/**
* WeCom AES-256-CBC 加解密核心
* Bot 和 Agent 模式共用
*/
import crypto from "node:crypto";
import { CRYPTO } from "../types/constants.js";
export function decodeEncodingAESKey(encodingAESKey: string): Buffer {
const trimmed = encodingAESKey.trim();
if (!trimmed) throw new Error("encodingAESKey missing");
const withPadding = trimmed.endsWith("=") ? trimmed : `${trimmed}=`;
const key = Buffer.from(withPadding, "base64");
if (key.length !== CRYPTO.AES_KEY_LENGTH) {
throw new Error(`invalid encodingAESKey (expected ${CRYPTO.AES_KEY_LENGTH} bytes, got ${key.length})`);
}
return key;
}
function pkcs7Pad(buf: Buffer, blockSize: number): Buffer {
const mod = buf.length % blockSize;
const pad = mod === 0 ? blockSize : blockSize - mod;
const padByte = Buffer.from([pad]);
return Buffer.concat([buf, Buffer.alloc(pad, padByte[0]!)]);
}
export function pkcs7Unpad(buf: Buffer, blockSize: number): Buffer {
if (buf.length === 0) throw new Error("invalid pkcs7 payload");
const pad = buf[buf.length - 1]!;
if (pad < 1 || pad > blockSize) {
throw new Error("invalid pkcs7 padding");
}
if (pad > buf.length) {
throw new Error("invalid pkcs7 payload");
}
for (let i = 0; i < pad; i += 1) {
if (buf[buf.length - 1 - i] !== pad) {
throw new Error("invalid pkcs7 padding");
}
}
return buf.subarray(0, buf.length - pad);
}
/**
* 解密 WeCom 加密消息
*/
export function decryptWecomEncrypted(params: {
encodingAESKey: string;
receiveId?: string;
encrypt: string;
}): string {
const aesKey = decodeEncodingAESKey(params.encodingAESKey);
const iv = aesKey.subarray(0, 16);
const decipher = crypto.createDecipheriv("aes-256-cbc", aesKey, iv);
decipher.setAutoPadding(false);
const decryptedPadded = Buffer.concat([
decipher.update(Buffer.from(params.encrypt, "base64")),
decipher.final(),
]);
const decrypted = pkcs7Unpad(decryptedPadded, CRYPTO.PKCS7_BLOCK_SIZE);
if (decrypted.length < 20) {
throw new Error(`invalid payload (expected >=20 bytes, got ${decrypted.length})`);
}
// 16 bytes random + 4 bytes length + msg + receiveId
const msgLen = decrypted.readUInt32BE(16);
const msgStart = 20;
const msgEnd = msgStart + msgLen;
if (msgEnd > decrypted.length) {
throw new Error(`invalid msg length (msgEnd=${msgEnd}, total=${decrypted.length})`);
}
const msg = decrypted.subarray(msgStart, msgEnd).toString("utf8");
const receiveId = params.receiveId ?? "";
if (receiveId) {
const trailing = decrypted.subarray(msgEnd).toString("utf8");
if (trailing !== receiveId) {
throw new Error(`receiveId mismatch (expected "${receiveId}", got "${trailing}")`);
}
}
return msg;
}
/**
* 加密明文为 WeCom 格式
*/
export function encryptWecomPlaintext(params: {
encodingAESKey: string;
receiveId?: string;
plaintext: string;
}): string {
const aesKey = decodeEncodingAESKey(params.encodingAESKey);
const iv = aesKey.subarray(0, 16);
const random16 = crypto.randomBytes(16);
const msg = Buffer.from(params.plaintext ?? "", "utf8");
const msgLen = Buffer.alloc(4);
msgLen.writeUInt32BE(msg.length, 0);
const receiveId = Buffer.from(params.receiveId ?? "", "utf8");
const raw = Buffer.concat([random16, msgLen, msg, receiveId]);
const padded = pkcs7Pad(raw, CRYPTO.PKCS7_BLOCK_SIZE);
const cipher = crypto.createCipheriv("aes-256-cbc", aesKey, iv);
cipher.setAutoPadding(false);
const encrypted = Buffer.concat([cipher.update(padded), cipher.final()]);
return encrypted.toString("base64");
}