feat: crypto.js 重构 #1839

package.json

@@ -64,10 +64,12 @@
   ],
   "dependencies": {
     "axios": "^1.2.2",
+    "crypto-js": "^4.2.0",
     "express": "^4.17.1",
     "express-fileupload": "^1.1.9",
     "md5": "^2.3.0",
     "music-metadata": "^7.5.3",
+    "node-forge": "^1.3.1",
     "pac-proxy-agent": "^7.0.0",
     "qrcode": "^1.4.4",
     "safe-decode-uri-component": "^1.2.1",

util/crypto.js

@@ -1,67 +1,83 @@
-const crypto = require('crypto')
-const iv = Buffer.from('0102030405060708')
-const presetKey = Buffer.from('0CoJUm6Qyw8W8jud')
-const linuxapiKey = Buffer.from('rFgB&h#%2?^eDg:Q')
+const CryptoJS = require('crypto-js')
+const forge = require('node-forge')
+const iv = '0102030405060708'
+const presetKey = '0CoJUm6Qyw8W8jud'
+const linuxapiKey = 'rFgB&h#%2?^eDg:Q'
 const base62 = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'
-const publicKey =
-  '-----BEGIN PUBLIC KEY-----\nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgtQn2JZ34ZC28NWYpAUd98iZ37BUrX/aKzmFbt7clFSs6sXqHauqKWqdtLkF2KexO40H1YTX8z2lSgBBOAxLsvaklV8k4cBFK9snQXE9/DDaFt6Rr7iVZMldczhC0JNgTz+SHXT6CBHuX3e9SdB1Ua44oncaTWz7OBGLbCiK45wIDAQAB\n-----END PUBLIC KEY-----'
+const publicKey = `-----BEGIN PUBLIC KEY-----
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgtQn2JZ34ZC28NWYpAUd98iZ37BUrX/aKzmFbt7clFSs6sXqHauqKWqdtLkF2KexO40H1YTX8z2lSgBBOAxLsvaklV8k4cBFK9snQXE9/DDaFt6Rr7iVZMldczhC0JNgTz+SHXT6CBHuX3e9SdB1Ua44oncaTWz7OBGLbCiK45wIDAQAB
+-----END PUBLIC KEY-----`
 const eapiKey = 'e82ckenh8dichen8'
 
-const aesEncrypt = (buffer, mode, key, iv) => {
-  const cipher = crypto.createCipheriv('aes-128-' + mode, key, iv)
-  return Buffer.concat([cipher.update(buffer), cipher.final()])
+const aesEncrypt = (text, mode, key, iv, format = 'base64') => {
+  let encrypted = CryptoJS.AES.encrypt(
+    CryptoJS.enc.Utf8.parse(text),
+    CryptoJS.enc.Utf8.parse(key),
+    {
+      iv: CryptoJS.enc.Utf8.parse(iv),
+      mode: CryptoJS.mode[mode.toUpperCase()],
+      padding: CryptoJS.pad.Pkcs7,
+    },
+  )
+  if (format === 'base64') {
+    return encrypted.toString()
+  }
+
+  return encrypted.ciphertext.toString().toUpperCase()
 }
 
-const rsaEncrypt = (buffer, key) => {
-  buffer = Buffer.concat([Buffer.alloc(128 - buffer.length), buffer])
-  return crypto.publicEncrypt(
-    { key: key, padding: crypto.constants.RSA_NO_PADDING },
-    buffer,
-  )
+const rsaEncrypt = (str, key) => {
+  const forgePublicKey = forge.pki.publicKeyFromPem(key)
+  const encrypted = forgePublicKey.encrypt(str, 'NONE')
+  return forge.util.bytesToHex(encrypted)
 }
 
 const weapi = (object) => {
   const text = JSON.stringify(object)
-  const secretKey = crypto
-    .randomBytes(16)
-    .map((n) => base62.charAt(n % 62).charCodeAt())
+  let secretKey = ''
+  for (let i = 0; i < 16; i++) {
+    secretKey += base62.charAt(Math.round(Math.random() * 61))
+  }
   return {
     params: aesEncrypt(
-      Buffer.from(
-        aesEncrypt(Buffer.from(text), 'cbc', presetKey, iv).toString('base64'),
-      ),
+      aesEncrypt(text, 'cbc', presetKey, iv),
       'cbc',
       secretKey,
       iv,
-    ).toString('base64'),
-    encSecKey: rsaEncrypt(secretKey.reverse(), publicKey).toString('hex'),
+    ),
+    encSecKey: rsaEncrypt(secretKey.split('').reverse().join(''), publicKey),
   }
 }
 
 const linuxapi = (object) => {
   const text = JSON.stringify(object)
   return {
-    eparams: aesEncrypt(Buffer.from(text), 'ecb', linuxapiKey, '')
-      .toString('hex')
-      .toUpperCase(),
+    eparams: aesEncrypt(text, 'ecb', linuxapiKey, '', 'hex'),
   }
 }
 
 const eapi = (url, object) => {
   const text = typeof object === 'object' ? JSON.stringify(object) : object
   const message = `nobody${url}use${text}md5forencrypt`
-  const digest = crypto.createHash('md5').update(message).digest('hex')
+  const digest = CryptoJS.MD5(message).toString()
   const data = `${url}-36cd479b6b5-${text}-36cd479b6b5-${digest}`
   return {
-    params: aesEncrypt(Buffer.from(data), 'ecb', eapiKey, '')
-      .toString('hex')
-      .toUpperCase(),
+    params: aesEncrypt(data, 'ecb', eapiKey, '', 'hex'),
   }
 }
 
-const decrypt = (cipherBuffer) => {
-  const decipher = crypto.createDecipheriv('aes-128-ecb', eapiKey, '')
-  return Buffer.concat([decipher.update(cipherBuffer), decipher.final()])
+const decrypt = (cipher) => {
+  const decipher = CryptoJS.AES.decrypt(
+    {
+      ciphertext: CryptoJS.enc.Hex.parse(cipher),
+    },
+    eapiKey,
+    {
+      mode: CryptoJS.mode.ECB,
+    },
+  )
+  const decryptedBytes = CryptoJS.enc.Utf8.stringify(decipher)
+  return decryptedBytes
 }
 
-module.exports = { weapi, linuxapi, eapi, decrypt }
+module.exports = { weapi, linuxapi, eapi, decrypt, aesEncrypt }

util/request.js

@@ -201,7 +201,7 @@ const createRequest = (method, url, data = {}, options) => {
         )
         try {
           if (options.crypto === 'eapi') {
-            answer.body = JSON.parse(encrypt.decrypt(body).toString())
+            answer.body = JSON.parse(encrypt.decrypt(body))
           } else {
             answer.body = body
           }

yarn.lock

@@ -479,7 +479,7 @@ balanced-match@^1.0.0:
 
 base64-js@^1.3.1:
   version "1.5.1"
-  resolved "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz"
+  resolved "https://registry.npmmirror.com/base64-js/-/base64-js-1.5.1.tgz#1b1b440160a5bf7ad40b650f095963481903930a"
   integrity sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==
 
 basic-ftp@^5.0.2:
@@ -778,6 +778,11 @@ crypt@0.0.2:
   resolved "https://registry.npmjs.org/crypt/-/crypt-0.0.2.tgz"
   integrity sha512-mCxBlsHFYh9C+HVpiEacem8FEBnMXgU9gy4zmNC+SXAZNB/1idgp/aulFJ4FgCi7GPEVbfyng092GqL2k2rmow==
 
+crypto-js@^4.2.0:
+  version "4.2.0"
+  resolved "https://registry.npmmirror.com/crypto-js/-/crypto-js-4.2.0.tgz#4d931639ecdfd12ff80e8186dba6af2c2e856631"
+  integrity sha512-KALDyEYgpY+Rlob/iriUtjV6d5Eq+Y191A5g4UqLAi8CyGP9N1+FdVbkc1SxKc2r4YAYqG8JzO2KGL+AizD70Q==
+
 d@1, d@^1.0.1:
   version "1.0.1"
   resolved "https://registry.npmjs.org/d/-/d-1.0.1.tgz"
@@ -2361,6 +2366,11 @@ node-fetch@^2.6.6:
   dependencies:
     whatwg-url "^5.0.0"
 
+node-forge@^1.3.1:
+  version "1.3.1"
+  resolved "https://registry.npmmirror.com/node-forge/-/node-forge-1.3.1.tgz#be8da2af243b2417d5f646a770663a92b7e9ded3"
+  integrity sha512-dPEtOeMvF9VMcYV/1Wb8CPoVAXtp6MKMlcbAt4ddqmGqUJ6fQZFXkNZNkNlfevtNkGtaSoXf/vNNNSvgrdXwtA==
+
 normalize-path@^3.0.0, normalize-path@~3.0.0:
   version "3.0.0"
   resolved "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz"