82df79c638
- 新增GetXToken函数用于生成x-api-eid-token - 实现HASH类用于计算128位哈希值 - 添加md5函数用于消息摘要计算 - 实现STrEnc函数用于字符串加密 - 添加getLastParameter与splitAndJoin辅助函数 - 构建完整的浏览器指纹对象生成逻辑 - 集成node-fetch与https-proxy-agent支持代理请求 - 实现完整的WebGL与浏览器环境模拟数据结构
48 lines
1.4 KiB
JavaScript
48 lines
1.4 KiB
JavaScript
/**
|
|
* Module dependencies.
|
|
*/
|
|
|
|
var crypto = require('crypto');
|
|
|
|
/**
|
|
* Sign the given `val` with `secret`.
|
|
*
|
|
* @param {String} val
|
|
* @param {String|NodeJS.ArrayBufferView|crypto.KeyObject} secret
|
|
* @return {String}
|
|
* @api private
|
|
*/
|
|
|
|
exports.sign = function(val, secret){
|
|
if ('string' != typeof val) throw new TypeError("Cookie value must be provided as a string.");
|
|
if (null == secret) throw new TypeError("Secret key must be provided.");
|
|
return val + '.' + crypto
|
|
.createHmac('sha256', secret)
|
|
.update(val)
|
|
.digest('base64')
|
|
.replace(/\=+$/, '');
|
|
};
|
|
|
|
/**
|
|
* Unsign and decode the given `input` with `secret`,
|
|
* returning `false` if the signature is invalid.
|
|
*
|
|
* @param {String} input
|
|
* @param {String|NodeJS.ArrayBufferView|crypto.KeyObject} secret
|
|
* @return {String|Boolean}
|
|
* @api private
|
|
*/
|
|
|
|
exports.unsign = function(input, secret){
|
|
if ('string' != typeof input) throw new TypeError("Signed cookie string must be provided.");
|
|
if (null == secret) throw new TypeError("Secret key must be provided.");
|
|
var tentativeValue = input.slice(0, input.lastIndexOf('.')),
|
|
expectedInput = exports.sign(tentativeValue, secret),
|
|
expectedBuffer = Buffer.from(expectedInput),
|
|
inputBuffer = Buffer.from(input);
|
|
return (
|
|
expectedBuffer.length === inputBuffer.length &&
|
|
crypto.timingSafeEqual(expectedBuffer, inputBuffer)
|
|
) ? tentativeValue : false;
|
|
};
|