359 lines
12 KiB
JavaScript
359 lines
12 KiB
JavaScript
function Base64 () {
|
||
// private property
|
||
this._keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
|
||
}
|
||
//public method for encoding
|
||
Base64.prototype.encode = function (input) {
|
||
let output = "", chr1, chr2, chr3, enc1, enc2, enc3, enc4, i = 0;
|
||
input = this._utf8_encode(input);
|
||
while (i < input.length) {
|
||
chr1 = input.charCodeAt(i++);
|
||
chr2 = input.charCodeAt(i++);
|
||
chr3 = input.charCodeAt(i++);
|
||
enc1 = chr1 >> 2;
|
||
enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
|
||
enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
|
||
enc4 = chr3 & 63;
|
||
if (isNaN(chr2)) {
|
||
enc3 = enc4 = 64;
|
||
} else if (isNaN(chr3)) {
|
||
enc4 = 64;
|
||
}
|
||
output = output +
|
||
this._keyStr.charAt(enc1) + this._keyStr.charAt(enc2) +
|
||
this._keyStr.charAt(enc3) + this._keyStr.charAt(enc4);
|
||
}
|
||
return output;
|
||
}
|
||
|
||
// public method for decoding
|
||
Base64.prototype.decode = function (input) {
|
||
let output = "", chr1, chr2, chr3, enc1, enc2, enc3, enc4, i = 0;
|
||
input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
|
||
while (i < input.length) {
|
||
enc1 = this._keyStr.indexOf(input.charAt(i++));
|
||
enc2 = this._keyStr.indexOf(input.charAt(i++));
|
||
enc3 = this._keyStr.indexOf(input.charAt(i++));
|
||
enc4 = this._keyStr.indexOf(input.charAt(i++));
|
||
chr1 = (enc1 << 2) | (enc2 >> 4);
|
||
chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
|
||
chr3 = ((enc3 & 3) << 6) | enc4;
|
||
output = output + String.fromCharCode(chr1);
|
||
if (enc3 != 64) {
|
||
output = output + String.fromCharCode(chr2);
|
||
}
|
||
if (enc4 != 64) {
|
||
output = output + String.fromCharCode(chr3);
|
||
}
|
||
}
|
||
output = this._utf8_decode(output);
|
||
return output;
|
||
}
|
||
|
||
// private method for UTF-8 encoding
|
||
Base64.prototype._utf8_encode = function (string) {
|
||
string = string.replace(/\r\n/g, "\n");
|
||
let utftext = "";
|
||
for (let n = 0; n < string.length; n++) {
|
||
let c = string.charCodeAt(n);
|
||
if (c < 128) {
|
||
utftext += String.fromCharCode(c);
|
||
} else if ((c > 127) && (c < 2048)) {
|
||
utftext += String.fromCharCode((c >> 6) | 192);
|
||
utftext += String.fromCharCode((c & 63) | 128);
|
||
} else {
|
||
utftext += String.fromCharCode((c >> 12) | 224);
|
||
utftext += String.fromCharCode(((c >> 6) & 63) | 128);
|
||
utftext += String.fromCharCode((c & 63) | 128);
|
||
}
|
||
|
||
}
|
||
return utftext;
|
||
}
|
||
|
||
// private method for UTF-8 decoding
|
||
Base64.prototype._utf8_decode = function (utftext) {
|
||
let string = "", i = 0, c = 0, c1 = 0, c2 = 0, c3 = 0;
|
||
while (i < utftext.length) {
|
||
c = utftext.charCodeAt(i);
|
||
if (c < 128) {
|
||
string += String.fromCharCode(c);
|
||
i++;
|
||
} else if ((c > 191) && (c < 224)) {
|
||
c2 = utftext.charCodeAt(i + 1);
|
||
string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
|
||
i += 2;
|
||
} else {
|
||
c2 = utftext.charCodeAt(i + 1);
|
||
c3 = utftext.charCodeAt(i + 2);
|
||
string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
|
||
i += 3;
|
||
}
|
||
}
|
||
return string;
|
||
}
|
||
|
||
let Base = new Base64();
|
||
|
||
function md5 (str) {
|
||
return CryptoJS.MD5(str).toString()
|
||
}
|
||
function addinterruptchars (str) {
|
||
let $chars = 'ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz2345678';
|
||
let maxPos = $chars.length;
|
||
let newstr = '';
|
||
for (let i = 0; i < str.length; i++) {
|
||
newstr = newstr + str.charAt(i) + $chars.charAt(Math.floor(Math.random() * maxPos));
|
||
}
|
||
return newstr;
|
||
}
|
||
function authcode (string, isencrypt) {
|
||
let timestamp = Date.parse(new Date()) / 1000;//;
|
||
if (isencrypt)
|
||
string = string + timestamp;
|
||
let ckey_length = 5;
|
||
// 密匙
|
||
// let key = postman.getEnvironmentletiable("encryptkey");
|
||
let key = pm.environment.get('encryptkey')
|
||
key = md5(key)
|
||
// 密匙a会参与加解密
|
||
let keya = md5(key.substr(0, 12));
|
||
//console.log('keya:'+keya)
|
||
// 密匙b会用来做数据完整性验证
|
||
let keyb = md5(key.substr(12, 20));
|
||
// 密匙c用于变化生成的密文
|
||
//console.log('keyb:'+keyb)
|
||
let keyc = isencrypt ? md5(timestamp).substr(32 - ckey_length) : string.substr(0, ckey_length);
|
||
//console.log('keyc:'+keyc)
|
||
// 参与运算的密匙
|
||
let cryptkey = keya + md5(keya + keyc);
|
||
let key_length = cryptkey.length;
|
||
console.log('cryptkey:' + cryptkey)
|
||
|
||
let tempstr = md5(string + keyb).substr(0, 18);//检验字符串
|
||
string = isencrypt ? (timestamp + 120) + tempstr + string : Base.decode(string.substr(ckey_length));//timestamp+120过期时间
|
||
|
||
let string_length = string.length;
|
||
//console.log('string='+string+' length='+string_length);
|
||
let result = '';
|
||
let box = [];
|
||
let rndkey = [];
|
||
|
||
// 128是ascrii码,字符范围,也可取256以内其它数字,产生密匙簿,加解密的cryptkey是相同的,由当时时间md5生成的
|
||
for (let i = 0; i < 128; i++) {
|
||
rndkey[i] = cryptkey.charCodeAt(i % key_length);
|
||
box[i] = i;
|
||
}
|
||
let tmp;
|
||
// 用固定的算法,打乱密匙簿,增加随机性,好像很复杂,实际上对并不会增加密文的强度
|
||
for (let j = 0, i = 0; i < 128; i++) {
|
||
j = (j + box[i] + rndkey[i]) % 128;//rndkey[i]是随机数,j是也是随机,加起来也是随机数
|
||
tmp = box[i];
|
||
box[i] = box[j];
|
||
box[j] = tmp;
|
||
}
|
||
|
||
// 核心加解密部分
|
||
for (let a = j = i = 0; i < string_length; i++) {
|
||
a = (a + 1) % 128;
|
||
j = (j + box[a]) % 128;
|
||
tmp = box[a];//再次打乱
|
||
box[a] = box[j];
|
||
box[j] = tmp;
|
||
// 从密匙簿得出密匙进行异或,再转成字符
|
||
|
||
let b = box[(box[a] + box[j]) % 128];
|
||
|
||
let c = a ^ b;
|
||
let d = String.fromCharCode(c);
|
||
result += String.fromCharCode(string.charCodeAt(i) ^ (box[(box[a] + box[j]) % 128]));
|
||
}
|
||
|
||
//console.log('result='+result);
|
||
if (isencrypt) {
|
||
// 把动态密匙保存在密文里,这也是为什么同样的明文,生产不同密文后能解密的原因
|
||
// 因为加密后的密文可能是一些特殊字符,复制过程可能会丢失,所以用base64编码
|
||
return keyc + Base.encode(result);
|
||
}
|
||
else {
|
||
return result.substr(28)
|
||
}
|
||
|
||
}
|
||
function randomString (len) {
|
||
len = len || 32;
|
||
let $chars = 'ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz2345678';
|
||
let maxPos = $chars.length;
|
||
let pwd = '';
|
||
for (let i = 0; i < len; i++) {
|
||
pwd += $chars.charAt(Math.floor(Math.random() * maxPos));
|
||
}
|
||
return pwd;
|
||
}
|
||
function aesEncrypt (message, key, iv) {
|
||
let ciphertext = CryptoJS.AES.encrypt(message, key, {
|
||
iv: iv,
|
||
mode: CryptoJS.mode.CBC,
|
||
padding: CryptoJS.pad.Pkcs7
|
||
});
|
||
//return ciphertext;//密码对象(Obejct类型,非WordArray类型),Base64编码。
|
||
return ciphertext.toString();//密码对象的Base64字符串
|
||
|
||
}
|
||
|
||
if (pm.environment.get("isencrypt") == 1) {
|
||
hasparam = 1
|
||
// try {
|
||
// ps = pm.request.body.urlencoded.members
|
||
// }
|
||
// catch (err) {
|
||
// console.log('没有设置参数')
|
||
// hasparam = 0
|
||
// pm.request.body.urlencoded = new Array()
|
||
// }
|
||
|
||
//let param={'key':'zyh','value':'lisi'}
|
||
//pm.request.body.urlencoded.members.push(param)
|
||
console.log('hasparam值:', hasparam)
|
||
console.log('请求参数:', pm.request.body.urlencoded.members)
|
||
// if (hasparam == 0) {
|
||
// console.log('请求参数:', pm.request.body.urlencoded.members)
|
||
// }
|
||
let oldparams = {};
|
||
let params = {};
|
||
let ps = pm.request.body.urlencoded.members;
|
||
// if (!ps) {
|
||
// ps = []
|
||
// }
|
||
let regex = /\{{2}(\w+)\}{2}/
|
||
for (let i = 0; i < ps.length; i++) {
|
||
let param = ps[i]
|
||
let value = param.value
|
||
let vReg = regex.exec(value)
|
||
let key = param.key
|
||
oldparams[key] = value
|
||
if (param.disabled == true || key == "receipt") {
|
||
//console.log('disabled:'+key)
|
||
continue
|
||
}
|
||
if (key == 'params') {
|
||
continue
|
||
}
|
||
|
||
if (vReg !== null && vReg.length > 1) {
|
||
console.log(key, pm.environment.get(vReg[1]))
|
||
params[encodeURIComponent(key)] = pm.environment.get(vReg[1])
|
||
} else {
|
||
params[encodeURIComponent(key)] = value;
|
||
}
|
||
}
|
||
console.log('params:', params)
|
||
if (!oldparams.hasOwnProperty('app_bundle_id')) {
|
||
params['app_bundle_id'] = pm.environment.get('app_bundle_id');
|
||
}
|
||
if (!oldparams.hasOwnProperty('device_id')) {
|
||
params['device_id'] = pm.environment.get('device_id');
|
||
}
|
||
if (!oldparams.hasOwnProperty('token')) {
|
||
params['token'] = pm.environment.get('token');
|
||
}
|
||
// 其他基础参数
|
||
params['lang'] = pm.environment.get('lang');
|
||
params['timezone'] = pm.environment.get('timezone');
|
||
params['platform'] = pm.environment.get('platform');
|
||
params['app_name'] = pm.environment.get('app_name');
|
||
params['device_version'] = pm.environment.get('device_version');
|
||
|
||
let jsonstr = JSON.stringify(params);
|
||
// let jsonstr='{"app_bundle_id":"com.ylp.qrforfollowers","app_name":"qrforfollowers","app_version":"1.2","device_id":"EA7FA2BA-92FC-4538-93F7-B00E1B90A4F3","device_version":"12.1.2","instagram_id":"2207136901","lang":"zh-Hans-CN","password":"edee9KBx+HBBzOm8WS1pJHgB6aTIMMlYJLAZ8HT9Ban55MTkvTgUvB0NBcVgtO0Mb","platform":"iOS","timezone":"Asia/Shanghai","username":"sherryboa","token":"b6ea6b8fd7a4e00cb9e172a17a035ef5"}'
|
||
|
||
let CryptoJS = require("crypto-js");
|
||
let iv = randomString(16)
|
||
//let iv='JdG3kecbQPSWKHKp'
|
||
console.log('iv转类型 ' + CryptoJS.enc.Utf8.parse(iv))
|
||
|
||
//let iv='1111111111111111'
|
||
// let cryptkey = postman.getEnvironmentletiable("encryptkey");
|
||
let cryptkey = pm.environment.get('encryptkey')
|
||
console.log('jsonstr ' + jsonstr)
|
||
//测试
|
||
let ciphertext = aesEncrypt(jsonstr, CryptoJS.enc.Utf8.parse(cryptkey), CryptoJS.enc.Utf8.parse(iv));//加密
|
||
console.log('iv ' + iv)
|
||
console.log('ciphertext ' + ciphertext)
|
||
let checkdata = CryptoJS.HmacSHA256(jsonstr, cryptkey);
|
||
console.log('HmacSHA256checkdata ' + checkdata)
|
||
|
||
checkdata = CryptoJS.enc.Base64.stringify(checkdata)
|
||
console.log('Base64checkdata ' + checkdata)
|
||
|
||
|
||
let encstr = btoa(iv + atob(checkdata) + atob(ciphertext))
|
||
console.log('[BASE64]btoa结果:', encstr)
|
||
encstr = encstr.replace(/\//g, '_a')
|
||
encstr = encstr.replace(/\+/g, '_b')
|
||
encstr = encstr.replace(/\=/g, '_c')
|
||
|
||
console.log('[BASE64]加密前:', encstr)
|
||
if (pm.environment.get("authcode_encrypt") == 1) {
|
||
encstr = authcode(encstr, 1)
|
||
console.log('[BASE64]authcode:', encstr)
|
||
}
|
||
|
||
if (pm.environment.get("interrupt_encrypt") == 1) {
|
||
encstr = addinterruptchars(encstr)
|
||
console.log('[BASE64]interupt:', encstr)
|
||
}
|
||
|
||
pm.environment.set("params", encstr)
|
||
console.log('[BASE64]加密后:', encstr)
|
||
|
||
// let requestCfg = {
|
||
// url: pm.environment.get('host') + '/index/instagram/base64encrypt',
|
||
// method: 'POST',
|
||
// body: {
|
||
// mode: 'urlencoded',
|
||
// urlencoded: [
|
||
// {
|
||
// key: 'encstr',
|
||
// value: ciphertext,
|
||
// disabled: false
|
||
// },
|
||
// {
|
||
// key: 'checkdata',
|
||
// value: checkdata,
|
||
// disabled: false
|
||
// },
|
||
// {
|
||
// key: 'iv',
|
||
// value: iv,
|
||
// disabled: false
|
||
// },
|
||
// ]
|
||
// }
|
||
// }
|
||
// pm.sendRequest(requestCfg, function (err, response) {
|
||
// try {
|
||
// console.log('base64encrypt', response.json())
|
||
// encstr = response.json()['msg']
|
||
// console.log('[BASE64]加密前:', encstr)
|
||
// if (pm.environment.get("authcode_encrypt") == 1) {
|
||
// encstr = authcode(encstr, 1);
|
||
// console.log('[BASE64]authcode:', encstr)
|
||
// }
|
||
|
||
// if (pm.environment.get("interrupt_encrypt") == 1) {
|
||
// encstr = addinterruptchars(encstr)
|
||
// console.log('[BASE64]interupt:', encstr)
|
||
// }
|
||
|
||
// pm.environment.set("params", encstr);
|
||
// console.log('[BASE64]加密后:', encstr)
|
||
// } catch (e) {
|
||
// console.error(e.message, e)
|
||
// console.log('[BASE64]response:', response.text())
|
||
// }
|
||
// })
|
||
}
|
||
|
||
|