diff --git a/pkg/captcha/aliyun.go b/pkg/captcha/aliyun.go index 0241d13..391c96f 100644 --- a/pkg/captcha/aliyun.go +++ b/pkg/captcha/aliyun.go @@ -1,14 +1,13 @@ package captcha import ( - "os" + "tyc-server/common/xerr" captcha20230305 "github.com/alibabacloud-go/captcha-20230305/client" openapi "github.com/alibabacloud-go/darabonba-openapi/v2/client" "github.com/alibabacloud-go/tea/tea" "github.com/pkg/errors" "github.com/zeromicro/go-zero/core/logx" - "tyc-server/common/xerr" ) // Config 阿里云验证码配置(与 api internal config 解耦,供 pkg 使用) @@ -21,9 +20,9 @@ type Config struct { // Verify 校验前端传入的 captchaVerifyParam。异常时视为通过以保证业务可用。 func Verify(cfg Config, captchaVerifyParam string) error { - if os.Getenv("ENV") == "development" { - return nil - } + // if os.Getenv("ENV") == "development" { + // return nil + // } if captchaVerifyParam == "" { return errors.Wrapf(xerr.NewErrMsg("图形验证码校验失败"), "empty captchaVerifyParam") } diff --git a/pkg/captcha/encrypt_scene.go b/pkg/captcha/encrypt_scene.go index 1e3f36b..9f1bfae 100644 --- a/pkg/captcha/encrypt_scene.go +++ b/pkg/captcha/encrypt_scene.go @@ -1,14 +1,11 @@ package captcha import ( - "bytes" - "crypto/aes" - "crypto/cipher" - "crypto/rand" "encoding/base64" "fmt" - "io" "time" + + lzcrypto "tyc-server/pkg/lzkit/crypto" ) // GenerateEncryptedSceneID 按阿里云文档生成 EncryptedSceneId(仅适用于 V3 架构加密模式)。 @@ -30,32 +27,6 @@ func GenerateEncryptedSceneID(sceneId, ekey string, expireSeconds int) (string, return "", fmt.Errorf("invalid ekey length, need 32 bytes after base64 decode, got %d", len(keyBytes)) } - block, err := aes.NewCipher(keyBytes) - if err != nil { - return "", fmt.Errorf("new cipher error: %w", err) - } - - iv := make([]byte, aes.BlockSize) - if _, err := io.ReadFull(rand.Reader, iv); err != nil { - return "", fmt.Errorf("read iv error: %w", err) - } - - padded := pkcs7Pad([]byte(plaintext), aes.BlockSize) - ciphertext := make([]byte, len(padded)) - - mode := cipher.NewCBCEncrypter(block, iv) - mode.CryptBlocks(ciphertext, padded) - - out := append(iv, ciphertext...) - return base64.StdEncoding.EncodeToString(out), nil + // 复用已有的 AES-CBC + PKCS7 实现,输出即为 Base64(IV + ciphertext) + return lzcrypto.AesEncrypt([]byte(plaintext), keyBytes) } - -func pkcs7Pad(src []byte, blockSize int) []byte { - padLen := blockSize - len(src)%blockSize - if padLen == 0 { - padLen = blockSize - } - pad := bytes.Repeat([]byte{byte(padLen)}, padLen) - return append(src, pad...) -} -