npm - liangzimixin - Versions diffs - 0.3.45 → 0.3.47 - Mend

liangzimixin 0.3.45 → 0.3.47

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/dist/index.cjs CHANGED Viewed

@@ -2233,7 +2233,7 @@ var require_websocket = __commonJS({
     var http = require("http");
     var net = require("net");
     var tls = require("tls");
-    var { randomBytes: randomBytes3, createHash: createHash2 } = require("crypto");
+    var { randomBytes: randomBytes4, createHash: createHash3 } = require("crypto");
     var { Duplex, Readable } = require("stream");
     var { URL: URL2 } = require("url");
     var PerMessageDeflate2 = require_permessage_deflate();
@@ -2763,7 +2763,7 @@ var require_websocket = __commonJS({
         }
       }
       const defaultPort = isSecure ? 443 : 80;
-      const key = randomBytes3(16).toString("base64");
+      const key = randomBytes4(16).toString("base64");
       const request = isSecure ? https.request : http.request;
       const protocolSet = /* @__PURE__ */ new Set();
       let perMessageDeflate;
@@ -2893,7 +2893,7 @@ var require_websocket = __commonJS({
           abortHandshake(websocket, socket, "Invalid Upgrade header");
           return;
         }
-        const digest = createHash2("sha1").update(key + GUID).digest("base64");
+        const digest = createHash3("sha1").update(key + GUID).digest("base64");
         if (res.headers["sec-websocket-accept"] !== digest) {
           abortHandshake(websocket, socket, "Invalid Sec-WebSocket-Accept header");
           return;
@@ -3260,7 +3260,7 @@ var require_websocket_server = __commonJS({
     var EventEmitter2 = require("events");
     var http = require("http");
     var { Duplex } = require("stream");
-    var { createHash: createHash2 } = require("crypto");
+    var { createHash: createHash3 } = require("crypto");
     var extension2 = require_extension();
     var PerMessageDeflate2 = require_permessage_deflate();
     var subprotocol2 = require_subprotocol();
@@ -3561,7 +3561,7 @@ var require_websocket_server = __commonJS({
           );
         }
         if (this._state > RUNNING) return abortHandshake(socket, 503);
-        const digest = createHash2("sha1").update(key + GUID).digest("base64");
+        const digest = createHash3("sha1").update(key + GUID).digest("base64");
         const headers = [
           "HTTP/1.1 101 Switching Protocols",
           "Upgrade: websocket",
@@ -17836,8 +17836,8 @@ async function uploadMedia(params) {
     const { readFile: readFile3 } = await import("fs/promises");
     buffer = await readFile3(file2);
   }
-  const { createHash: createHash2 } = await import("crypto");
-  const fileHash = createHash2("md5").update(buffer).digest("hex");
+  const { createHash: createHash3 } = await import("crypto");
+  const fileHash = createHash3("md5").update(buffer).digest("hex");
   log2.debug("upload:fileHash", { fileName, fileHash });
   const maxBytes = maxFileSizeMb * 1024 * 1024;
   if (buffer.length > maxBytes) {
@@ -18017,6 +18017,65 @@ function inferMimeType(fileName) {
   const ext = path.extname(fileName).toLowerCase();
   return MIME_MAP[ext] || "application/octet-stream";
 }
+function getImageDimensions(buffer) {
+  try {
+    if (buffer.length < 24) return void 0;
+    if (buffer[0] === 137 && buffer[1] === 80 && buffer[2] === 78 && buffer[3] === 71) {
+      return {
+        width: buffer.readUInt32BE(16),
+        height: buffer.readUInt32BE(20)
+      };
+    }
+    if (buffer[0] === 71 && buffer[1] === 73 && buffer[2] === 70) {
+      return {
+        width: buffer.readUInt16LE(6),
+        height: buffer.readUInt16LE(8)
+      };
+    }
+    if (buffer[0] === 66 && buffer[1] === 77 && buffer.length >= 26) {
+      return {
+        width: buffer.readInt32LE(18),
+        height: Math.abs(buffer.readInt32LE(22))
+      };
+    }
+    if (buffer[0] === 82 && buffer[1] === 73 && buffer[8] === 87 && buffer[9] === 69) {
+      if (buffer[12] === 86 && buffer[13] === 80 && buffer[14] === 56 && buffer[15] === 32) {
+        if (buffer.length >= 30) {
+          return {
+            width: buffer.readUInt16LE(26) & 16383,
+            height: buffer.readUInt16LE(28) & 16383
+          };
+        }
+      }
+      if (buffer[12] === 86 && buffer[13] === 80 && buffer[14] === 56 && buffer[15] === 76) {
+        if (buffer.length >= 25) {
+          const bits = buffer.readUInt32LE(21);
+          return {
+            width: (bits & 16383) + 1,
+            height: (bits >> 14 & 16383) + 1
+          };
+        }
+      }
+    }
+    if (buffer[0] === 255 && buffer[1] === 216) {
+      let offset = 2;
+      while (offset < buffer.length - 8) {
+        if (buffer[offset] !== 255) break;
+        const marker = buffer[offset + 1];
+        if (marker >= 192 && marker <= 195 || marker >= 197 && marker <= 199 || marker >= 201 && marker <= 203 || marker >= 205 && marker <= 207) {
+          return {
+            height: buffer.readUInt16BE(offset + 5),
+            width: buffer.readUInt16BE(offset + 7)
+          };
+        }
+        const segLen = buffer.readUInt16BE(offset + 2);
+        offset += 2 + segLen;
+      }
+    }
+  } catch {
+  }
+  return void 0;
+}
 async function resolveAndUploadMedia(params) {
   const {
     mediaUrl,
@@ -18067,7 +18126,26 @@ async function resolveAndUploadMedia(params) {
     }
     const fileType = detectFileType(fileName);
     const mimeType = inferMimeType(fileName);
-    log3.info("media:fileType", { fileName, fileType, mimeType });
+    const ext = path.extname(fileName).replace(".", "").toLowerCase();
+    let imageDimensions;
+    if (fileType === "image") {
+      imageDimensions = getImageDimensions(buffer);
+      log3.info("media:imageDimensions", { fileName, ...imageDimensions });
+    }
+    log3.info("media:fileType", { fileName, fileType, mimeType, ext });
+    let encryptionMeta;
+    if (!params.skipEncrypt) {
+      try {
+        const originalSize = buffer.length;
+        const result = await messagePipe.encryptFile(buffer);
+        buffer = result.encryptedBuffer;
+        encryptionMeta = { keyId: result.keyId, iv: result.iv };
+        log3.info("media:encrypted", { fileName, originalSize, encryptedSize: buffer.length });
+      } catch (err) {
+        log3.error("media:encrypt failed", { fileName, error: err.message });
+        throw err;
+      }
+    }
     let uploadResult;
     try {
       uploadResult = await uploadMedia({
@@ -18092,11 +18170,17 @@ async function resolveAndUploadMedia(params) {
     const msgType = fileType;
     let contentPayload;
     if (fileType === "file") {
-      contentPayload = { fileId: uploadResult.fileKey, fileName, size: uploadResult.fileSize, mimeType };
+      contentPayload = { fileId: uploadResult.fileKey, fileName, size: uploadResult.fileSize, ext };
     } else if (fileType === "image") {
-      contentPayload = { fileId: uploadResult.fileKey };
+      contentPayload = {
+        fileId: uploadResult.fileKey,
+        width: imageDimensions?.width ?? 0,
+        height: imageDimensions?.height ?? 0,
+        altText: fileName,
+        ext
+      };
     } else {
-      contentPayload = { fileId: uploadResult.fileKey, mimeType };
+      contentPayload = { fileId: uploadResult.fileKey, ext };
     }
     await messagePipe.sendMessage({
       chatId,
@@ -18104,12 +18188,15 @@ async function resolveAndUploadMedia(params) {
       // 私聊场景: chatId 即为用户 ID
       msgType,
       content: JSON.stringify(contentPayload),
-      skipEncrypt: params.skipEncrypt
+      skipEncrypt: params.skipEncrypt,
+      encryptionMeta
+      // 文件加密的 keyId/iv → sendMessage 用于构建 extra
     });
     log3.info("media:sent", {
       chatId,
       fileId: uploadResult.fileKey,
-      msgType
+      msgType,
+      encrypted: Boolean(encryptionMeta)
     });
     return {
       channel: CHANNEL_ID,
@@ -20055,7 +20142,7 @@ var MessageDedup = class {
 // src/transport/message-pipe.ts
 var import_node_crypto3 = require("crypto");
 var log21 = createLogger("transport/message-pipe");
-var MessagePipe = class {
+var MessagePipe = class _MessagePipe {
   wsClient;
   dedup;
   crypto;
@@ -20097,6 +20184,74 @@ var MessagePipe = class {
   async injectRawFrame(rawData) {
     return this.handleInbound(rawData);
   }
+  /**
+   * 加密文件 Buffer — 按 10MB 分片加密，返回加密后的 Buffer + 密钥信息。
+   * 用于文件上传前的加密处理。
+   *
+   * 如果 CryptoEngine 为透传模式，直接返回原始 buffer。
+   *
+   * @param buffer - 原始文件 Buffer
+   * @returns { encryptedBuffer, keyId, iv } — 加密后的 buffer + 密钥标识 + 初始化向量
+   */
+  async encryptFile(buffer) {
+    const iv = (0, import_node_crypto3.randomBytes)(8).toString("hex");
+    const chunkSize = 10 * 1024 * 1024;
+    const totalChunks = Math.ceil(buffer.length / chunkSize);
+    let keyId = "";
+    let sessionKey = "";
+    let fillKey = "";
+    const encryptedChunks = [];
+    for (let i = 0; i < totalChunks; i++) {
+      const start = i * chunkSize;
+      const end = Math.min(start + chunkSize, buffer.length);
+      const chunk = buffer.subarray(start, end);
+      const options = keyId ? { keyId, sessionKey, fillKey } : void 0;
+      const result = await this.crypto.encryptFileChunk(chunk, iv, options);
+      encryptedChunks.push(result.fileBuffer);
+      keyId = result.keyId;
+      sessionKey = result.sessionKey;
+      fillKey = result.fillKey;
+      log21.debug("\u{1F512} \u6587\u4EF6\u5206\u7247\u52A0\u5BC6", {
+        chunk: `${i + 1}/${totalChunks}`,
+        originalSize: chunk.length,
+        encryptedSize: result.fileBuffer.length,
+        keyId
+      });
+    }
+    const encryptedBuffer = Buffer.concat(encryptedChunks);
+    log21.info("\u{1F512} \u6587\u4EF6\u52A0\u5BC6\u5B8C\u6210", {
+      originalSize: buffer.length,
+      encryptedSize: encryptedBuffer.length,
+      totalChunks,
+      keyId
+    });
+    return { encryptedBuffer, keyId, iv };
+  }
+  /** 文件类消息类型集合 — 这些类型的加密消息保留原始 content（文件元数据） */
+  static FILE_MSG_TYPES = /* @__PURE__ */ new Set(["image", "file", "voice", "video"]);
+  /**
+   * 构建文件类加密消息的 extra — 完整模板格式。
+   * 文件消息不加密 content（需要保留 fileId 等元数据），只在 extra 中携带会话信息。
+   */
+  static buildFileEncryptExtra(iv, keyId) {
+    return JSON.stringify({
+      containSensitive: false,
+      cryptoIv: iv,
+      decryptText: "",
+      decrypted: false,
+      destroyType: 0,
+      encryptMsg: "",
+      expireAt: null,
+      level: 0,
+      newDestroy: 1,
+      phone: "",
+      receiveShowTip: false,
+      receiveTip: "",
+      sessionId: keyId,
+      showTip: false,
+      tip: ""
+    });
+  }
   /**
    * 出站发送 — 通过 HTTP API 发送消息到 IM 服务器。
    * POST {messageServiceBaseUrl}/messages/v1/send
@@ -20105,22 +20260,28 @@ var MessagePipe = class {
    * 加密行为取决于 encryptionMode:
    * - quantum_only:      强制加密，失败直接抛错（不降级明文）
    * - quantum_and_plain:  加密失败降级明文（保持兼容）
+   *
+   * 文件类消息 (image/file/voice/video):
+   * - content 保留原始文件元数据（fileId、fileName、size 等）
+   * - extra 使用完整模板格式，encryptMsg 为空
+   *
+   * 文本类消息 (text/markdown):
+   * - content 加密后置空，密文放入 extra.encryptMsg
    */
   async sendMessage(msg) {
     let content = msg.content;
     let extra = "";
+    const isFileMessage = _MessagePipe.FILE_MSG_TYPES.has(msg.msgType);
     if (!msg.skipEncrypt && this.quantumAccount) {
       if (this.encryptionMode === "quantum_only") {
-        const { ciphertext, keyId, iv } = await this.crypto.encrypt(msg.content);
-        extra = JSON.stringify({
-          cryptoIv: iv,
-          encryptMsg: ciphertext,
-          sessionId: keyId
-        });
-        content = JSON.stringify({ content: "" });
-        log21.debug("\u{1F512} \u51FA\u7AD9\u6D88\u606F\u5DF2\u52A0\u5BC6 (quantum_only)", { sessionId: keyId });
-      } else {
-        try {
+        if (isFileMessage && msg.encryptionMeta) {
+          extra = _MessagePipe.buildFileEncryptExtra(msg.encryptionMeta.iv, msg.encryptionMeta.keyId);
+          log21.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_only)", { sessionId: msg.encryptionMeta.keyId, msgType: msg.msgType });
+        } else if (isFileMessage) {
+          const { keyId, iv } = await this.crypto.encrypt(msg.content);
+          extra = _MessagePipe.buildFileEncryptExtra(iv, keyId);
+          log21.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_only, fallback)", { sessionId: keyId, msgType: msg.msgType });
+        } else {
           const { ciphertext, keyId, iv } = await this.crypto.encrypt(msg.content);
           extra = JSON.stringify({
             cryptoIv: iv,
@@ -20128,7 +20289,27 @@ var MessagePipe = class {
             sessionId: keyId
           });
           content = JSON.stringify({ content: "" });
-          log21.debug("\u{1F512} \u51FA\u7AD9\u6D88\u606F\u5DF2\u52A0\u5BC6 (quantum_and_plain)", { sessionId: keyId });
+          log21.debug("\u{1F512} \u51FA\u7AD9\u6D88\u606F\u5DF2\u52A0\u5BC6 (quantum_only)", { sessionId: keyId });
+        }
+      } else {
+        try {
+          if (isFileMessage && msg.encryptionMeta) {
+            extra = _MessagePipe.buildFileEncryptExtra(msg.encryptionMeta.iv, msg.encryptionMeta.keyId);
+            log21.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_and_plain)", { sessionId: msg.encryptionMeta.keyId, msgType: msg.msgType });
+          } else if (isFileMessage) {
+            const { keyId, iv } = await this.crypto.encrypt(msg.content);
+            extra = _MessagePipe.buildFileEncryptExtra(iv, keyId);
+            log21.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_and_plain, fallback)", { sessionId: keyId, msgType: msg.msgType });
+          } else {
+            const { ciphertext, keyId, iv } = await this.crypto.encrypt(msg.content);
+            extra = JSON.stringify({
+              cryptoIv: iv,
+              encryptMsg: ciphertext,
+              sessionId: keyId
+            });
+            content = JSON.stringify({ content: "" });
+            log21.debug("\u{1F512} \u51FA\u7AD9\u6D88\u606F\u5DF2\u52A0\u5BC6 (quantum_and_plain)", { sessionId: keyId });
+          }
         } catch (err) {
           log21.error("\u274C \u51FA\u7AD9\u6D88\u606F\u52A0\u5BC6\u5931\u8D25\uFF0C\u5C06\u53D1\u9001\u660E\u6587", {
             error: err.message
@@ -20150,13 +20331,11 @@ var MessagePipe = class {
     }
     const result = await this.callMessageApi("/messages/v1/send", body, "outbound");
     if (!result) return;
-    log21.info("outbound:sent \u2192 IM \u670D\u52A1\u5668", {
+    log21.info("\u{1F4E4} outbound:sent \u2192 IM \u670D\u52A1\u5668", {
       chatId: msg.chatId,
-      receiveId: msg.senderId,
-      msgType: msg.msgType,
       encrypted: Boolean(extra),
-      contentPreview: extra ? "[encrypted]" : msg.content.slice(0, 200),
-      requestId: result.request_id
+      requestId: result.request_id,
+      body
     });
   }
   /**

package/dist/index.d.cts CHANGED Viewed

@@ -191,6 +191,11 @@ interface OutboundMessage {
     replyToMessageId?: string;
     /** 跳过出站加密 — 用于"思考中"等无需加密的系统提示消息 */
     skipEncrypt?: boolean;
+    /** 文件加密元数据 — 文件已在上传前加密时传入，sendMessage 直接使用此 keyId/iv 构建 extra */
+    encryptionMeta?: {
+        keyId: string;
+        iv: string;
+    };
 }
 /**
  * 加密策略枚举 — 根据消息类型选择不同的加密等级
@@ -786,6 +791,27 @@ declare class MessagePipe {
      * TODO: 验证通过后移除此方法
      */
     injectRawFrame(rawData: string | Buffer): Promise<void>;
+    /**
+     * 加密文件 Buffer — 按 10MB 分片加密，返回加密后的 Buffer + 密钥信息。
+     * 用于文件上传前的加密处理。
+     *
+     * 如果 CryptoEngine 为透传模式，直接返回原始 buffer。
+     *
+     * @param buffer - 原始文件 Buffer
+     * @returns { encryptedBuffer, keyId, iv } — 加密后的 buffer + 密钥标识 + 初始化向量
+     */
+    encryptFile(buffer: Buffer): Promise<{
+        encryptedBuffer: Buffer;
+        keyId: string;
+        iv: string;
+    }>;
+    /** 文件类消息类型集合 — 这些类型的加密消息保留原始 content（文件元数据） */
+    private static readonly FILE_MSG_TYPES;
+    /**
+     * 构建文件类加密消息的 extra — 完整模板格式。
+     * 文件消息不加密 content（需要保留 fileId 等元数据），只在 extra 中携带会话信息。
+     */
+    private static buildFileEncryptExtra;
     /**
      * 出站发送 — 通过 HTTP API 发送消息到 IM 服务器。
      * POST {messageServiceBaseUrl}/messages/v1/send
@@ -794,6 +820,13 @@ declare class MessagePipe {
      * 加密行为取决于 encryptionMode:
      * - quantum_only:      强制加密，失败直接抛错（不降级明文）
      * - quantum_and_plain:  加密失败降级明文（保持兼容）
+     *
+     * 文件类消息 (image/file/voice/video):
+     * - content 保留原始文件元数据（fileId、fileName、size 等）
+     * - extra 使用完整模板格式，encryptMsg 为空
+     *
+     * 文本类消息 (text/markdown):
+     * - content 加密后置空，密文放入 extra.encryptMsg
      */
     sendMessage(msg: OutboundMessage): Promise<void>;
     /**

package/dist/setup-entry.cjs CHANGED Viewed

@@ -2233,7 +2233,7 @@ var require_websocket = __commonJS({
     var http = require("http");
     var net = require("net");
     var tls = require("tls");
-    var { randomBytes: randomBytes3, createHash: createHash2 } = require("crypto");
+    var { randomBytes: randomBytes4, createHash: createHash3 } = require("crypto");
     var { Duplex, Readable } = require("stream");
     var { URL: URL2 } = require("url");
     var PerMessageDeflate2 = require_permessage_deflate();
@@ -2763,7 +2763,7 @@ var require_websocket = __commonJS({
         }
       }
       const defaultPort = isSecure ? 443 : 80;
-      const key = randomBytes3(16).toString("base64");
+      const key = randomBytes4(16).toString("base64");
       const request = isSecure ? https.request : http.request;
       const protocolSet = /* @__PURE__ */ new Set();
       let perMessageDeflate;
@@ -2893,7 +2893,7 @@ var require_websocket = __commonJS({
           abortHandshake(websocket, socket, "Invalid Upgrade header");
           return;
         }
-        const digest = createHash2("sha1").update(key + GUID).digest("base64");
+        const digest = createHash3("sha1").update(key + GUID).digest("base64");
         if (res.headers["sec-websocket-accept"] !== digest) {
           abortHandshake(websocket, socket, "Invalid Sec-WebSocket-Accept header");
           return;
@@ -3260,7 +3260,7 @@ var require_websocket_server = __commonJS({
     var EventEmitter2 = require("events");
     var http = require("http");
     var { Duplex } = require("stream");
-    var { createHash: createHash2 } = require("crypto");
+    var { createHash: createHash3 } = require("crypto");
     var extension2 = require_extension();
     var PerMessageDeflate2 = require_permessage_deflate();
     var subprotocol2 = require_subprotocol();
@@ -3561,7 +3561,7 @@ var require_websocket_server = __commonJS({
           );
         }
         if (this._state > RUNNING) return abortHandshake(socket, 503);
-        const digest = createHash2("sha1").update(key + GUID).digest("base64");
+        const digest = createHash3("sha1").update(key + GUID).digest("base64");
         const headers = [
           "HTTP/1.1 101 Switching Protocols",
           "Upgrade: websocket",
@@ -3928,8 +3928,8 @@ async function uploadMedia(params) {
     const { readFile: readFile3 } = await import("fs/promises");
     buffer = await readFile3(file2);
   }
-  const { createHash: createHash2 } = await import("crypto");
-  const fileHash = createHash2("md5").update(buffer).digest("hex");
+  const { createHash: createHash3 } = await import("crypto");
+  const fileHash = createHash3("md5").update(buffer).digest("hex");
   log2.debug("upload:fileHash", { fileName, fileHash });
   const maxBytes = maxFileSizeMb * 1024 * 1024;
   if (buffer.length > maxBytes) {
@@ -4109,6 +4109,65 @@ function inferMimeType(fileName) {
   const ext = path.extname(fileName).toLowerCase();
   return MIME_MAP[ext] || "application/octet-stream";
 }
+function getImageDimensions(buffer) {
+  try {
+    if (buffer.length < 24) return void 0;
+    if (buffer[0] === 137 && buffer[1] === 80 && buffer[2] === 78 && buffer[3] === 71) {
+      return {
+        width: buffer.readUInt32BE(16),
+        height: buffer.readUInt32BE(20)
+      };
+    }
+    if (buffer[0] === 71 && buffer[1] === 73 && buffer[2] === 70) {
+      return {
+        width: buffer.readUInt16LE(6),
+        height: buffer.readUInt16LE(8)
+      };
+    }
+    if (buffer[0] === 66 && buffer[1] === 77 && buffer.length >= 26) {
+      return {
+        width: buffer.readInt32LE(18),
+        height: Math.abs(buffer.readInt32LE(22))
+      };
+    }
+    if (buffer[0] === 82 && buffer[1] === 73 && buffer[8] === 87 && buffer[9] === 69) {
+      if (buffer[12] === 86 && buffer[13] === 80 && buffer[14] === 56 && buffer[15] === 32) {
+        if (buffer.length >= 30) {
+          return {
+            width: buffer.readUInt16LE(26) & 16383,
+            height: buffer.readUInt16LE(28) & 16383
+          };
+        }
+      }
+      if (buffer[12] === 86 && buffer[13] === 80 && buffer[14] === 56 && buffer[15] === 76) {
+        if (buffer.length >= 25) {
+          const bits = buffer.readUInt32LE(21);
+          return {
+            width: (bits & 16383) + 1,
+            height: (bits >> 14 & 16383) + 1
+          };
+        }
+      }
+    }
+    if (buffer[0] === 255 && buffer[1] === 216) {
+      let offset = 2;
+      while (offset < buffer.length - 8) {
+        if (buffer[offset] !== 255) break;
+        const marker = buffer[offset + 1];
+        if (marker >= 192 && marker <= 195 || marker >= 197 && marker <= 199 || marker >= 201 && marker <= 203 || marker >= 205 && marker <= 207) {
+          return {
+            height: buffer.readUInt16BE(offset + 5),
+            width: buffer.readUInt16BE(offset + 7)
+          };
+        }
+        const segLen = buffer.readUInt16BE(offset + 2);
+        offset += 2 + segLen;
+      }
+    }
+  } catch {
+  }
+  return void 0;
+}
 async function resolveAndUploadMedia(params) {
   const {
     mediaUrl,
@@ -4159,7 +4218,26 @@ async function resolveAndUploadMedia(params) {
     }
     const fileType = detectFileType(fileName);
     const mimeType = inferMimeType(fileName);
-    log3.info("media:fileType", { fileName, fileType, mimeType });
+    const ext = path.extname(fileName).replace(".", "").toLowerCase();
+    let imageDimensions;
+    if (fileType === "image") {
+      imageDimensions = getImageDimensions(buffer);
+      log3.info("media:imageDimensions", { fileName, ...imageDimensions });
+    }
+    log3.info("media:fileType", { fileName, fileType, mimeType, ext });
+    let encryptionMeta;
+    if (!params.skipEncrypt) {
+      try {
+        const originalSize = buffer.length;
+        const result = await messagePipe.encryptFile(buffer);
+        buffer = result.encryptedBuffer;
+        encryptionMeta = { keyId: result.keyId, iv: result.iv };
+        log3.info("media:encrypted", { fileName, originalSize, encryptedSize: buffer.length });
+      } catch (err) {
+        log3.error("media:encrypt failed", { fileName, error: err.message });
+        throw err;
+      }
+    }
     let uploadResult;
     try {
       uploadResult = await uploadMedia({
@@ -4184,11 +4262,17 @@ async function resolveAndUploadMedia(params) {
     const msgType = fileType;
     let contentPayload;
     if (fileType === "file") {
-      contentPayload = { fileId: uploadResult.fileKey, fileName, size: uploadResult.fileSize, mimeType };
+      contentPayload = { fileId: uploadResult.fileKey, fileName, size: uploadResult.fileSize, ext };
     } else if (fileType === "image") {
-      contentPayload = { fileId: uploadResult.fileKey };
+      contentPayload = {
+        fileId: uploadResult.fileKey,
+        width: imageDimensions?.width ?? 0,
+        height: imageDimensions?.height ?? 0,
+        altText: fileName,
+        ext
+      };
     } else {
-      contentPayload = { fileId: uploadResult.fileKey, mimeType };
+      contentPayload = { fileId: uploadResult.fileKey, ext };
     }
     await messagePipe.sendMessage({
       chatId,
@@ -4196,12 +4280,15 @@ async function resolveAndUploadMedia(params) {
       // 私聊场景: chatId 即为用户 ID
       msgType,
       content: JSON.stringify(contentPayload),
-      skipEncrypt: params.skipEncrypt
+      skipEncrypt: params.skipEncrypt,
+      encryptionMeta
+      // 文件加密的 keyId/iv → sendMessage 用于构建 extra
     });
     log3.info("media:sent", {
       chatId,
       fileId: uploadResult.fileKey,
-      msgType
+      msgType,
+      encrypted: Boolean(encryptionMeta)
     });
     return {
       channel: CHANNEL_ID,
@@ -19099,7 +19186,7 @@ var MessageDedup = class {
 // src/transport/message-pipe.ts
 var import_node_crypto3 = require("crypto");
 var log12 = createLogger("transport/message-pipe");
-var MessagePipe = class {
+var MessagePipe = class _MessagePipe {
   wsClient;
   dedup;
   crypto;
@@ -19141,6 +19228,74 @@ var MessagePipe = class {
   async injectRawFrame(rawData) {
     return this.handleInbound(rawData);
   }
+  /**
+   * 加密文件 Buffer — 按 10MB 分片加密，返回加密后的 Buffer + 密钥信息。
+   * 用于文件上传前的加密处理。
+   *
+   * 如果 CryptoEngine 为透传模式，直接返回原始 buffer。
+   *
+   * @param buffer - 原始文件 Buffer
+   * @returns { encryptedBuffer, keyId, iv } — 加密后的 buffer + 密钥标识 + 初始化向量
+   */
+  async encryptFile(buffer) {
+    const iv = (0, import_node_crypto3.randomBytes)(8).toString("hex");
+    const chunkSize = 10 * 1024 * 1024;
+    const totalChunks = Math.ceil(buffer.length / chunkSize);
+    let keyId = "";
+    let sessionKey = "";
+    let fillKey = "";
+    const encryptedChunks = [];
+    for (let i = 0; i < totalChunks; i++) {
+      const start = i * chunkSize;
+      const end = Math.min(start + chunkSize, buffer.length);
+      const chunk = buffer.subarray(start, end);
+      const options = keyId ? { keyId, sessionKey, fillKey } : void 0;
+      const result = await this.crypto.encryptFileChunk(chunk, iv, options);
+      encryptedChunks.push(result.fileBuffer);
+      keyId = result.keyId;
+      sessionKey = result.sessionKey;
+      fillKey = result.fillKey;
+      log12.debug("\u{1F512} \u6587\u4EF6\u5206\u7247\u52A0\u5BC6", {
+        chunk: `${i + 1}/${totalChunks}`,
+        originalSize: chunk.length,
+        encryptedSize: result.fileBuffer.length,
+        keyId
+      });
+    }
+    const encryptedBuffer = Buffer.concat(encryptedChunks);
+    log12.info("\u{1F512} \u6587\u4EF6\u52A0\u5BC6\u5B8C\u6210", {
+      originalSize: buffer.length,
+      encryptedSize: encryptedBuffer.length,
+      totalChunks,
+      keyId
+    });
+    return { encryptedBuffer, keyId, iv };
+  }
+  /** 文件类消息类型集合 — 这些类型的加密消息保留原始 content（文件元数据） */
+  static FILE_MSG_TYPES = /* @__PURE__ */ new Set(["image", "file", "voice", "video"]);
+  /**
+   * 构建文件类加密消息的 extra — 完整模板格式。
+   * 文件消息不加密 content（需要保留 fileId 等元数据），只在 extra 中携带会话信息。
+   */
+  static buildFileEncryptExtra(iv, keyId) {
+    return JSON.stringify({
+      containSensitive: false,
+      cryptoIv: iv,
+      decryptText: "",
+      decrypted: false,
+      destroyType: 0,
+      encryptMsg: "",
+      expireAt: null,
+      level: 0,
+      newDestroy: 1,
+      phone: "",
+      receiveShowTip: false,
+      receiveTip: "",
+      sessionId: keyId,
+      showTip: false,
+      tip: ""
+    });
+  }
   /**
    * 出站发送 — 通过 HTTP API 发送消息到 IM 服务器。
    * POST {messageServiceBaseUrl}/messages/v1/send
@@ -19149,22 +19304,28 @@ var MessagePipe = class {
    * 加密行为取决于 encryptionMode:
    * - quantum_only:      强制加密，失败直接抛错（不降级明文）
    * - quantum_and_plain:  加密失败降级明文（保持兼容）
+   *
+   * 文件类消息 (image/file/voice/video):
+   * - content 保留原始文件元数据（fileId、fileName、size 等）
+   * - extra 使用完整模板格式，encryptMsg 为空
+   *
+   * 文本类消息 (text/markdown):
+   * - content 加密后置空，密文放入 extra.encryptMsg
    */
   async sendMessage(msg) {
     let content = msg.content;
     let extra = "";
+    const isFileMessage = _MessagePipe.FILE_MSG_TYPES.has(msg.msgType);
     if (!msg.skipEncrypt && this.quantumAccount) {
       if (this.encryptionMode === "quantum_only") {
-        const { ciphertext, keyId, iv } = await this.crypto.encrypt(msg.content);
-        extra = JSON.stringify({
-          cryptoIv: iv,
-          encryptMsg: ciphertext,
-          sessionId: keyId
-        });
-        content = JSON.stringify({ content: "" });
-        log12.debug("\u{1F512} \u51FA\u7AD9\u6D88\u606F\u5DF2\u52A0\u5BC6 (quantum_only)", { sessionId: keyId });
-      } else {
-        try {
+        if (isFileMessage && msg.encryptionMeta) {
+          extra = _MessagePipe.buildFileEncryptExtra(msg.encryptionMeta.iv, msg.encryptionMeta.keyId);
+          log12.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_only)", { sessionId: msg.encryptionMeta.keyId, msgType: msg.msgType });
+        } else if (isFileMessage) {
+          const { keyId, iv } = await this.crypto.encrypt(msg.content);
+          extra = _MessagePipe.buildFileEncryptExtra(iv, keyId);
+          log12.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_only, fallback)", { sessionId: keyId, msgType: msg.msgType });
+        } else {
           const { ciphertext, keyId, iv } = await this.crypto.encrypt(msg.content);
           extra = JSON.stringify({
             cryptoIv: iv,
@@ -19172,7 +19333,27 @@ var MessagePipe = class {
             sessionId: keyId
           });
           content = JSON.stringify({ content: "" });
-          log12.debug("\u{1F512} \u51FA\u7AD9\u6D88\u606F\u5DF2\u52A0\u5BC6 (quantum_and_plain)", { sessionId: keyId });
+          log12.debug("\u{1F512} \u51FA\u7AD9\u6D88\u606F\u5DF2\u52A0\u5BC6 (quantum_only)", { sessionId: keyId });
+        }
+      } else {
+        try {
+          if (isFileMessage && msg.encryptionMeta) {
+            extra = _MessagePipe.buildFileEncryptExtra(msg.encryptionMeta.iv, msg.encryptionMeta.keyId);
+            log12.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_and_plain)", { sessionId: msg.encryptionMeta.keyId, msgType: msg.msgType });
+          } else if (isFileMessage) {
+            const { keyId, iv } = await this.crypto.encrypt(msg.content);
+            extra = _MessagePipe.buildFileEncryptExtra(iv, keyId);
+            log12.debug("\u{1F512} \u51FA\u7AD9\u6587\u4EF6\u6D88\u606F\u5DF2\u6807\u8BB0\u52A0\u5BC6 (quantum_and_plain, fallback)", { sessionId: keyId, msgType: msg.msgType });
+          } else {
+            const { ciphertext, keyId, iv } = await this.crypto.encrypt(msg.content);
+            extra = JSON.stringify({
+              cryptoIv: iv,
+              encryptMsg: ciphertext,
+              sessionId: keyId
+            });
+            content = JSON.stringify({ content: "" });
+            log12.debug("\u{1F512} \u51FA\u7AD9\u6D88\u606F\u5DF2\u52A0\u5BC6 (quantum_and_plain)", { sessionId: keyId });
+          }
         } catch (err) {
           log12.error("\u274C \u51FA\u7AD9\u6D88\u606F\u52A0\u5BC6\u5931\u8D25\uFF0C\u5C06\u53D1\u9001\u660E\u6587", {
             error: err.message
@@ -19194,13 +19375,11 @@ var MessagePipe = class {
     }
     const result = await this.callMessageApi("/messages/v1/send", body, "outbound");
     if (!result) return;
-    log12.info("outbound:sent \u2192 IM \u670D\u52A1\u5668", {
+    log12.info("\u{1F4E4} outbound:sent \u2192 IM \u670D\u52A1\u5668", {
       chatId: msg.chatId,
-      receiveId: msg.senderId,
-      msgType: msg.msgType,
       encrypted: Boolean(extra),
-      contentPreview: extra ? "[encrypted]" : msg.content.slice(0, 200),
-      requestId: result.request_id
+      requestId: result.request_id,
+      body
     });
   }
   /**

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "liangzimixin",
-  "version": "0.3.45",
+  "version": "0.3.47",
   "description": "Quantum-encrypted IM channel plugin for OpenClaw",
   "type": "module",
   "main": "dist/index.cjs",