f
This commit is contained in:
@@ -1,14 +1,13 @@
|
|||||||
package captcha
|
package captcha
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"os"
|
"tyc-server/common/xerr"
|
||||||
|
|
||||||
captcha20230305 "github.com/alibabacloud-go/captcha-20230305/client"
|
captcha20230305 "github.com/alibabacloud-go/captcha-20230305/client"
|
||||||
openapi "github.com/alibabacloud-go/darabonba-openapi/v2/client"
|
openapi "github.com/alibabacloud-go/darabonba-openapi/v2/client"
|
||||||
"github.com/alibabacloud-go/tea/tea"
|
"github.com/alibabacloud-go/tea/tea"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
"github.com/zeromicro/go-zero/core/logx"
|
"github.com/zeromicro/go-zero/core/logx"
|
||||||
"tyc-server/common/xerr"
|
|
||||||
)
|
)
|
||||||
|
|
||||||
// Config 阿里云验证码配置(与 api internal config 解耦,供 pkg 使用)
|
// Config 阿里云验证码配置(与 api internal config 解耦,供 pkg 使用)
|
||||||
@@ -21,9 +20,9 @@ type Config struct {
|
|||||||
|
|
||||||
// Verify 校验前端传入的 captchaVerifyParam。异常时视为通过以保证业务可用。
|
// Verify 校验前端传入的 captchaVerifyParam。异常时视为通过以保证业务可用。
|
||||||
func Verify(cfg Config, captchaVerifyParam string) error {
|
func Verify(cfg Config, captchaVerifyParam string) error {
|
||||||
if os.Getenv("ENV") == "development" {
|
// if os.Getenv("ENV") == "development" {
|
||||||
return nil
|
// return nil
|
||||||
}
|
// }
|
||||||
if captchaVerifyParam == "" {
|
if captchaVerifyParam == "" {
|
||||||
return errors.Wrapf(xerr.NewErrMsg("图形验证码校验失败"), "empty captchaVerifyParam")
|
return errors.Wrapf(xerr.NewErrMsg("图形验证码校验失败"), "empty captchaVerifyParam")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,14 +1,11 @@
|
|||||||
package captcha
|
package captcha
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"bytes"
|
|
||||||
"crypto/aes"
|
|
||||||
"crypto/cipher"
|
|
||||||
"crypto/rand"
|
|
||||||
"encoding/base64"
|
"encoding/base64"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
|
lzcrypto "tyc-server/pkg/lzkit/crypto"
|
||||||
)
|
)
|
||||||
|
|
||||||
// GenerateEncryptedSceneID 按阿里云文档生成 EncryptedSceneId(仅适用于 V3 架构加密模式)。
|
// GenerateEncryptedSceneID 按阿里云文档生成 EncryptedSceneId(仅适用于 V3 架构加密模式)。
|
||||||
@@ -30,32 +27,6 @@ func GenerateEncryptedSceneID(sceneId, ekey string, expireSeconds int) (string,
|
|||||||
return "", fmt.Errorf("invalid ekey length, need 32 bytes after base64 decode, got %d", len(keyBytes))
|
return "", fmt.Errorf("invalid ekey length, need 32 bytes after base64 decode, got %d", len(keyBytes))
|
||||||
}
|
}
|
||||||
|
|
||||||
block, err := aes.NewCipher(keyBytes)
|
// 复用已有的 AES-CBC + PKCS7 实现,输出即为 Base64(IV + ciphertext)
|
||||||
if err != nil {
|
return lzcrypto.AesEncrypt([]byte(plaintext), keyBytes)
|
||||||
return "", fmt.Errorf("new cipher error: %w", err)
|
|
||||||
}
|
}
|
||||||
|
|
||||||
iv := make([]byte, aes.BlockSize)
|
|
||||||
if _, err := io.ReadFull(rand.Reader, iv); err != nil {
|
|
||||||
return "", fmt.Errorf("read iv error: %w", err)
|
|
||||||
}
|
|
||||||
|
|
||||||
padded := pkcs7Pad([]byte(plaintext), aes.BlockSize)
|
|
||||||
ciphertext := make([]byte, len(padded))
|
|
||||||
|
|
||||||
mode := cipher.NewCBCEncrypter(block, iv)
|
|
||||||
mode.CryptBlocks(ciphertext, padded)
|
|
||||||
|
|
||||||
out := append(iv, ciphertext...)
|
|
||||||
return base64.StdEncoding.EncodeToString(out), nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func pkcs7Pad(src []byte, blockSize int) []byte {
|
|
||||||
padLen := blockSize - len(src)%blockSize
|
|
||||||
if padLen == 0 {
|
|
||||||
padLen = blockSize
|
|
||||||
}
|
|
||||||
pad := bytes.Repeat([]byte{byte(padLen)}, padLen)
|
|
||||||
return append(src, pad...)
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user