232 lines
8.0 KiB
JavaScript
232 lines
8.0 KiB
JavaScript
//console.log('responseBody'+responseBody)
|
||
|
||
|
||
function Base64 () {
|
||
// private property
|
||
this._keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
|
||
}
|
||
//public method for encoding
|
||
Base64.prototype.encode = function (input) {
|
||
var output = "", chr1, chr2, chr3, enc1, enc2, enc3, enc4, i = 0;
|
||
input = this._utf8_encode(input);
|
||
while (i < input.length) {
|
||
chr1 = input.charCodeAt(i++);
|
||
chr2 = input.charCodeAt(i++);
|
||
chr3 = input.charCodeAt(i++);
|
||
enc1 = chr1 >> 2;
|
||
enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
|
||
enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
|
||
enc4 = chr3 & 63;
|
||
if (isNaN(chr2)) {
|
||
enc3 = enc4 = 64;
|
||
} else if (isNaN(chr3)) {
|
||
enc4 = 64;
|
||
}
|
||
output = output +
|
||
this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) +
|
||
this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);
|
||
}
|
||
return output;
|
||
}
|
||
|
||
// public method for decoding
|
||
Base64.prototype.decode = function (input) {
|
||
var output = "", chr1, chr2, chr3, enc1, enc2, enc3, enc4, i = 0;
|
||
input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
|
||
while (i < input.length) {
|
||
enc1 = this._keyStr.indexOf(input.charAt(i++));
|
||
enc2 = this._keyStr.indexOf(input.charAt(i++));
|
||
enc3 = this._keyStr.indexOf(input.charAt(i++));
|
||
enc4 = this._keyStr.indexOf(input.charAt(i++));
|
||
chr1 = (enc1 << 2) | (enc2 >> 4);
|
||
chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
|
||
chr3 = ((enc3 & 3) << 6) | enc4;
|
||
output = output + String.fromCharCode(chr1);
|
||
if (enc3 != 64) {
|
||
output = output + String.fromCharCode(chr2);
|
||
}
|
||
if (enc4 != 64) {
|
||
output = output + String.fromCharCode(chr3);
|
||
}
|
||
}
|
||
output = this._utf8_decode(output);
|
||
return output;
|
||
}
|
||
|
||
// private method for UTF-8 encoding
|
||
Base64.prototype._utf8_encode = function (string) {
|
||
string = string.replace(/\r\n/g, "\n");
|
||
var utftext = "";
|
||
for (var n = 0; n < string.length; n++) {
|
||
var c = string.charCodeAt(n);
|
||
if (c < 128) {
|
||
utftext += String.fromCharCode(c);
|
||
} else if ((c > 127) && (c < 2048)) {
|
||
utftext += String.fromCharCode((c >> 6) | 192);
|
||
utftext += String.fromCharCode((c & 63) | 128);
|
||
} else {
|
||
utftext += String.fromCharCode((c >> 12) | 224);
|
||
utftext += String.fromCharCode(((c >> 6) & 63) | 128);
|
||
utftext += String.fromCharCode((c & 63) | 128);
|
||
}
|
||
|
||
}
|
||
return utftext;
|
||
}
|
||
|
||
// private method for UTF-8 decoding
|
||
Base64.prototype._utf8_decode = function (utftext) {
|
||
var string = "", i = 0, c = 0, c1 = 0, c2 = 0, c3 = 0;
|
||
while (i < utftext.length) {
|
||
c = utftext.charCodeAt(i);
|
||
if (c < 128) {
|
||
string += String.fromCharCode(c);
|
||
i++;
|
||
} else if ((c > 191) && (c < 224)) {
|
||
c2 = utftext.charCodeAt(i + 1);
|
||
string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
|
||
i += 2;
|
||
} else {
|
||
c2 = utftext.charCodeAt(i + 1);
|
||
c3 = utftext.charCodeAt(i + 2);
|
||
string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
|
||
i += 3;
|
||
}
|
||
}
|
||
return string;
|
||
}
|
||
|
||
var Base = new Base64();
|
||
|
||
function md5 (str) {
|
||
return CryptoJS.MD5(str).toString()
|
||
}
|
||
function authcode (string, isencrypt) {
|
||
var timestamp = Date.parse(new Date()) / 1000;//;
|
||
if (isencrypt)
|
||
string = string + timestamp;
|
||
var ckey_length = 5;
|
||
// 密匙
|
||
var key = postman.getEnvironmentVariable("encryptkey");
|
||
key = md5(key)
|
||
// 密匙a会参与加解密
|
||
var keya = md5(key.substr(0, 12));
|
||
//console.log('keya:'+keya)
|
||
// 密匙b会用来做数据完整性验证
|
||
var keyb = md5(key.substr(12, 20));
|
||
// 密匙c用于变化生成的密文
|
||
//console.log('keyb:'+keyb)
|
||
var keyc = isencrypt ? md5(timestamp).substr(32 - ckey_length) : string.substr(0, ckey_length);
|
||
//console.log('keyc:'+keyc)
|
||
// 参与运算的密匙
|
||
var cryptkey = keya + md5(keya + keyc);
|
||
var key_length = cryptkey.length;
|
||
// console.log('cryptkey:'+cryptkey)
|
||
|
||
var tempstr = md5(string + keyb).substr(0, 18);//检验字符串
|
||
string = isencrypt ? (timestamp + 120) + tempstr + string : Base.decode(string.substr(ckey_length));//timestamp+120过期时间
|
||
|
||
var string_length = string.length;
|
||
//console.log('string='+string+' length='+string_length);
|
||
var result = '';
|
||
var box = [];
|
||
var rndkey = [];
|
||
|
||
// 128是ascrii码,字符范围,也可取256以内其它数字,产生密匙簿,加解密的cryptkey是相同的,由当时时间md5生成的
|
||
for (var i = 0; i < 128; i++) {
|
||
rndkey[i] = cryptkey.charCodeAt(i % key_length);
|
||
box[i] = i;
|
||
}
|
||
var tmp;
|
||
// 用固定的算法,打乱密匙簿,增加随机性,好像很复杂,实际上对并不会增加密文的强度
|
||
for (var j = 0, i = 0; i < 128; i++) {
|
||
j = (j + box[i] + rndkey[i]) % 128;//rndkey[i]是随机数,j是也是随机,加起来也是随机数
|
||
tmp = box[i];
|
||
box[i] = box[j];
|
||
box[j] = tmp;
|
||
}
|
||
|
||
// 核心加解密部分
|
||
for (var a = j = i = 0; i < string_length; i++) {
|
||
a = (a + 1) % 128;
|
||
j = (j + box[a]) % 128;
|
||
tmp = box[a];//再次打乱
|
||
box[a] = box[j];
|
||
box[j] = tmp;
|
||
// 从密匙簿得出密匙进行异或,再转成字符
|
||
|
||
var b = box[(box[a] + box[j]) % 128];
|
||
|
||
var c = a ^ b;
|
||
var d = String.fromCharCode(c);
|
||
result += String.fromCharCode(string.charCodeAt(i) ^ (box[(box[a] + box[j]) % 128]));
|
||
}
|
||
|
||
//console.log('result='+result);
|
||
if (isencrypt) {
|
||
// 把动态密匙保存在密文里,这也是为什么同样的明文,生产不同密文后能解密的原因
|
||
// 因为加密后的密文可能是一些特殊字符,复制过程可能会丢失,所以用base64编码
|
||
return keyc + Base.encode(result);
|
||
}
|
||
else {
|
||
return result.substr(28)
|
||
}
|
||
|
||
}
|
||
function removeinterruptchars (str) {
|
||
var newstring = '';
|
||
for (var i = 0; i < str.length; i++) {
|
||
if (i % 2 == 0)
|
||
newstring = newstring + str.charAt(i);
|
||
}
|
||
return newstring;
|
||
}
|
||
function aesDecrypt (ciphertext, key, iv) {
|
||
var decrypted = CryptoJS.AES.decrypt(ciphertext, key, {
|
||
iv: iv,
|
||
mode: CryptoJS.mode.CBC,
|
||
padding: CryptoJS.pad.Pkcs7
|
||
});
|
||
return decrypted.toString(CryptoJS.enc.Utf8);//WordArray对象转utf8字符串
|
||
}
|
||
// pm.environment.set("isencrypt", "0");
|
||
try {
|
||
var data = JSON.parse(responseBody);
|
||
console.log(data)
|
||
tests["接口未加密,返回值查看body"] = 1
|
||
}
|
||
catch (err) {
|
||
// pm.environment.set("isencrypt", "1");
|
||
encstr = responseBody
|
||
//console.log(encstr)
|
||
if (pm.environment.get("interrupt_encrypt") == 1) {
|
||
encstr = removeinterruptchars(encstr)
|
||
//console.log('interupt '+encstr)
|
||
}
|
||
|
||
if (pm.environment.get("authcode_encrypt") == 1) {
|
||
encstr = authcode(encstr, 0)
|
||
// console.log('authcode '+encstr)
|
||
}
|
||
//console.log(encstr)
|
||
encstr = encstr.replace(/_a/g, "/").replace(/_b/g, "+").replace(/_c/g, "=")
|
||
tests["接口进行了加密,以下是解密内容,详细输出,打开view-show postman console查看打印结果"] = 1
|
||
response = CryptoJS.enc.Base64.parse(encstr).toString(CryptoJS.enc.Latin1);
|
||
iv = response.substr(0, 16)
|
||
|
||
decdata = response.substr(48, response.length - 48)
|
||
var cryptkey = postman.getEnvironmentVariable("encryptkey");
|
||
//console.log(CryptoJS.enc.Base64.stringify(CryptoJS.enc.Latin1.parse(decdata)))
|
||
decryptedMessage = aesDecrypt(CryptoJS.enc.Base64.stringify(CryptoJS.enc.Latin1.parse(decdata)), CryptoJS.enc.Utf8.parse(cryptkey), CryptoJS.enc.Utf8.parse(iv));//解密
|
||
decryptedMessage = unescape(decryptedMessage.replace(/\\/g, "%"))
|
||
tests[decryptedMessage] = 1
|
||
console.log('解密后' + decryptedMessage)
|
||
if (decryptedMessage) {
|
||
obj = JSON.parse(decryptedMessage)
|
||
console.log(obj)
|
||
}
|
||
|
||
}
|
||
|
||
|