 1 'use strict';
  2 +/**
  3 + HTTP请求结果校验返回字段值失败 HttpRequest:
  4 + curl 'http://test.alice.dodokeroro.cn:6655/dingtalk/events?
  5 + signature=1e08e2b73b7581207d82eb4c96d7238aaf3a7f17&
  6 + msg_signature=1e08e2b73b7581207d82eb4c96d7238aaf3a7f17&timestamp=1648094231677&nonce=7wgzaO5O' -d '{"encrypt":"4nzVlKqXYwYsH8IkfhGnRvzlKgud0gmSGKTWfq6bjClSpLNM8FYEQNTcA0Jc2yuvxlkxkhsbvvYTeCcXScU41CowiBhcuXONqj8amCINX83UYb6qSL5+aLl1VA6gcxPK"}' -H 'Content-Type:application/json' HttpCode:200 HttpReponse:
2 7
  8 +
  9 +*/
3 const DingTalkEncryptor = require('./DingTalkEncryptor'); 10 const DingTalkEncryptor = require('./DingTalkEncryptor');
4 const utils = require('./Utils'); 11 const utils = require('./Utils');
5 12
@@ -7,11 +14,13 @@ const utils = require('./Utils'); @@ -7,11 +14,13 @@ const utils = require('./Utils');
7 // const DingTalkEncryptException = require('./DingTalkEncryptException'); 14 // const DingTalkEncryptException = require('./DingTalkEncryptException');
8 15
9 /** 加解密需要,可以随机填写。如 "12345" */ 16 /** 加解密需要,可以随机填写。如 "12345" */
10 -const TOKEN = 'OUOdEgcMFxNDqoiADrf'; 17 +// const TOKEN = 'OUOdEgcMFxNDqoiADrf';
  18 +const TOKEN = 'BQB3WotDFx7gOKb5ewn6m';
11 /** 加密密钥,用于回调数据的加密,固定为43个字符,从[a-z, A-Z, 0-9]共62个字符中随机生成*/ 19 /** 加密密钥,用于回调数据的加密,固定为43个字符,从[a-z, A-Z, 0-9]共62个字符中随机生成*/
12 // const ENCODING_AES_KEY = 'TXpRMU5qYzRPVEF4TWpNME5UWTNPRGt3TVRJek5EVTI'; 20 // const ENCODING_AES_KEY = 'TXpRMU5qYzRPVEF4TWpNME5UWTNPRGt3TVRJek5EVTI';
13 // const ENCODING_AES_KEY = utils.getRandomStr(43); 21 // const ENCODING_AES_KEY = utils.getRandomStr(43);
14 -const ENCODING_AES_KEY = 'FRArTXHBSiMuyPjOjk4RqhOLuQ54d75A6PyYbFrShJy'; 22 +// const ENCODING_AES_KEY = 'FRArTXHBSiMuyPjOjk4RqhOLuQ54d75A6PyYbFrShJy';
  23 +const ENCODING_AES_KEY ='96MzrEOxlqKx3OulRLJx0KzelfHKM7zz82sw4eI4UxD';
15 // console.log('ENCODING_AES_KEY:\n' + ENCODING_AES_KEY); 24 // console.log('ENCODING_AES_KEY:\n' + ENCODING_AES_KEY);
16 // let buffer = Buffer.from(ENCODING_AES_KEY + '=', 'base64'); 25 // let buffer = Buffer.from(ENCODING_AES_KEY + '=', 'base64');
17 // const base64Str = buffer.toString('base64'); 26 // const base64Str = buffer.toString('base64');
@@ -27,8 +36,8 @@ const encryptor = new DingTalkEncryptor(TOKEN, ENCODING_AES_KEY, CORP_ID); @@ -27,8 +36,8 @@ const encryptor = new DingTalkEncryptor(TOKEN, ENCODING_AES_KEY, CORP_ID);
27 const ENCRYPT_RANDOM_16 = 'aaaabbbbccccdddd'; 36 const ENCRYPT_RANDOM_16 = 'aaaabbbbccccdddd';
28 // const timeStamp = (new Date().getTime()).toString(); 37 // const timeStamp = (new Date().getTime()).toString();
29 // const nonce = utils.getRandomStr(8); 38 // const nonce = utils.getRandomStr(8);
30 -const timeStamp = '1648014018742';  
31 -const nonce = 'AU1FFNAK'; 39 +let timeStamp = '1648094231677';
  40 +let nonce = '7wgzaO5O';
32 41
33 /** 测试加解密响应报文或者字符串 */ 42 /** 测试加解密响应报文或者字符串 */
34 // const testJson = { 43 // const testJson = {
@@ -53,8 +62,14 @@ const unencryptedJson = 'success'; @@ -53,8 +62,14 @@ const unencryptedJson = 'success';
53 // const decryptedJson = encryptor.decrypt(encryptedJson); 62 // const decryptedJson = encryptor.decrypt(encryptedJson);
54 // console.log(` \nnode decryptedJson:\n ${decryptedJson}, (${decryptedJson.length})`); 63 // console.log(` \nnode decryptedJson:\n ${decryptedJson}, (${decryptedJson.length})`);
55 // console.log(' \nnode sign:\n ' + encryptor.getSignature(TOKEN, timeStamp, nonce, encryptedJson)); 64 // console.log(' \nnode sign:\n ' + encryptor.getSignature(TOKEN, timeStamp, nonce, encryptedJson));
56 -const signature = '99011aff26fe6eea2aea3b9f1c17620483e8495d';  
57 -const encryptMsg = 'kKCIt2zJ1xPfCex1h3d4ZULhLvXi3RBbht1GxAsYK/Y9iZcw06P20xGTq8Lb9bskrd7fypdzcqo0GHvk+9zLonIXPFNKRTRkswZaH+t1A5683FoDYlXOsBRgpCsjSljo'; 65 +let signature = '1e08e2b73b7581207d82eb4c96d7238aaf3a7f17';
  66 +let encryptMsg = '4nzVlKqXYwYsH8IkfhGnRvzlKgud0gmSGKTWfq6bjClSpLNM8FYEQNTcA0Jc2yuvxlkxkhsbvvYTeCcXScU41CowiBhcuXONqj8amCINX83UYb6qSL5+aLl1VA6gcxPK';
  67 +
  68 +// signature='3cd3eac8d324861d85e6a359e4765fc4cc689832';
  69 +// timeStamp='1648094231747';
  70 +// nonce='LY6iii48';
  71 +// encryptMsg='jGaRz1YkaX3MdQMoe4s31TwVDYhFuH3gYCz4AzJsuSi/VV2C2ijIZTL83I4xnM4KU0DMdjaMuMTYqurW3o6rcNityAmHf0QchJQyaQaEBIM=';
  72 +
58 73
59 const plainText = encryptor.getDecryptMsg(signature, timeStamp, nonce, encryptMsg) 74 const plainText = encryptor.getDecryptMsg(signature, timeStamp, nonce, encryptMsg)
60 75
@@ -64,4 +79,9 @@ console.log("plainText::",plainText) @@ -64,4 +79,9 @@ console.log("plainText::",plainText)
64 const result = encryptor.getEncryptedMap(unencryptedJson, timeStamp, utils.getRandomStr(8)); 79 const result = encryptor.getEncryptedMap(unencryptedJson, timeStamp, utils.getRandomStr(8));
65 80
66 81
67 -console.log("result::",result)  
  82 +console.log("result::",result)
  83 +
  84 +const plainText2 = encryptor.getDecryptMsg(result.msg_signature, result.timeStamp, result.nonce, result.encrypt)
  85 +
  86 +
  87 +console.log("plainText222::",plainText2)
1 { 1 {
2 "name": "dingtalk-encrypt", 2 "name": "dingtalk-encrypt",
3 - "version": "1.0.0", 3 + "version": "1.0.1",
4 "description": "dingTalk Encrypt Nodejs Version.", 4 "description": "dingTalk Encrypt Nodejs Version.",
5 "main": "index.js", 5 "main": "index.js",
6 "scripts": { 6 "scripts": {
注册登录 后发表评论