@tmsfe/tms-core 0.0.159 → 0.0.161

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@tmsfe/tms-core",
-  "version": "0.0.159",
+  "version": "0.0.161",
   "description": "tms运行时框架",
   "repository": {
     "type": "git",

package/src/encrypt/encrypt-util.ts

@@ -3,7 +3,7 @@
  * 暴露出来的工具函数封装原则：不可以向外throw错误，返回执行结果统一格式：{ success: boolean, msg: string, res: any }
  * https://iwiki.woa.com/p/4013041987#1.-RSA+AES-%E5%88%87%E6%8D%A2-Curve25519+XSalsa20%EF%BC%9A
  */
-import md5 from '../md5';
+import md5 from './md5';
 /* eslint-disable @typescript-eslint/no-require-imports */
 const ecc = require('./nacl.min.js');
 const base64Util = require('./nacl-util.min.js');
@@ -100,7 +100,7 @@ const eccUtil = {
     if (!wx.$_publicKey || forceRefresh) {
       // eslint-disable-next-line
       eccUtil._refreshPromise = new Promise(async (resolve) => {
-        const url =  `${baseUtil.getSinanHost()}/basic/crypto/lastkey`;
+        const url =  `${baseUtil.getSinanHost()}/basic/crypto/lastkey2`;
         const data = await composeParamsFunc({});
         wx.request({
           url,
@@ -193,7 +193,7 @@ const eccUtil = {
       }, [])
       .join('&');
     // 2. md5
-    const md5Str = md5(str, '', 'unit8array');
+    const md5Str = md5(str);
     const nonce = ecc.randomBytes(ecc.box.nonceLength);
     const encrypted = ecc.box.after(md5Str, nonce, sharedByte);
     const combined = new Uint8Array(nonce.length + encrypted.length);
@@ -203,34 +203,43 @@ const eccUtil = {
   },
   // 验证服务端加密签名
   verifyServerCryptoSign: (traceId: string, resHeader = {}): boolean => {
-    const formatHeader = baseUtil.formatHeader(resHeader);
-    const signStr = formatHeader['x-crypto-sign'];
-    const obj = {
-      'x-encrypt-key': formatHeader['x-encrypt-key'],
-      'x-encrypt-response': formatHeader['x-encrypt-response'],
-      'x-response-header-name': formatHeader['x-response-header-name'],
-      'x-encrypted-headers': formatHeader['x-encrypted-headers'],
-      'x-crypto-enable': formatHeader['x-crypto-enable'],
-      'content-type': formatHeader['content-type'],
-      'x-gateway-code': formatHeader['x-gateway-code'],
-      'x-crypto-pub-id': formatHeader['x-crypto-pub-id'],
-      'x-crypto-pub-key': formatHeader['x-crypto-pub-key'],
-      'x-crypto-pub-exp': formatHeader['x-crypto-pub-exp'],
-      'x-crypto-path': formatHeader['x-crypto-path'],
-      'x-trace-id': traceId,
-    };
-    const msg = baseUtil.decUrl(signStr);
-    const decrypted = ecc.sign.open(msg, eccUtil._getSignSharedByte());
-    const str = Object.keys(obj).filter(item => obj[item])
-      .sort()
-      .reduce((pre, cur) => {
-        pre.push(`${cur}=${obj[cur]}`);
-        return pre;
-      }, [])
-      .join('&');
-    const preHashArr = md5(str, '', 'unit8array');
-    const verified = preHashArr.length === decrypted.length && preHashArr.every((v, i) => v === decrypted[i]);
-    return verified;
+    try {
+      const formatHeader = baseUtil.formatHeader(resHeader);
+      const signStr = formatHeader['x-crypto-sign'];
+      if (!signStr) {
+        return false;
+      }
+      const obj = {
+        'x-encrypt-key': formatHeader['x-encrypt-key'],
+        'x-encrypt-response': formatHeader['x-encrypt-response'],
+        'x-response-header-name': formatHeader['x-response-header-name'],
+        'x-encrypted-headers': formatHeader['x-encrypted-headers'],
+        'x-crypto-enable': formatHeader['x-crypto-enable'],
+        'content-type': formatHeader['content-type'],
+        'x-gateway-code': formatHeader['x-gateway-code'],
+        'x-crypto-pub-id': formatHeader['x-crypto-pub-id'],
+        'x-crypto-pub-key': formatHeader['x-crypto-pub-key'],
+        'x-crypto-pub-exp': formatHeader['x-crypto-pub-exp'],
+        'x-crypto-path': formatHeader['x-crypto-path'],
+        'x-trace-id': traceId,
+      };
+      const msg = baseUtil.decUrl(signStr);
+      const decrypted = ecc.sign.open(msg, eccUtil._getSignSharedByte());
+      const str = Object.keys(obj).filter(item => obj[item])
+        .sort()
+        .reduce((pre, cur) => {
+          pre.push(`${cur}=${obj[cur]}`);
+          return pre;
+        }, [])
+        .join('&');
+      const preHashArr = md5(str);
+      const verified = preHashArr.length === decrypted.length && preHashArr.every((v, i) => v === decrypted[i]);
+      return verified;
+    } catch (e) {
+      console.error('verifyServerCryptoSign error', e);
+      return false;
+    }
+    
   },
   /* eslint-enable complexity */
   execEncrypt: (input: string, ignoreNull = false): BaseResp<{
@@ -272,6 +281,9 @@ const eccUtil = {
       return new baseUtil.BaseRespFac('', false, `execDecrypt失败：${JSON.stringify(err)}`);;
     }
   },
+  checkCryptoOpen: (): boolean => {
+    return !!eccUtil._privateKeyInfo;
+  },
   closeCrypto: () => {
     eccUtil._privateKeyInfo = null;
     eccUtil._updateGlobalPublicKeyInfo(true);
@@ -317,11 +329,11 @@ const cryptRuleUtil = {
   },
   // 不参与加密的请求路径规则: { 允许的域名： 不需要加密的path }
   _encryptPathRule: {
-    'tim.map.qq.com': ['^/user/login', '^/api/getClientConfigs', '^/basic/crypto/lastkey'],
+    'tim.map.qq.com': ['^/user/login', '^/api/getClientConfigs', '^/basic/crypto/lastkey2'],
     'tim.sparta.html5.qq.com': [
       '^/user/login',
       '^/cnabroad', '^~/ReChargeCard/', '^/gasolinerecharge/v2/', '^/gasolinerecharge/rechargecard/',
-      '^/tde', '^/basic/crypto/lastkey',
+      '^/tde', '^/basic/crypto/lastkey2',
     ],
   },
   isHostValid: (url) => {
@@ -503,23 +515,24 @@ const dealEncryptionSwitch = async (path: string, traceId: string, resHeader): P
   }
   dealEncryptionSwitching = true;
   const formatHeader = baseUtil.formatHeader(resHeader);
-  if (formatHeader['x-crypto-enable'] === '0') {
-    // 网关加密验签，验签通过才能执行关闭
+  // 加密关闭或者`login接口和lastkey接口`，都需要先执行验签
+  const cryptoDisabled = formatHeader['x-crypto-enable'] === '0';
+  const specialPath = [
+    `${baseUtil.getSinanHost()}/user/login`,
+    `${baseUtil.getSinanHost()}/basic/crypto/lastkey2`,
+  ].indexOf(path) > -1;
+  if ((eccUtil.checkCryptoOpen() && cryptoDisabled) || specialPath ) {
     const verified = eccUtil.verifyServerCryptoSign(traceId, formatHeader);
-    if (verified) {
-      eccUtil.closeCrypto();
+    if (!verified) {
+      // 验签失败，表示响应被篡改
+      dealEncryptionSwitching = false;
+      return false;
     }
+  }
+  if (cryptoDisabled) {
+    eccUtil.closeCrypto();
   } else if (formatHeader['x-crypto-enable'] === '1') {
-    if ([
-      `${baseUtil.getSinanHost()}/user/login`,
-      `${baseUtil.getSinanHost()}/basic/crypto/lastkey`,
-    ].indexOf(path) > -1) {
-      const verified = eccUtil.verifyServerCryptoSign(traceId, formatHeader);
-      if (!verified) {
-        // 验签失败，表示请求被篡改
-        dealEncryptionSwitching = false;
-        return false;
-      }
+    if (specialPath) {
       eccUtil._updateGlobalPublicKeyInfo(false, formatHeader);
     }
     await eccUtil.openCrypto();

package/src/encrypt/md5.js

@@ -0,0 +1,2 @@
+/* eslint-disable */
+function safeAdd(x,y){const lsw=(x&0xffff)+(y&0xffff);const msw=(x>>16)+(y>>16)+(lsw>>16);return(msw<<16)|(lsw&0xffff)}function bitRotateLeft(num,cnt){return(num<<cnt)|(num>>>(32-cnt))}function md5cmn(q,a,b,x,s,t){return safeAdd(bitRotateLeft(safeAdd(safeAdd(a,q),safeAdd(x,t)),s),b)}function md5ff(a,b,c,d,x,s,t){return md5cmn((b&c)|(~b&d),a,b,x,s,t)}function md5gg(a,b,c,d,x,s,t){return md5cmn((b&d)|(c&~d),a,b,x,s,t)}function md5hh(a,b,c,d,x,s,t){return md5cmn(b^c^d,a,b,x,s,t)}function md5ii(a,b,c,d,x,s,t){return md5cmn(c^(b|~d),a,b,x,s,t)}function binlMD5(x,len){x[len>>5]|=0x80<<len%32;x[(((len+64)>>>9)<<4)+14]=len;let a=1732584193;let b=-271733879;let c=-1732584194;let d=271733878;for(let i=0;i<x.length;i+=16){const olda=a;const oldb=b;const oldc=c;const oldd=d;a=md5ff(a,b,c,d,x[i],7,-680876936);d=md5ff(d,a,b,c,x[i+1],12,-389564586);c=md5ff(c,d,a,b,x[i+2],17,606105819);b=md5ff(b,c,d,a,x[i+3],22,-1044525330);a=md5ff(a,b,c,d,x[i+4],7,-176418897);d=md5ff(d,a,b,c,x[i+5],12,1200080426);c=md5ff(c,d,a,b,x[i+6],17,-1473231341);b=md5ff(b,c,d,a,x[i+7],22,-45705983);a=md5ff(a,b,c,d,x[i+8],7,1770035416);d=md5ff(d,a,b,c,x[i+9],12,-1958414417);c=md5ff(c,d,a,b,x[i+10],17,-42063);b=md5ff(b,c,d,a,x[i+11],22,-1990404162);a=md5ff(a,b,c,d,x[i+12],7,1804603682);d=md5ff(d,a,b,c,x[i+13],12,-40341101);c=md5ff(c,d,a,b,x[i+14],17,-1502002290);b=md5ff(b,c,d,a,x[i+15],22,1236535329);a=md5gg(a,b,c,d,x[i+1],5,-165796510);d=md5gg(d,a,b,c,x[i+6],9,-1069501632);c=md5gg(c,d,a,b,x[i+11],14,643717713);b=md5gg(b,c,d,a,x[i],20,-373897302);a=md5gg(a,b,c,d,x[i+5],5,-701558691);d=md5gg(d,a,b,c,x[i+10],9,38016083);c=md5gg(c,d,a,b,x[i+15],14,-660478335);b=md5gg(b,c,d,a,x[i+4],20,-405537848);a=md5gg(a,b,c,d,x[i+9],5,568446438);d=md5gg(d,a,b,c,x[i+14],9,-1019803690);c=md5gg(c,d,a,b,x[i+3],14,-187363961);b=md5gg(b,c,d,a,x[i+8],20,1163531501);a=md5gg(a,b,c,d,x[i+13],5,-1444681467);d=md5gg(d,a,b,c,x[i+2],9,-51403784);c=md5gg(c,d,a,b,x[i+7],14,1735328473);b=md5gg(b,c,d,a,x[i+12],20,-1926607734);a=md5hh(a,b,c,d,x[i+5],4,-378558);d=md5hh(d,a,b,c,x[i+8],11,-2022574463);c=md5hh(c,d,a,b,x[i+11],16,1839030562);b=md5hh(b,c,d,a,x[i+14],23,-35309556);a=md5hh(a,b,c,d,x[i+1],4,-1530992060);d=md5hh(d,a,b,c,x[i+4],11,1272893353);c=md5hh(c,d,a,b,x[i+7],16,-155497632);b=md5hh(b,c,d,a,x[i+10],23,-1094730640);a=md5hh(a,b,c,d,x[i+13],4,681279174);d=md5hh(d,a,b,c,x[i],11,-358537222);c=md5hh(c,d,a,b,x[i+3],16,-722521979);b=md5hh(b,c,d,a,x[i+6],23,76029189);a=md5hh(a,b,c,d,x[i+9],4,-640364487);d=md5hh(d,a,b,c,x[i+12],11,-421815835);c=md5hh(c,d,a,b,x[i+15],16,530742520);b=md5hh(b,c,d,a,x[i+2],23,-995338651);a=md5ii(a,b,c,d,x[i],6,-198630844);d=md5ii(d,a,b,c,x[i+7],10,1126891415);c=md5ii(c,d,a,b,x[i+14],15,-1416354905);b=md5ii(b,c,d,a,x[i+5],21,-57434055);a=md5ii(a,b,c,d,x[i+12],6,1700485571);d=md5ii(d,a,b,c,x[i+3],10,-1894986606);c=md5ii(c,d,a,b,x[i+10],15,-1051523);b=md5ii(b,c,d,a,x[i+1],21,-2054922799);a=md5ii(a,b,c,d,x[i+8],6,1873313359);d=md5ii(d,a,b,c,x[i+15],10,-30611744);c=md5ii(c,d,a,b,x[i+6],15,-1560198380);b=md5ii(b,c,d,a,x[i+13],21,1309151649);a=md5ii(a,b,c,d,x[i+4],6,-145523070);d=md5ii(d,a,b,c,x[i+11],10,-1120210379);c=md5ii(c,d,a,b,x[i+2],15,718787259);b=md5ii(b,c,d,a,x[i+9],21,-343485551);a=safeAdd(a,olda);b=safeAdd(b,oldb);c=safeAdd(c,oldc);d=safeAdd(d,oldd)}return[a,b,c,d]}function binl2rstr(input){let output='';const length32=input.length*32;for(let i=0;i<length32;i+=8){output+=String.fromCharCode((input[i>>5]>>>i%32)&0xff)}return output}function rstr2binl(input){const output=[];output[(input.length>>2)-1]=undefined;for(let i=0;i<output.length;i+=1){output[i]=0}const length8=input.length*8;for(let i=0;i<length8;i+=8){output[i>>5]|=(input.charCodeAt(i/8)&0xff)<<i%32}return output}function rstrMD5(s){return binl2rstr(binlMD5(rstr2binl(s),s.length*8))}function str2rstrUTF8(input){return unescape(encodeURIComponent(input))}function rawMD5(s){return rstrMD5(str2rstrUTF8(s))}function rstr2uint8array(input){const output=new Uint8Array(input.length);for(let i=0;i<input.length;i++){output[i]=input.charCodeAt(i)}return output}function md5(string){return rstr2uint8array(rawMD5(string))}export default md5;

package/src/md5.js

@@ -349,20 +349,6 @@ function hexHMACMD5(k, d) {
   return rstr2hex(rawHMACMD5(k, d));
 }
 
-/**
- * 将原始二进制字符串转换为 Uint8Array
- *
- * @param {string} input 原始的 MD5 二进制字符串
- * @returns {Uint8Array} Uint8Array 格式的 MD5 哈希值
- */
-function rstr2uint8array(input) {
-  const output = new Uint8Array(input.length);
-  for (let i = 0; i < input.length; i++) {
-    output[i] = input.charCodeAt(i);
-  }
-  return output;
-}
-
 /**
  * Calculates MD5 value for a given string.
  * If a key is provided, calculates the HMAC-MD5 value.
@@ -378,17 +364,11 @@ function md5(string, key, raw) {
     if (!raw) {
       return hexMD5(string);
     }
-    if (raw === 'unit8array') {
-      return rstr2uint8array(rawMD5(string));
-    }
     return rawMD5(string);
   }
   if (!raw) {
     return hexHMACMD5(key, string);
   }
-  if (raw === 'unit8array') {
-    return rstr2uint8array(rawHMACMD5(key, string));
-  }
   return rawHMACMD5(key, string);
 }
 

package/src/navbarUtils.js

@@ -151,7 +151,7 @@ const getNavBarConfigData = () => { // eslint-disable-line require-jsdoc
     statusBarHeight = isIOS ? StatusBarHeightOnIOS : StatusBarHeightOnAndroid;
   }
 
-  const enable = compareVersion(version, '7.0.0') >= 0 || brand === 'devtools'; // 微信版本是否支持自定义顶栏，不支持时自动隐藏
+  const enable = compareVersion(version, '7.0.0') >= 0 || brand === 'devtools' || platform === 'ohos'; // 微信版本是否支持自定义顶栏，不支持时自动隐藏
   const enterOptions = getEnterOptions();
   if (enable) {
     return { enable, ...calculateNavBarLayout(isIOS, statusBarHeight, enterOptions.apiCategory) };