dream-common 1.1.39 → 1.1.41

package/lib/CryptoJS/Base64Utils.js

@@ -1,123 +1,115 @@
 // utils/Base64Utils.js
 
 /**
- * Base64 编码/解码 & 二进制互转工具类
- * 支持：String ↔ Base64 ↔ Uint8Array ↔ Hex
+ * 字符串 → Base64
+ * @param {string} str - UTF-8 字符串
+ * @returns {string} Base64 编码结果
  */
-class Base64Utils {
-	/**
-	 * 字符串 → Base64
-	 * @param {string} str - UTF-8 字符串
-	 * @returns {string} Base64 编码结果
-	 */
-	static stringToBase64(str) {
-		if (typeof Buffer !== 'undefined') {
-			return Buffer.from(str, 'utf8').toString('base64');
-		}
-		// 浏览器环境
-		const encoder = new TextEncoder();
-		const bytes = encoder.encode(str);
-		let binary = '';
-		for (let i = 0; i < bytes.length; i++) {
-			binary += String.fromCharCode(bytes[i]);
-		}
-		return btoa(binary);
-	}
-
-	/**
-	 * Base64 → 字符串
-	 * @param {string} base64
-	 * @returns {string} 原始 UTF-8 字符串
-	 */
-	static base64ToString(base64) {
-		if (typeof Buffer !== 'undefined') {
-			return Buffer.from(base64, 'base64').toString('utf8');
-		}
-		// 浏览器环境
-		const binary = atob(base64.replace(/[^A-Za-z0-9+/]/g, ''));
-		const bytes = new Uint8Array(binary.length);
-		for (let i = 0; i < binary.length; i++) {
-			bytes[i] = binary.charCodeAt(i);
-		}
-		const decoder = new TextDecoder();
-		return decoder.decode(bytes);
-	}
+export const stringToBase64 = (str) => {
+    if (typeof Buffer !== 'undefined') {
+        return Buffer.from(str, 'utf8').toString('base64');
+    }
+    // 浏览器环境
+    const encoder = new TextEncoder();
+    const bytes = encoder.encode(str);
+    let binary = '';
+    for (let i = 0; i < bytes.length; i++) {
+        binary += String.fromCharCode(bytes[i]);
+    }
+    return btoa(binary);
+}
 
-	/**
-	 * Uint8Array → Base64
-	 * @param {Uint8Array} bytes
-	 * @returns {string}
-	 */
-	static uint8ArrayToBase64(bytes) {
-		if (typeof Buffer !== 'undefined') {
-			return Buffer.from(bytes).toString('base64');
-		}
-		let binary = '';
-		for (let i = 0; i < bytes.length; i++) {
-			binary += String.fromCharCode(bytes[i]);
-		}
-		return btoa(binary);
-	}
+/**
+ * Base64 → 字符串
+ * @param {string} base64
+ * @returns {string} 原始 UTF-8 字符串
+ */
+export const base64ToString = (base64) => {
+    if (typeof Buffer !== 'undefined') {
+        return Buffer.from(base64, 'base64').toString('utf8');
+    }
+    // 浏览器环境
+    const binary = atob(base64.replace(/[^A-Za-z0-9+/]/g, ''));
+    const bytes = new Uint8Array(binary.length);
+    for (let i = 0; i < binary.length; i++) {
+        bytes[i] = binary.charCodeAt(i);
+    }
+    const decoder = new TextDecoder();
+    return decoder.decode(bytes);
+}
 
-	/**
-	 * Base64 → Uint8Array
-	 * @param {string} base64
-	 * @returns {Uint8Array}
-	 */
-	static base64ToUint8Array(base64) {
-		if (typeof Buffer !== 'undefined') {
-			return new Uint8Array(Buffer.from(base64, 'base64'));
-		}
-		const binary = atob(base64.replace(/[^A-Za-z0-9+/]/g, ''));
-		const bytes = new Uint8Array(binary.length);
-		for (let i = 0; i < binary.length; i++) {
-			bytes[i] = binary.charCodeAt(i);
-		}
-		return bytes;
-	}
+/**
+ * Uint8Array → Base64
+ * @param {Uint8Array} bytes
+ * @returns {string}
+ */
+export const uint8ArrayToBase64 = (bytes) => {
+    if (typeof Buffer !== 'undefined') {
+        return Buffer.from(bytes).toString('base64');
+    }
+    let binary = '';
+    for (let i = 0; i < bytes.length; i++) {
+        binary += String.fromCharCode(bytes[i]);
+    }
+    return btoa(binary);
+}
 
-	/**
-	 * Hex 字符串 → Uint8Array
-	 * @param {string} hex - 如 'a1b2c3'
-	 * @returns {Uint8Array}
-	 */
-	static hexToUint8Array(hex) {
-		if (hex.length % 2 !== 0) throw new Error('Invalid hex length');
-		const bytes = new Uint8Array(hex.length / 2);
-		for (let i = 0; i < bytes.length; i++) {
-			bytes[i] = parseInt(hex.substr(i * 2, 2), 16);
-		}
-		return bytes;
-	}
+/**
+ * Base64 → Uint8Array
+ * @param {string} base64
+ * @returns {Uint8Array}
+ */
+export const base64ToUint8Array = (base64) => {
+    if (typeof Buffer !== 'undefined') {
+        return new Uint8Array(Buffer.from(base64, 'base64'));
+    }
+    const binary = atob(base64.replace(/[^A-Za-z0-9+/]/g, ''));
+    const bytes = new Uint8Array(binary.length);
+    for (let i = 0; i < binary.length; i++) {
+        bytes[i] = binary.charCodeAt(i);
+    }
+    return bytes;
+}
 
-	/**
-	 * Uint8Array → 小写 Hex 字符串
-	 * @param {Uint8Array} bytes
-	 * @returns {string}
-	 */
-	static uint8ArrayToHex(bytes) {
-		return Array.from(bytes, byte => byte.toString(16).padStart(2, '0')).join('');
-	}
+/**
+ * Hex 字符串 → Uint8Array
+ * @param {string} hex - 如 'a1b2c3'
+ * @returns {Uint8Array}
+ */
+export const hexToUint8Array = (hex) => {
+    if (hex.length % 2 !== 0) throw new Error('Invalid hex length');
+    const bytes = new Uint8Array(hex.length / 2);
+    for (let i = 0; i < bytes.length; i++) {
+        bytes[i] = parseInt(hex.substr(i * 2, 2), 16);
+    }
+    return bytes;
+}
 
-	/**
-	 * Hex → Base64
-	 * @param {string} hex
-	 * @returns {string}
-	 */
-	static hexToBase64(hex) {
-		const bytes = this.hexToUint8Array(hex);
-		return this.uint8ArrayToBase64(bytes);
-	}
+/**
+ * Uint8Array → 小写 Hex 字符串
+ * @param {Uint8Array} bytes
+ * @returns {string}
+ */
+export const uint8ArrayToHex = (bytes) => {
+    return Array.from(bytes, byte => byte.toString(16).padStart(2, '0')).join('');
+}
 
-	/**
-	 * Base64 → Hex
-	 * @param {string} base64
-	 * @returns {string}
-	 */
-	static base64ToHex(base64) {
-		const bytes = this.base64ToUint8Array(base64);
-		return this.uint8ArrayToHex(bytes);
-	}
+/**
+ * Hex → Base64
+ * @param {string} hex
+ * @returns {string}
+ */
+export const hexToBase64 = (hex) => {
+    const bytes = hexToUint8Array(hex);
+    return uint8ArrayToBase64(bytes);
 }
 
-export default Base64Utils;
+/**
+ * Base64 → Hex
+ * @param {string} base64
+ * @returns {string}
+ */
+export const base64ToHex = (base64) => {
+    const bytes = base64ToUint8Array(base64);
+    return uint8ArrayToHex(bytes);
+}

package/lib/CryptoJS/HttpRequest.js

@@ -4,127 +4,125 @@ import {
 	sm2,
 	sm4
 } from 'sm-crypto';
-import Base64Utils from './Base64Utils.js';
+import {base64ToHex, hexToBase64} from './Base64Utils.js';
 import {md5} from './md5.js';
 import {uuid} from '../uuid.js';
 
-class HttpRequest {
-
-    /**
-     * 创建安全请求基础结构（支持传入部分字段进行覆盖）
-     * @param {Object} request - 可选：包含 appId、data 及其他可覆盖字段
-     * @returns {Object} 完整的 SecureBaseRequest 对象
-     */
-    static createData(request = {}) {
-        const now = Date.now();
-        const defaults = {
-            version: '1.0.0',
-            signType: 'SM2',
-            encType: 'SM4',
-            timestamp: now,
-            nonceStr: uuid(),
-            encData: '',
-            signData: ''
-        };
-
-        return {
-            ...defaults,
-            ...request, // 👈 用传入的 request 覆盖默认值
-        };
-    }
 
-    /**
-     * 1️⃣ 打包安全数据：签名 + 加密
-     * @param request
-     * @param {string} privateKey - 64位十六进制 SM2 私钥
-     * @param {boolean} [useBase64=false] - encData 是否用 Base64 编码（否则为 hex）
-     * @returns {Object} 可直接发送的请求对象（不含 data 字段）
-     */
-    static encryptData(request = {}, privateKey, useBase64 = true) {
-        // 1. 生成签名原文（排除 encData, signData, data）
-        const signSource = objectToSignString(request, 'encData', 'signData', 'data');
-        // 2. SM2 签名（DER 格式，与 Java Bouncy Castle 兼容）
-        const signValueStr = sm2.doSignature(signSource, privateKey, {
-            der: true
-        }).toLowerCase();
-
-        const signValue = useBase64 ? Base64Utils.hexToBase64(signValueStr) : signValueStr;
-        // 3. 生成 SM4 密钥和 IV（通过 MD5）
-        const keyHex = md5_32(signValue); // 32 hex → 16 bytes
-        const ivHex = md5_32(signSource); // 32 hex → 16 bytes
-
-        // 4. 序列化业务数据
-        const dataJson = typeof request.data === 'string' ? request.data : JSON.stringify(request.data);
-
-        // 5. SM4 加密（CBC + PKCS#7）
-        const encDataHex = sm4.encrypt(dataJson, keyHex, {
-            iv: ivHex,
-            mode: 'cbc',
-            padding: 'pkcs#7',
-            cipherType: 1, // hex output
-        });
-
-        // 6. 转换为最终格式（hex 或 base64）
-        const encData = useBase64 ? Base64Utils.hexToBase64(encDataHex) : encDataHex;
-
-        // 7. 返回可传输对象（移除 data）
-        const {
-            data: _,
-            ...transmittable
-        } = {
-            ...request,
-            signData: signValue,
-            encData,
-        };
-        return transmittable;
-    }
+/**
+ * 创建安全请求基础结构（支持传入部分字段进行覆盖）
+ * @param {Object} request - 可选：包含 appId、data 及其他可覆盖字段
+ * @returns {Object} 完整的 SecureBaseRequest 对象
+ */
+export function createSecureData(request = {})  {
+    const now = Date.now();
+    const defaults = {
+        version: '1.0.0',
+        signType: 'SM2',
+        encType: 'SM4',
+        timestamp: now,
+        nonceStr: uuid(),
+        encData: '',
+        signData: ''
+    };
+
+    return {
+        ...defaults,
+        ...request, // 👈 用传入的 request 覆盖默认值
+    };
+}
 
-    /**
-     * 2️⃣ 验证签名（用于调试）
-     * @param {Object} request - 接收到的请求对象（含 signData, encData 等）
-     * @param {string} publicKey - 130位十六进制 SM2 公钥（以 "04" 开头）
-     * @param useBase64
-     * @returns {boolean}
-     */
-    static verifySignData(request, publicKey, useBase64 = true) {
-        const signSource = objectToSignString(request, 'encData', 'signData', 'data');
-        const signatureHex = useBase64 ? Base64Utils.base64ToHex(request.signData) : request.signData;
-        return sm2.doVerifySignature(signSource, signatureHex, publicKey, {
-            der: true
-        }) // 验签结果
+/**
+ * 1️⃣ 打包安全数据：签名 + 加密
+ * @param request
+ * @param {string} privateKey - 64位十六进制 SM2 私钥
+ * @param {boolean} [useBase64=false] - encData 是否用 Base64 编码（否则为 hex）
+ * @returns {Object} 可直接发送的请求对象（不含 data 字段）
+ */
+export function encryptSecureData(request = {}, privateKey, useBase64 = true)  {
+    // 1. 生成签名原文（排除 encData, signData, data）
+    const signSource = objectToSignString(request, 'encData', 'signData', 'data');
+    // 2. SM2 签名（DER 格式，与 Java Bouncy Castle 兼容）
+    const signValueStr = sm2.doSignature(signSource, privateKey, {
+        der: true
+    }).toLowerCase();
+
+    const signValue = useBase64 ? hexToBase64(signValueStr) : signValueStr;
+    // 3. 生成 SM4 密钥和 IV（通过 MD5）
+    const keyHex = md5_32(signValue); // 32 hex → 16 bytes
+    const ivHex = md5_32(signSource); // 32 hex → 16 bytes
+
+    // 4. 序列化业务数据
+    const dataJson = typeof request.data === 'string' ? request.data : JSON.stringify(request.data);
+
+    // 5. SM4 加密（CBC + PKCS#7）
+    const encDataHex = sm4.encrypt(dataJson, keyHex, {
+        iv: ivHex,
+        mode: 'cbc',
+        padding: 'pkcs#7',
+        cipherType: 1, // hex output
+    });
+
+    // 6. 转换为最终格式（hex 或 base64）
+    const encData = useBase64 ? hexToBase64(encDataHex) : encDataHex;
+
+    // 7. 返回可传输对象（移除 data）
+    const {
+        data: _,
+        ...transmittable
+    } = {
+        ...request,
+        signData: signValue,
+        encData,
+    };
+    return transmittable;
+}
 
-    }
+/**
+ * 2️⃣ 验证签名（用于调试）
+ * @param {Object} request - 接收到的请求对象（含 signData, encData 等）
+ * @param {string} publicKey - 130位十六进制 SM2 公钥（以 "04" 开头）
+ * @param useBase64
+ * @returns {boolean}
+ */
+export function verifySecureSign(request, publicKey, useBase64 = true) {
+    const signSource = objectToSignString(request, 'encData', 'signData', 'data');
+    const signatureHex = useBase64 ? base64ToHex(request.signData) : request.signData;
+    return sm2.doVerifySignature(signSource, signatureHex, publicKey, {
+        der: true
+    }) // 验签结果
 
-    /**
-     * 3️⃣ 解包安全数据：解密并返回原始 data
-     * @param {Object} request - 接收到的请求对象
-     * @param {string} privateKey - 64位十六进制 SM2 私钥（用于重算 key/iv）
-     * @param {boolean} [useBase64=false] - encData 是否为 Base64 编码
-     * @returns {any} 原始 data（自动 JSON.parse，若失败则返回字符串）
-     */
-    static decryptData(request, privateKey, useBase64 = true) {
-        // 1. 重算签名原文（用于生成 key/iv）
-        const signSource = objectToSignString(request, 'encData', 'signData', 'data');
-        const lvHax = md5_32(signSource);
-        const keyHax = md5_32(request.signData);
-
-        // 3. 处理 encData（base64 → hex）
-
-        const encDataHex = useBase64 ? Base64Utils.base64ToHex(request.encData) : request.encData;
-
-        // 4. SM4 解密
-        const decrypted = sm4.decrypt(encDataHex, keyHax, {
-            iv: lvHax,
-            mode: 'cbc',
-            padding: 'pkcs#7',
-            cipherType: 1, // input is hex
-        });
-        // 5. 尝试解析 JSON
-        try {
-            return JSON.parse(decrypted);
-        } catch (e) {
-            return decrypted; // 原始字符串
-        }
+}
+
+/**
+ * 3️⃣ 解包安全数据：解密并返回原始 data
+ * @param {Object} request - 接收到的请求对象
+ * @param {string} privateKey - 64位十六进制 SM2 私钥（用于重算 key/iv）
+ * @param {boolean} [useBase64=false] - encData 是否为 Base64 编码
+ * @returns {any} 原始 data（自动 JSON.parse，若失败则返回字符串）
+ */
+export function decryptSecureData(request, privateKey, useBase64 = true) {
+    // 1. 重算签名原文（用于生成 key/iv）
+    const signSource = objectToSignString(request, 'encData', 'signData', 'data');
+    const lvHax = md5_32(signSource);
+    const keyHax = md5_32(request.signData);
+
+    // 3. 处理 encData（base64 → hex）
+
+    const encDataHex = useBase64 ? base64ToHex(request.encData) : request.encData;
+
+    // 4. SM4 解密
+    const decrypted = sm4.decrypt(encDataHex, keyHax, {
+        iv: lvHax,
+        mode: 'cbc',
+        padding: 'pkcs#7',
+        cipherType: 1, // input is hex
+    });
+    // 5. 尝试解析 JSON
+    try {
+        return JSON.parse(decrypted);
+    } catch (e) {
+        return decrypted; // 原始字符串
     }
 }
 
@@ -147,4 +145,3 @@ function objectToSignString(obj, ...excludeFields) {
 function md5_32(str) {
 	return md5(str);
 }
-export default HttpRequest;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dream-common",
-  "version": "1.1.39",
+  "version": "1.1.41",
   "description": "",
   "main": "index.js",
   "scripts": {