当前位置:   article > 正文

nodejs最新某东h5st(4.7.2)参数分析与javascript逆向纯算法还原(含算法源码)(2024-06-09)_h5st 4.7.2

h5st 4.7.2

一、作者声明:


    文章仅供学习交流与参考!严禁用于任何商业与非法用途!否则由此产生的一切后果均与作者无关!如有侵权,请联系作者本人进行删除!

二 、写在前面


   h5st从4.1一路更新到4.7.2,逐渐vmp化,基本稳定下来。现在小版本也是更新不断!不过小版本并不会受到太大的一个影响,本次文章更新的算法分析还原为最新4.7大版本下的4.7.2小版本~~
  没有x-api-eid-token--->会出现风控 没有h5st--->不稳定能拿到数据 只有正确的h5st才能百分百拿到数据。


三、 加密分析


首先,看看核心点,目前全部VMP化,先把加密值拿出来,如下所示:

20240606160042598%3Bm9itny6zz9mmzmm8%3Bfb5df%3Btk03wb4481c2018nYOtAQRSkhO0LLdsml3SszMlxWFvYj0i6XQo1LAbkMv9JbG6wNADMG4bnX7gJZU5uVci2a_ujP8FU%3B5be08ae1ec26b3f5fdb2b4874534a585c28e0239ddd73aba69133354d343c387%3B4.7%3B1717660842598%3BTKmWl61wPiYmFVY91TfdhoEOxdR4256MojfrTtc1mdzUsiISbK4CQ3KX7VKYlhPyEGtomiZzVrD2j3uG32O3PONJMz22FBH1L_aFBlrQHqxzWCQ0bBGt1_9VJj0Nc2MW3fbAH2q2uaeaHjOEa-zrzOQZR872Veu4c28_B_WWBD36YLdhIWIFUa6nLG5eaN5Fxn-HYKqRo-1C5SJvhi4UNCR7NMVLrBt9W8ZzgTnmPaCKYQpzvqvXbi9o7JHP8kpxuj831cnf35PscS8sdppanAGEyS-ZLTKzhZZtF59jj3FxmZN27ZHSN7tImxDcfrrh3DM6kbMy4mYy5CEgzyfQlVEPFB1OoQgtz2r2MSfCsMCxNB99KeSzZgjmmdkpl6AC7cEzggE7nDk8PeheJO0dl8zjLad9Prk3hGJ0DQIeqffFGvzEemLTD52YgeDqWQHLXbk3

4.2之前是没有sign签名段的,可以看到整个加密参数的值跟4.2是有区别的!同样经过多块组合拼接而成的 ,最新的以分号拆开大约分为8个部分了!

第一部分是一个时间格式的字符串,后续我们可以自行生成

第二部分则是fingerprint指纹,这个是需要算法生成的,第三部分可固定

第四部分tk则拼接多个参数加上指纹通过加密算法生成

第五部分签名Sign参数,通过对Token、fingerprint、时间戳、APPID

第六部分分别是算法的版本号以及时间戳!这个自行填写

第七部分时间戳

第八部分的大长串则是上面参数经过最终AES加密生成

四、 算法还原


1、第一部分,时间参代码


接下来按上面拆分出来的几部分,附上扣出来的算法并附上讲解,第一部分,时间参代码实现如下:

  1. function timestampToFormat(timestamp) {
  2. const date = new Date(timestamp);
  3. const pad = (num, size) => String(num).padStart(size, '0');
  4. return `${date.getFullYear()}${pad(date.getMonth() + 1, 2)}${pad(date.getDate(), 2)}${pad(date.getHours(), 2)}${pad(date.getMinutes(), 2)}${pad(date.getSeconds(), 2)}${pad(date.getMilliseconds(), 3)}`;
  5. }

2、第二部分,FP指纹


第二部分我们需要还原的是FP的指纹,加密算法实现如下:
 

  1. !function () {
  2. function t(e) {
  3. for (var t = "", r = 0; r < e.length;) {
  4. var n = e.charCodeAt(r++);
  5. t += n > 63 ? String.fromCharCode(32 ^ n) : 35 == n ? e.charAt(r++) : String.fromCharCode(n)
  6. }
  7. return t
  8. }
  9. var r = [t("SIZE"), "num", t("SPLIT"), "", t("DEFAULT"), t("CALL"), t("PUSH"), "pop", t("TOsTRING"), t("JOIN"), t("DEFAULT"), t("CALL"), t("REPLACE"), ""]
  10. , n = Function.prototype.call
  11. ,
  12. a = [2, 66, 17, 98, 16, 25, 286, 76, 37, 17, 58, 16, 13, 25, -2821, 25, -8150, 68, 25, 10976, 68, 91, 74, 17, 26, 16, 4, 78, 17, 73, 16, 13, 7, 91, 62, 17, 36, 16, 32, 88, 80, 0, 46, 80, 1, 76, 7, 68, 36, 16, 32, 25, -3718, 25, 2322, 68, 25, 1412, 68, 25, 575, 25, 6105, 68, 25, -6675, 68, 3, 88, 3, 25, 6578, 25, -9306, 68, 25, 2729, 68, 3, 80, 0, 46, 80, 1, 76, 68, 88, 68, 5, 17, 48, 70, 2, 52, 3, 76, 54, 17, 63, 17, 60, 93, 4, 40, 72, 76, 70, 5, 72, 25, 8402, 25, -5374, 68, 25, -3028, 68, 25, -8134, 25, -8213, 68, 25, 16362, 68, 65, 71, 17, 63, 17, 60, 93, 4, 40, 72, 76, 70, 5, 72, 25, 6175, 25, 4230, 68, 25, -10390, 68, 91, 79, 17, 67, 0, 33, 17, 30, 45, 95, 70, 6, 25, -5057, 25, 6375, 68, 25, -1283, 68, 63, 17, 49, 93, 4, 40, 87, 70, 7, 4, 25, 3357, 25, -5902, 68, 25, 2581, 68, 91, 3, 70, 8, 25, -8817, 25, 8543, 68, 25, 310, 68, 76, 76, 17, 87, 51, 25, 8755, 25, -8004, 68, 25, -751, 68, 34, 42, -56, 63, 17, 69, 93, 4, 40, 95, 76, 70, 5, 95, 14, 91, 33, 17, 95, 70, 9, 52, 3, 76, 29, 17, 27, 90, 39, 73, -2215, 73, -5180, 68, 73, 7395, 68, 94, 58, 50, 44, 49, 58, 76, 21, 0, 71, 4, 93, 70, 1, 4, 11, 79, 22, 84, 55, 58, 82, 73, -6046, 73, -7717, 68, 73, 13764, 68, 2, 60, 86, 11, 4, 70, 2, 11, 79, 22, 98, 3, 84, 39, 58, 27, 58, 79, 11, 36, 74, 91, -48, 4, 90, 20]
  13. , o = zk
  14. , i = Array.from
  15. , c = Symbol
  16. , s = eh
  17. , u = Array.isArray
  18. , l = Og.exports;
  19. var generateVisitKey = function () {
  20. for (var e, t, o, i, c, s, u, l, p, v, d, _, x = n, S = a, A = [], E = 0; ;)
  21. switch (S[E++]) {
  22. case 2:
  23. A.push(y);
  24. break;
  25. case 3:
  26. _ = A.pop(),
  27. A[A.length - 1] -= _;
  28. break;
  29. case 4:
  30. null != A[A.length - 1] ? A[A.length - 2] = x.call(A[A.length - 2], A[A.length - 1]) : (_ = A[A.length - 2],
  31. A[A.length - 2] = _()),
  32. A.length--;
  33. break;
  34. case 5:
  35. s = A[A.length - 1];
  36. break;
  37. case 7:
  38. A.push(o);
  39. break;
  40. case 13:
  41. A.push(t);
  42. break;
  43. case 14:
  44. A.push(p);
  45. break;
  46. case 16:
  47. A.push(null);
  48. break;
  49. case 17:
  50. A.pop();
  51. break;
  52. case 25:
  53. A.push(S[E++]);
  54. break;
  55. case 26:
  56. A.push(b);
  57. break;
  58. case 27:
  59. A.push(d);
  60. break;
  61. case 29:
  62. d = A[A.length - 1];
  63. break;
  64. case 30:
  65. E += S[E];
  66. break;
  67. case 32:
  68. A.push({});
  69. break;
  70. case 33:
  71. v = A[A.length - 1];
  72. break;
  73. case 34:
  74. _ = A.pop(),
  75. A[A.length - 1] = A[A.length - 1] > _;
  76. break;
  77. case 36:
  78. A.push(m);
  79. break;
  80. case 37:
  81. t = A[A.length - 1];
  82. break;
  83. case 39:
  84. return;
  85. case 40:
  86. A.push(void 0);
  87. break;
  88. case 42:
  89. A.pop() ? E += S[E] : ++E;
  90. break;
  91. case 46:
  92. A.push(c);
  93. break;
  94. case 48:
  95. A.push(s);
  96. break;
  97. case 49:
  98. A.push(h);
  99. break;
  100. case 51:
  101. A[A.length - 1] = A[A.length - 1].length;
  102. break;
  103. case 52:
  104. A.push(r[S[E++]]);
  105. break;
  106. case 54:
  107. u = A[A.length - 1];
  108. break;
  109. case 58:
  110. A.push(k);
  111. break;
  112. case 60:
  113. A.push(f);
  114. break;
  115. case 62:
  116. c = A[A.length - 1];
  117. break;
  118. case 63:
  119. A.push(0);
  120. break;
  121. case 65:
  122. A[A.length - 5] = x.call(A[A.length - 5], A[A.length - 4], A[A.length - 3], A[A.length - 2], A[A.length - 1]),
  123. A.length -= 4;
  124. break;
  125. case 66:
  126. e = A[A.length - 1];
  127. break;
  128. case 67:
  129. A.push(new Array(S[E++]));
  130. break;
  131. case 68:
  132. _ = A.pop(),
  133. A[A.length - 1] += _;
  134. break;
  135. case 69:
  136. A.push(g);
  137. break;
  138. case 70:
  139. A.push(A[A.length - 1]),
  140. A[A.length - 2] = A[A.length - 2][r[S[E++]]];
  141. break;
  142. case 71:
  143. l = A[A.length - 1];
  144. break;
  145. case 72:
  146. A.push(u);
  147. break;
  148. case 73:
  149. A.push(w);
  150. break;
  151. case 74:
  152. o = A[A.length - 1];
  153. break;
  154. case 76:
  155. null != A[A.length - 2] ? (A[A.length - 3] = x.call(A[A.length - 3], A[A.length - 2], A[A.length - 1]),
  156. A.length -= 2) : (_ = A[A.length - 3],
  157. A[A.length - 3] = _(A[A.length - 1]),
  158. A.length -= 2);
  159. break;
  160. case 78:
  161. i = A[A.length - 1];
  162. break;
  163. case 79:
  164. p = A[A.length - 1];
  165. break;
  166. case 80:
  167. A[A.length - 2][r[S[E++]]] = A[A.length - 1],
  168. A.length--;
  169. break;
  170. case 87:
  171. A.push(l);
  172. break;
  173. case 88:
  174. A.push(i);
  175. break;
  176. case 90:
  177. return A.pop();
  178. case 91:
  179. A[A.length - 4] = x.call(A[A.length - 4], A[A.length - 3], A[A.length - 2], A[A.length - 1]),
  180. A.length -= 3;
  181. break;
  182. case 93:
  183. A[A.length - 1] = A[A.length - 1][r[S[E++]]];
  184. break;
  185. case 95:
  186. A.push(v);
  187. break;
  188. case 98:
  189. A.push(e)
  190. }
  191. };
  192. var h = l(nm)
  193. , f = l(zk)
  194. , g = l(j_)
  195. , p = l(Rk);
  196. function v(e, t) {
  197. var r = void 0 !== c && s(e) || e["@@iterator"];
  198. if (!r) {
  199. if (u(e) || (r = function (e, t) {
  200. var r;
  201. if (!e)
  202. return;
  203. if ("string" == typeof e)
  204. return d(e, t);
  205. var n = o(r = Object.prototype.toString.call(e)).call(r, 8, -1);
  206. "Object" === n && e.constructor && (n = e.constructor.name);
  207. if ("Map" === n || "Set" === n)
  208. return i(e);
  209. if ("Arguments" === n || /^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n))
  210. return d(e, t)
  211. }(e)) || t && e && "number" == typeof e.length) {
  212. r && (e = r);
  213. var n = 0
  214. , a = function () {
  215. };
  216. return {
  217. s: a,
  218. n: function () {
  219. return n >= e.length ? {
  220. done: !0
  221. } : {
  222. done: !1,
  223. value: e[n++]
  224. }
  225. },
  226. e: function (e) {
  227. throw e
  228. },
  229. f: a
  230. }
  231. }
  232. throw new TypeError("Invalid attempt to iterate non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")
  233. }
  234. var l, h = !0, f = !1;
  235. return {
  236. s: function () {
  237. r = r.call(e)
  238. },
  239. n: function () {
  240. var e = r.next();
  241. return h = e.done,
  242. e
  243. },
  244. e: function (e) {
  245. f = !0,
  246. l = e
  247. },
  248. f: function () {
  249. try {
  250. h || null == r.return || r.return()
  251. } finally {
  252. if (f)
  253. throw l
  254. }
  255. }
  256. }
  257. }
  258. function d(e, t) {
  259. (null == t || t > e.length) && (t = e.length);
  260. for (var r = 0, n = new Array(t); r < t; r++)
  261. n[r] = e[r];
  262. return n
  263. }
  264. function b() {
  265. return 10 * Math.random() | 0
  266. }
  267. function y(e, t) {
  268. var r = _();
  269. return y = function (t, n) {
  270. var a = r[t -= 280];
  271. if (void 0 === y.RpSzcS) {
  272. y.licQQm = function (e) {
  273. for (var t, r, n = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=", a = "", o = "", i = 0, c = 0; r = e.charAt(c++); ~r && (t = i % 4 ? 64 * t + r : r,
  274. i++ % 4) ? a += String.fromCharCode(255 & t >> (-2 * i & 6)) : 0)
  275. r = (0,
  276. p.default)(n).call(n, r);
  277. for (var s = 0, u = a.length; s < u; s++) {
  278. var l;
  279. o += "%" + (0,
  280. f.default)(l = "00" + a.charCodeAt(s).toString(16)).call(l, -2)
  281. }
  282. return decodeURIComponent(o)
  283. }
  284. ,
  285. e = arguments,
  286. y.RpSzcS = !0
  287. }
  288. var o = t + r[0].substring(0, 2)
  289. , i = e[o];
  290. return i ? a = i : (a = y.licQQm(a),
  291. e[o] = a),
  292. a
  293. }
  294. ,
  295. y(e, t)
  296. }
  297. function k(e, t) {
  298. var r, n = [], a = e.length, o = v(e);
  299. try {
  300. for (o.s(); !(r = o.n()).done;) {
  301. var i = r.value;
  302. if (Math.random() * a < t && (n.push(i),
  303. 0 == --t))
  304. break;
  305. a--
  306. }
  307. } catch (e) {
  308. o.e(e)
  309. } finally {
  310. o.f()
  311. }
  312. for (var c = "", s = 0; s < n.length; s++) {
  313. var u = Math.random() * (n.length - s) | 0;
  314. c += n[u],
  315. n[u] = n[n.length - s - 1]
  316. }
  317. return c
  318. }
  319. function m(e) {
  320. for (var t = e.size, r = e.num, n = ""; t--;)
  321. n += r[Math.random() * r.length | 0];
  322. return n
  323. }
  324. function w(e, t) {
  325. for (var o, i, c, s = n, u = a, l = [], h = 239; ;)
  326. switch (u[h++]) {
  327. case 2:
  328. l[l.length - 1] = -l[l.length - 1];
  329. break;
  330. case 4:
  331. l.push(e);
  332. break;
  333. case 11:
  334. l.push(t);
  335. break;
  336. case 20:
  337. return;
  338. case 21:
  339. l[l.length - 1] = l[l.length - 1][r[10 + u[h++]]];
  340. break;
  341. case 22:
  342. l[l.length - 2] = l[l.length - 2][l[l.length - 1]],
  343. l.length--;
  344. break;
  345. case 27:
  346. l.push(o++);
  347. break;
  348. case 36:
  349. l[l.length - 1] = l[l.length - 1].length;
  350. break;
  351. case 39:
  352. e = l[l.length - 1];
  353. break;
  354. case 49:
  355. l.push(0);
  356. break;
  357. case 50:
  358. h += u[h];
  359. break;
  360. case 55:
  361. i = l[l.length - 1];
  362. break;
  363. case 58:
  364. l.pop();
  365. break;
  366. case 60:
  367. c = l.pop(),
  368. l[l.length - 1] = l[l.length - 1] !== c;
  369. break;
  370. case 68:
  371. c = l.pop(),
  372. l[l.length - 1] += c;
  373. break;
  374. case 70:
  375. l.push(l[l.length - 1]),
  376. l[l.length - 2] = l[l.length - 2][r[10 + u[h++]]];
  377. break;
  378. case 71:
  379. l.push(void 0);
  380. break;
  381. case 73:
  382. l.push(u[h++]);
  383. break;
  384. case 74:
  385. c = l.pop(),
  386. l[l.length - 1] = l[l.length - 1] < c;
  387. break;
  388. case 76:
  389. l.push(p);
  390. break;
  391. case 79:
  392. l.push(o);
  393. break;
  394. case 82:
  395. l.push(i);
  396. break;
  397. case 84:
  398. l[l.length - 4] = s.call(l[l.length - 4], l[l.length - 3], l[l.length - 2], l[l.length - 1]),
  399. l.length -= 3;
  400. break;
  401. case 86:
  402. l[l.length - 1] ? (++h,
  403. --l.length) : h += u[h];
  404. break;
  405. case 90:
  406. return l.pop();
  407. case 91:
  408. l.pop() ? h += u[h] : ++h;
  409. break;
  410. case 93:
  411. null != l[l.length - 2] ? (l[l.length - 3] = s.call(l[l.length - 3], l[l.length - 2], l[l.length - 1]),
  412. l.length -= 2) : (c = l[l.length - 3],
  413. l[l.length - 3] = c(l[l.length - 1]),
  414. l.length -= 2);
  415. break;
  416. case 94:
  417. o = l[l.length - 1];
  418. break;
  419. case 98:
  420. l.push(r[10 + u[h++]])
  421. }
  422. }
  423. function _() {
  424. var e = ["ndqXnZqYofn2uw90Ca", "nJyYmtm3Cvrcvhvc", "mty2ntG2nhrZsg9WtW", "mJjMswjnv0C", "mte5mte0nwP4ugrqAW", "nNHJEvrWva", "odiXmJqXnLf6vKfgvW", "ouPpuNDkDa", "mta0ntK5mgTPwM5TAW", "mMT4AhLiDq", "nZe3nJq4yKHWwunj", "mxvJDdzKmgPOCq", "mZbqBvzVCfu"];
  425. return (_ = function () {
  426. return e
  427. }
  428. )()
  429. }
  430. !function (e, t) {
  431. for (var r = y, n = e(); ;)
  432. try {
  433. if (676921 === -(0,
  434. h.default)(r(284)) / 1 * ((0,
  435. h.default)(r(285)) / 2) + (0,
  436. h.default)(r(280)) / 3 * ((0,
  437. h.default)(r(290)) / 4) + -(0,
  438. h.default)(r(292)) / 5 * ((0,
  439. h.default)(r(287)) / 6) + (0,
  440. h.default)(r(289)) / 7 + (0,
  441. h.default)(r(281)) / 8 * ((0,
  442. h.default)(r(282)) / 9) + -(0,
  443. h.default)(r(283)) / 10 + -(0,
  444. h.default)(r(291)) / 11 * (-(0,
  445. h.default)(r(288)) / 12))
  446. break;
  447. n.push(n.shift())
  448. } catch (e) {
  449. n.push(n.shift())
  450. }
  451. }(_)
  452. }();

3、第三部分,APPID直接取AID即可


第三部分的APPID直接取AID即可。

4、第四部分,Token


接下来就是第四部分的Token生成了,加密算法实现如下所示:
 

  1. var getLocalTK;
  2. !function () {
  3. function t(e) {
  4. for (var t = "", r = 0; r < e.length;) {
  5. var n = e.charCodeAt(r++);
  6. t += n > 63 ? String.fromCharCode(53 ^ n) : 35 == n ? e.charAt(r++) : String.fromCharCode(n)
  7. }
  8. return t
  9. }
  10. var r = ["tk", t("XTR#iV"), "03", t("CPGF#iZ["), "w", t("EYTASZGX"), "41", t("PME#iGPF"), "l", t("EGZQ@VPG"), t("PMEG"), t("V#iE]PG"), t("TQYPG32"), t("RPAgT[QZX|qeGZ"), t("F#iOP"), t("Q#iVAaLEP"), t("V@FAZXq#iVA"), "", t("QPST@YA"), "C2", t("ETGFP"), t("P[VGLEA"), t("_Z#i["), "iv", t("SGZXwTFP64"), t("FAG#i[R#iSL"), t("V#iE]PGAPMA"), t("QPST@YA"), t("EGZAZALEP"), t("VTYY"), "set", "buf", t("AZfAG#i[R"), t("F@WFAG"), t("V]TGvZQPtA"), t("V]TGvZQPtA"), t("V]TGvZQPtA"), t("SYZZG"), "pow", t("FPA`#i[A32"), t("FPA|[A16"), t("RPAgT[QZX|qeGZ"), t("F#iOP"), t("Q#iVAaLEP"), t("V@FAZXq#iVA"), "1", "2", "3", "+", "x", t("SYZZG"), t("GT[QZX"), "", t("F@WFAG"), t("QPST@YA"), t("ETGFP"), t("FAG#i[R#iSL"), t("SGZXwTFP64")]
  11. , n = Function.prototype.call
  12. ,
  13. a = [23, 64, 79, 28, 21, 0, 99, 1, 79, 28, 21, 2, 99, 3, 79, 28, 21, 4, 99, 5, 79, 28, 21, 6, 99, 7, 79, 28, 21, 8, 99, 9, 79, 28, 50, 11, 49, 99, 10, 79, 28, 12, 11, 53, 46, 99, 11, 79, 28, 24, 11, 28, 29, 1, 28, 29, 3, 17, 28, 29, 5, 17, 28, 29, 7, 17, 28, 29, 9, 17, 28, 29, 10, 17, 28, 29, 11, 17, 46, 99, 12, 79, 28, 29, 1, 28, 29, 3, 17, 28, 29, 5, 17, 28, 29, 12, 17, 28, 29, 7, 17, 28, 29, 9, 17, 28, 29, 10, 17, 28, 29, 11, 17, 51, 35, 45, 75, 54, 64, 54, 70, 20, 0, 63, 5, 4, 32, 69, 1, 28, 81, 4, 178, 40, 69, 2, 81, 69, 3, 40, 6, 54, 68, 4, 42, 54, 64, 54, 86, 20, 5, 63, 21, 61, 54, 68, 6, 99, 54, 28, 81, 4, 182, 40, 52, 54, 31, 81, 95, 16, 19, 10, 18, 38, 54, 26, 98, 81, 78, 40, 83, 42, 54, 26, 98, 81, 19, 40, 83, 42, 54, 26, 98, 81, 10, 40, 83, 42, 54, 26, 22, 81, 16, 40, 83, 42, 54, 26, 98, 81, 95, 40, 83, 42, 54, 97, 20, 5, 80, 7, 26, 40, 27, 54, 76, 20, 5, 80, 8, 39, 47, 20, 5, 80, 7, 77, 40, 5, 47, 20, 5, 80, 7, 29, 80, 9, 68, 4, 40, 40, 69, 10, 73, 89, 54, 64, 54, 70, 20, 11, 63, 56, 20, 5, 80, 12, 37, 20, 13, 40, 40, 88, 7, 14, 10, 70, 74, 20, 22, 253, 22, -2067, 96, 22, 1830, 96, 60, 52, 70, 17, 70, 98, 51, 0, 20, 97, 51, 1, 53, 25, 2, 75, 73, 19, 70, 65, 15, 49, 53, 91, 70, 74, 20, 22, -1530, 22, 415, 96, 22, 1117, 96, 60, 68, 70, 17, 70, 98, 51, 0, 20, 97, 51, 1, 53, 25, 2, 48, 92, 19, 70, 74, 20, 22, -7373, 22, 4503, 96, 22, 2882, 96, 60, 16, 70, 17, 70, 98, 51, 0, 20, 97, 51, 1, 53, 25, 2, 81, 84, 19, 70, 74, 20, 22, 5169, 22, -9153, 96, 22, 4022, 96, 60, 30, 70, 33, 25, 3, 48, 53, 70, 33, 25, 3, 81, 22, -7348, 22, 4861, 96, 22, 2489, 96, 19, 70, 33, 25, 3, 43, 22, -7830, 22, -2494, 96, 22, 10338, 96, 19, 70, 33, 25, 3, 75, 22, 6556, 22, -649, 96, 22, -5885, 96, 19, 70, 13, 51, 0, 25, 4, 33, 53, 71, 70, 83, 22, 8329, 22, -2927, 96, 22, -5402, 96, 21, 71, 70, 76, 15, 22, 187, 53, 83, 25, 5, 22, -3433, 22, 1157, 96, 22, 2292, 96, 53, 96, 72, 70, 47, 25, 6, 47, 32, 22, -47, 22, -1896, 96, 22, 1951, 96, 86, 53, 89, 57, 79, 77, 67, 12, 0, 77, 56, 62, 4, 30, 23, 45, 87, 9, 0, 45, 15, 62, 95, 16, 2, 51, 30, 44, 0, 51, 4, 24, 1, 7, 69, 24, 64, 5, 42, 77, 78, 0, 98, 77, 78, 1, 65, 6751, 65, -342, 81, 65, -6407, 81, 65, 5336, 65, -6432, 81, 65, 1128, 81, 72, 95, 13, 85, 42, 98, 77, 78, 1, 65, -310, 65, 8475, 81, 65, -8163, 81, 65, 32, 72, 88, 1, 42, 94, 24, 65, 5048, 65, -9090, 81, 65, 4050, 81, 2, 67, 42, 8, 24, 32, 2, 37, 42, 12, 71, 32, 16, 78, 2, 65, -5825, 65, -8303, 81, 65, 14128, 81, 47, 12, 34, 42, 16, 78, 2, 65, -4393, 65, -6070, 81, 65, 10467, 81, 56, 12, 34, 80, 30, 16, 78, 2, 65, -8374, 65, -5679, 81, 65, 14053, 81, 56, 12, 34, 42, 16, 78, 2, 65, 5472, 65, -7245, 81, 65, 1777, 81, 47, 12, 34, 42, 52, 24, 32, 2, 20, 93, 94, 60, 29, 2, 79, 92, 78, 62, 60, 1, 79, 59, 0, 29, -4658, 29, -4430, 87, 29, 9088, 87, 29, 6433, 29, 9036, 87, 29, -15213, 87, 48, 0, 85, 85, 97, 78, 27, 60, 1, 79, 29, 6857, 29, -8577, 87, 29, 1720, 87, 4, 29, -353, 29, -2847, 87, 29, 3456, 87, 42, 37, 99, 2, 7, 71, 62, 71, 30, 63, 0, 29, 12, 35, 32, 93, 1, 18, 8, 35, 178, 48, 93, 2, 8, 93, 3, 48, 85, 71, 36, 3, 62, 53, 4, 17, 92, 53, 5, 17, 35, 2, 53, 6, 17, 24, 71, 36, 2, 62, 53, 7, 17, 92, 53, 8, 17, 27, 71, 35, -1160, 35, -3905, 84, 35, 5067, 84, 21, 45, 9, 21, 45, 10, 14, 35, 5398, 35, 8267, 84, 35, -13661, 84, 78, 48, 84, 81, 71, 53, 11, 83, 71, 35, 6113, 35, -8607, 84, 35, 2494, 84, 22, 71, 41, 63, 61, 59, 21, 45, 9, 21, 45, 10, 14, 35, 4505, 35, -8459, 84, 35, 3957, 84, 78, 48, 31, 84, 83, 71, 3, 49, 35, -7624, 35, 707, 84, 35, 6918, 84, 76, 97, 95, 23, 61, 60, 21, 45, 9, 21, 45, 10, 14, 35, -7093, 35, -9161, 84, 35, 16256, 84, 78, 48, 31, 84, 83, 71, 56, 71, 3, 49, 97, 86, -66, 61, 69, 35, -8937, 35, -657, 84, 35, 9603, 84, 97, 95, 27, 61, 1, 45, 12, 35, -1991, 35, -3690, 84, 35, 5681, 84, 35, 3277, 35, -1882, 84, 35, -1386, 84, 61, 69, 76, 32, 84, 83, 71, 38, 63, 13, 45, 14, 61, 48, 94, 71, 23, 63, 13, 45, 15, 15, 48, 19, 71, 62, 71, 30, 63, 16, 29, 74, 48, 65, 44]
  14. , o = Og.exports;
  15. var genLocalTK = function (e) {
  16. for (var t, o, i = n, c = a, s = [], u = 0; ;)
  17. switch (c[u++]) {
  18. case 11:
  19. s.push(null);
  20. break;
  21. case 12:
  22. s.push(x);
  23. break;
  24. case 17:
  25. o = s.pop(),
  26. s[s.length - 1] += o;
  27. break;
  28. case 21:
  29. s.push(r[c[u++]]);
  30. break;
  31. case 23:
  32. s.push({});
  33. break;
  34. case 24:
  35. s.push(_);
  36. break;
  37. case 28:
  38. s.push(t);
  39. break;
  40. case 29:
  41. s[s.length - 1] = s[s.length - 1][r[c[u++]]];
  42. break;
  43. case 35:
  44. return;
  45. case 46:
  46. null != s[s.length - 2] ? (s[s.length - 3] = i.call(s[s.length - 3], s[s.length - 2], s[s.length - 1]),
  47. s.length -= 2) : (o = s[s.length - 3],
  48. s[s.length - 3] = o(s[s.length - 1]),
  49. s.length -= 2);
  50. break;
  51. case 49:
  52. null != s[s.length - 1] ? s[s.length - 2] = i.call(s[s.length - 2], s[s.length - 1]) : (o = s[s.length - 2],
  53. s[s.length - 2] = o()),
  54. s.length--;
  55. break;
  56. case 50:
  57. s.push(j);
  58. break;
  59. case 51:
  60. return s.pop();
  61. case 53:
  62. s.push(e);
  63. break;
  64. case 64:
  65. t = s[s.length - 1];
  66. break;
  67. case 79:
  68. s.pop();
  69. break;
  70. case 99:
  71. s[s.length - 2][r[c[u++]]] = s[s.length - 1],
  72. s[s.length - 2] = s[s.length - 1],
  73. s.length--
  74. }
  75. };
  76. var i = o(nm)
  77. , c = o(cm)
  78. , s = o(Rk)
  79. , u = o(zk)
  80. , l = o(xm)
  81. , h = o(Om)
  82. , f = vx
  83. , g = o(eA.exports)
  84. , p = o(rA.exports)
  85. , v = o(tA.exports)
  86. , d = o($S.exports)
  87. , b = o(yA)
  88. , y = S;
  89. !function (e, t) {
  90. for (var r = S, n = e(); ;)
  91. try {
  92. if (569306 === (0,
  93. i.default)(r(173)) / 1 + (0,
  94. i.default)(r(175)) / 2 * (-(0,
  95. i.default)(r(188)) / 3) + -(0,
  96. i.default)(r(179)) / 4 * (-(0,
  97. i.default)(r(177)) / 5) + (0,
  98. i.default)(r(174)) / 6 * ((0,
  99. i.default)(r(184)) / 7) + -(0,
  100. i.default)(r(186)) / 8 + -(0,
  101. i.default)(r(180)) / 9 * ((0,
  102. i.default)(r(183)) / 10) + -(0,
  103. i.default)(r(176)) / 11 * ((0,
  104. i.default)(r(181)) / 12))
  105. break;
  106. n.push(n.shift())
  107. } catch (e) {
  108. n.push(n.shift())
  109. }
  110. }(w);
  111. var k = y(185)
  112. , m = ["01", "02", "03", "04", "05", "06", "07", "08"];
  113. function w() {
  114. var e = ["mdaWmdaWmda", "ndK0nZLNr3vswMW", "mta0mZy5owvft0Lhzq", "mta0odjODNngCKO", "ndbvqvzcq1i", "ode3m2DqBxjfta", "mZG3ndyZmhjSvxfsEa", "Bwf4", "nhPZsurozW", "nJCXmJaYovbVwKfNvW", "nJi2nhzjqMnZsq", "sZnYt3fntdbrCsze", "mtbIu0Xbuhi", "mZK2mKrLBwH2zG", "puyPp243qf1prLG2mMjunq", "nJe5nZa3mNjJuK5xrq"];
  115. return (w = function () {
  116. return e
  117. }
  118. )()
  119. }
  120. function _(e) {
  121. var t = y
  122. , r = b.default.str(e);
  123. r >>>= 0;
  124. var n = t(187) + r.toString(16);
  125. return n.substr(n.length - 8)
  126. }
  127. function S(e, t) {
  128. var r = w();
  129. return S = function (t, n) {
  130. var a = r[t -= 173];
  131. if (void 0 === S.zUShtv) {
  132. S.CXUmZy = function (e) {
  133. for (var t, r, n = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=", a = "", o = "", i = 0, c = 0; r = e.charAt(c++); ~r && (t = i % 4 ? 64 * t + r : r,
  134. i++ % 4) ? a += String.fromCharCode(255 & t >> (-2 * i & 6)) : 0)
  135. r = (0,
  136. s.default)(n).call(n, r);
  137. for (var l = 0, h = a.length; l < h; l++) {
  138. var f;
  139. o += "%" + (0,
  140. u.default)(f = "00" + a.charCodeAt(l).toString(16)).call(f, -2)
  141. }
  142. return decodeURIComponent(o)
  143. }
  144. ,
  145. e = arguments,
  146. S.zUShtv = !0
  147. }
  148. var o = t + r[0].substring(0, 2)
  149. , i = e[o];
  150. return i ? a = i : (a = S.CXUmZy(a),
  151. e[o] = a),
  152. a
  153. }
  154. ,
  155. S(e, t)
  156. }
  157. function E(e) {
  158. return (0,
  159. h.default)(Array.prototype).call(e, (function (e) {
  160. var t;
  161. return (0,
  162. u.default)(t = "00" + (255 & e).toString(16)).call(t, -2)
  163. }
  164. )).join("")
  165. }
  166. function C(e) {
  167. var t = new Uint8Array(e.length);
  168. return (0,
  169. l.default)(Array.prototype).call(t, (function (t, r, n) {
  170. n[r] = e.charCodeAt(r)
  171. }
  172. )),
  173. E(t)
  174. }
  175. function O(e) {
  176. return E(T(e))
  177. }
  178. getLocalTK = genLocalTK
  179. }();

直接调用getLocalTK,入参则是上面的get_fingerprint指纹值

5、第五部分,Sign签名


第五部分的Sign签名其实算比较复杂的一部分了,多参数参与了加密,核心算法实现如下:
 

  1. !function () {
  2. function t(e) {
  3. for (var t = "", r = 0; r < e.length;) {
  4. var n = e.charCodeAt(r++);
  5. t += n > 63 ? String.fromCharCode(24 ^ n) : 35 == n ? e.charAt(r++) : String.fromCharCode(n)
  6. }
  7. return t
  8. }
  9. var r = ["", t("|}~ymtl"), t("kljqv#gq~a"), t("hyjk}"), t("lwZyk}64"), t("GGhyjk}Lws}v"), t("uyl{p"), t("FC123E(C`+EC123E)+"), t("khtql"), t("G|}~ymtlYt#gwjqlpu"), t("{ytt"), "log", t("G|}zm#g"), "", t("TW[YTGYT_WJQLPUGHJ]^Q@"), "+", "x", t("GGyt#gwjqlpu"), t("|}~ymtl"), t("{ytt"), t("|}~ymtl"), t("{ytt"), t("rwqv"), "&", t("lwKljqv#g"), "log", t("G|}zm#g"), "key", ":", t("nytm}"), "", t("|}~ymtl"), t("~wjuyl"), "07", t("GqkVwjuyt"), t("GG#g}vS}a"), t("Glws}v"), t("G~qv#g}jhjqvl"), t("GyhhQ|"), t("yt#gwk"), t("lwKljqv#g"), t("#g}vTw{ytLS"), t("G|}~ymtlLws}v"), t("GG#g}v#D}~ymtlS}a"), t("GG#g}vKq#gv"), t("{ytt"), t("rwqv"), ",", t("]VNQJWVU]VL"), t("GG#g}vKq#gvHyjyuk"), "log", t("G|}zm#g"), "key", t("kq#gvKlj"), t("Gkls"), t("Gkl}"), t("p5kl"), t("GwvKq#gv"), t("{w|}"), t("u}kky#g}"), t("Gn}jkqwv"), "v", t("GGRKGK][MJQLAGN]JKQWV"), t("kmzGn"), t("}`l}v|"), t("]jj[w|}k"), t("_]V]JYL]GKQ_VYLMJ]G^YQT]#D"), t("LWS]VG]UHLA"), "key", t("}vn[wtt}{l"), t("G~qv#g}jhjqvl"), "fp", t("Gzm{s}l"), t("|}~ymtl"), "log", t("G|}zm#g"), t("}v{jahl"), t("hyjk}"), "01", "02", "03", "04", "05", "06", "07", "08", t("rwqv"), "", "iv", t("}v{w|}"), t("{qhp}jl}`l"), t("|}~ymtl"), t("ojyh"), t("v}`l"), t("hj}n"), 0, 5, 10, 13, "end", t("|}~ymtl"), t("GG{p}{sHyjyuk"), t("yzjmhl"), t("j}lmjv"), t("GGj}im}kl#D}hk"), t("GG{wtt}{l"), t("GGuys}Kq#gv"), "log", t("G|}zm#g"), "ms", t("{yl{p"), "t0", t("GwvKq#gv"), t("]jj[w|}k"), t("MVPYV#DT]#DG]JJWJ"), t("{w|}"), t("u}kky#g}"), t("Gn}jkqwv"), "v", t("GGRKGK][MJQLAGN]JKQWV"), t("kmzGn"), t("}`l}v|"), t("klwh")]
  10. , n = Function.prototype.call
  11. ,
  12. o = [75, 1, 29, 51, 66, 29, 41, 0, 21, 29, 91, 68, 76, 397, 15, 79, 29, 41, 0, 3, 96, 40, 96, 4, 96, 56, 96, 90, 96, 53, 29, 16, 30, 1, 44, 2, 6, 30, 1, 44, 3, 88, 29, 85, 30, 4, 22, 75, 44, 5, 3, 76, 6038, 76, 6806, 96, 76, -12828, 96, 76, 4468, 76, -656, 96, 76, -3784, 96, 35, 15, 15, 15, 72, 29, 57, 44, 6, 37, 7, 15, 84, 29, 81, 77, 43, 81, 76, 8106, 76, 2295, 96, 76, -10401, 96, 9, 33, 29, 23, 44, 8, 41, 0, 15, 50, 29, 31, 9, 71, 29, 41, 0, 18, 29, 88, 29, 48, 30, 1, 22, 26, 15, 44, 10, 26, 32, 36, 29, 88, 29, 85, 30, 11, 22, 31, 12, 91, 68, 76, 413, 15, 62, 96, 91, 68, 76, 376, 15, 96, 57, 96, 91, 68, 76, 405, 15, 96, 87, 96, 36, 29, 87, 43, 98, 31, 32, 15, 41, 69, 96, 12, 43, 64, 85, 0, 48, 28, 1, 26, 69, 26, 90, 32, 62, 30, 5, 43, 47, 92, 80, 33, 2, 2, 6, 3, 22, 85, 0, 46, 26, 33, 87, 4, 30, 51, 7, 98, 26, 75, 32, 72, 23, 33, 87, 4, 30, 46, 7, 98, 75, 32, 72, 12, 33, 87, 4, 30, 51, 7, 98, 75, 32, 72, 1, 72, 38, 50, 32, 91, 28, 5, 83, 95, 2, 50, 85, 2, 2, 8, 85, 3, 2, 40, 96, 87, 6, 31, 69, 23, 74, 7495, 74, -6716, 26, 74, -779, 26, 59, 68, 3, 69, 65, 32, 53, 62, 47, 35, 25, 35, 93, 98, 0, 53, 34, 75, 50, 1, 34, 14, 72, 50, 2, 8, 3, 75, 95, 35, 25, 35, 96, 98, 0, 53, 85, 88, 72, 50, 4, 58, 98, 0, 75, 4, 35, 25, 35, 69, 98, 5, 53, 73, 6, 91, 2, 26, 399, 75, 85, 80, 91, 2, 26, 414, 75, 80, 28, 80, 72, 35, 28, 10, 52, 76, 7, 0, 61, 1, 65, 76, 7, 2, 65, 75, 16, 93, 98, 84, 92, 0, 37, 84, 19, 84, 22, 26, 1, 67, 4, 91, 84, 19, 84, 14, 26, 2, 67, 38, 18, 76, 63, 406, 65, 90, 11, 84, 35, 92, 3, 53, 83, 84, 74, 4, 16, 24, 42, 36, 5, 74, 6, 74, 7, 20, 74, 8, 74, 9, 17, 36, 10, 4, 95, 3, 92, 0, 37, 82, 26, 42, 19, 84, 29, 26, 11, 67, 74, 7, 65, 25, 12, 84, 42, 36, 13, 74, 12, 74, 7, 20, 74, 8, 88, 37, 84, 69, 5, 84, 57, 16, 136, 42, 36, 14, 57, 45, 90, 21, 84, 19, 84, 3, 26, 1, 67, 45, 65, 36, 15, 45, 8, 90, 36, 16, 92, 17, 65, 2, 84, 40, 26, 18, 12, 84, 42, 36, 19, 62, 38, 35, 34, 88, 41, 84, 19, 84, 59, 26, 20, 67, 74, 21, 18, 76, 63, 375, 65, 19, 84, 27, 26, 1, 67, 69, 57, 32, 22, 62, 32, 23, 33, 32, 24, 52, 32, 25, 54, 32, 26, 76, 63, 1119, 63, -3077, 53, 63, 1960, 53, 58, 53, 90, 84, 69, 33, 32, 24, 52, 32, 25, 54, 32, 26, 5, 84, 42, 36, 27, 69, 19, 32, 28, 18, 76, 63, 394, 65, 32, 29, 69, 74, 30, 32, 31, 40, 26, 32, 32, 33, 32, 34, 65, 84, 86, 39, 82, 76, 74, 6, 95, 3, 74, 12, 16, 34, 42, 36, 27, 69, 31, 26, 35, 26, 36, 32, 28, 18, 76, 63, 373, 65, 32, 29, 69, 74, 30, 32, 31, 40, 26, 32, 32, 33, 32, 34, 65, 82, 32, 42, 36, 27, 69, 31, 26, 35, 26, 37, 32, 28, 18, 76, 63, 381, 65, 32, 29, 69, 74, 30, 32, 31, 40, 26, 32, 32, 33, 32, 34, 65, 84, 86, 39, 1, 24, 61, 0, 40, 41, 41, 52, 8, 61, 8, 89, 92, 0, 44, 45, 5394, 45, 7249, 87, 45, -12642, 87, 15, 39, 8, 69, 27, 1, 95, 2, 8, 69, 11, 83, 45, 415, 15, 27, 3, 3, 8, 69, 11, 83, 45, 368, 15, 19, 11, 83, 45, 365, 15, 69, 11, 83, 45, 368, 15, 19, 11, 83, 45, 365, 15, 19, 45, 6472, 45, -4012, 87, 45, -2460, 87, 24, 40, 12, 45, 9932, 45, -4858, 87, 45, -5073, 87, 67, 51, 14, 69, 11, 83, 45, 368, 15, 19, 11, 83, 45, 365, 15, 19, 3, 8, 61, 8, 46, 92, 4, 44, 69, 83, 45, -8946, 45, 8447, 87, 45, 501, 87, 10, 36, 8, 61, 8, 16, 92, 5, 44, 27, 6, 11, 83, 45, 421, 15, 31, 87, 12, 8, 42, 92, 4, 20, 7, 31, 70, 92, 4, 20, 8, 11, 83, 45, 389, 15, 15, 74, 70, 92, 4, 20, 8, 50, 8, 61, 13, 9, 94, 84, 13, 10, 94, 45, 2, 13, 11, 94, 45, 3, 13, 12, 94, 45, 4, 13, 13, 94, 45, 5, 13, 14, 94, 45, 6, 13, 15, 94, 45, 7, 13, 16, 94, 20, 17, 13, 18, 15, 15, 33, 19, 10, 18, 8, 62, 92, 4, 20, 20, 79, 92, 21, 15, 5, 82, 46, 24, 58, 24, 35, 24, 65, 24, 23, 24, 72, 86, 0, 42, 1, 75, 13, 11, 21, 1, 87, 21, 2, 87, 89, 91, 89, 28, 10, 91, 91, 60, 15, 36, 76, 194, 75, 75, 23, 0, 17, 1, 35, 186, 5, 2, 12, 3, 58, 4, 122, 5, 181, 6, 181, 43, 19, 25, 75, 47, 17, 1, 25, 85, 25, 80, 23, 7, 61, 32, 97, 25, 44, 3, 8, 98, 94, 51, 25, 79, 21, 91, 77, 58, 9, 75, 2, 5, 17, 0, 25, 76, 137, 75, 3, 9, 68, 10, 98, 78, 88, 44, 3, 11, 32, 25, 44, 3, 12, 32, 29, 25, 44, 3, 13, 79, 12, 78, 28, 25, 75, 3, 9, 68, 10, 85, 25, 7, 23, 14, 61, 83, 15, 31, 21, 2, 374, 94, 85, 25, 80, 23, 7, 61, 32, 74, 34, 56, 68, 16, 56, 78, 25, 85, 25, 46, 23, 7, 61, 4, 98, 90, 70, 78, 88, 75, 2, 10, 17, 1, 25, 75, 75, 3, 17, 47, 94, 17, 18, 25, 75, 3, 9, 68, 10, 44, 3, 19, 4, 89, 23, 20, 23, 21, 99, 22, 31, 21, 2, 401, 94, 75, 23, 18, 56, 99, 23, 4, 83, 24, 99, 25, 63, 23, 26, 99, 27, 99, 28, 94, 25, 98, 78, 88, 75, 3, 29, 32, 88, 55, 66, -195, 30]
  13. , i = a.exports
  14. , l = Og.exports;
  15. var v = l(Rk)
  16. , d = l(zk)
  17. , b = l(nm)
  18. , y = l(cm)
  19. , m = l(xm)
  20. , w = l(Om)
  21. , O = Lx
  22. , R = l($S.exports)
  23. , z = l(eA.exports)
  24. , L = l(tA.exports)
  25. , I = l(rA.exports)
  26. , B = l(cA.exports)
  27. , N = l(R_.exports)
  28. , G = l(sA.exports)
  29. , F = l(uA.exports)
  30. , H = l(hA.exports)
  31. , W = l(fA.exports)
  32. , U = vx;
  33. function Z(e, t) {
  34. var r = V();
  35. return Z = function (t, n) {
  36. var a = r[t -= 339];
  37. if (void 0 === Z.kfjFYr) {
  38. Z.VsajSZ = function (e) {
  39. for (var t, r, n = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=", a = "", o = "", i = 0, c = 0; r = e.charAt(c++); ~r && (t = i % 4 ? 64 * t + r : r,
  40. i++ % 4) ? a += String.fromCharCode(255 & t >> (-2 * i & 6)) : 0)
  41. r = (0,
  42. v.default)(n).call(n, r);
  43. for (var s = 0, u = a.length; s < u; s++) {
  44. var l;
  45. o += "%" + (0,
  46. d.default)(l = "00" + a.charCodeAt(s).toString(16)).call(l, -2)
  47. }
  48. return decodeURIComponent(o)
  49. }
  50. ,
  51. e = arguments,
  52. Z.kfjFYr = !0
  53. }
  54. var o = t + r[0].substring(0, 2)
  55. , i = e[o];
  56. return i ? a = i : (a = Z.VsajSZ(a),
  57. e[o] = a),
  58. a
  59. }
  60. ,
  61. Z(e, t)
  62. }
  63. function V() {
  64. var e = ["x19Yzxf1zxn0rgvWCYb1C2uGy2fJAguGzNaSigzWoG", "x19JB2XSzwn0igvUDKnVBgXLy3q9", "x19Yzxf1zxn0qwXNB3jPDgHTt25Jzq", "x19Yzxf1zxn0qwXNB3jPDgHTihjLCxvLC3qGC3vJy2vZCYeSignOzwnRig1LBw9YEsbMCdO", "x19HBgDVCML0Ag0", "nJuYodqWB0nXwfPp", "x19Yzxf1zxn0rgvWCW", "x19Nzw5tAwDUugfYyw1Z", "CgfYyw1ZigLZig5VDcbHihbSywLUig9IAMvJDa", "x19Yzxf1zxn0rgvWCYbYzxf1zxn0ihrVA2vUigzHAwXLzcWGzxjYB3i6ia", "CMvXDwvZDcb0B2TLBIbMywLSzwqGA2v5oG", "ihrVA2vUoG", "ExL5Eu1nzgq", "Bg9HzcbYywmGANmGzMfPBce", "x19WyxjZzufSz29YAxrOBq", "x19Yzxf1zxn0qwXNB3jPDgHTigvUDKnVBgXLy3q9", "CgfYyw1ZigLZigvTChr5igfMDgvYigv4y2X1zgLUzYaIDw5ZywzLiIbWyxjHBxm", "x19JAgvJA1bHCMfTCW", "nc43", "Bg9JywXFA2v5xZm", "x19Yzxf1zxn0qwXNB3jPDgHTt25JzsbRzxK6", "lcbYzxrYEsbUzxH0ihrPBwuU", "x19Yzxf1zxn0rgvWCYbMCM9TignHy2HLlcbLBMqU", "lcbJAgvJAYbZDg9YywDLigzWoG", "C2v0DgLUz3mUyxbWswqGBxvZDcbIzsbHig5VBI1LBxb0EsbZDhjPBMC", "x19JB2XSzwn0", "C2LNBG", "CxvLCNLtzwXLy3rVCG", "yNuY", "BdfMBa", "lcbZDg9YywDLrNa6", "zxH0zw5K", "Ahr0Chm6lY9ZDg9YywDLlJm2mgj1EwLTzY5JB20VD2vIy29UDgfPBMvYl21HAw4VANmTC2vJDxjPDhKTDJmTCMfJlMPZp3y9", "BwfPBI5ZAwDUi19Fzgv0zwn0Aw5N", "DxnLig5VCM1HBfrVA2vU", "x19Yzxf1zxn0rgvWCYWGx19WyxjZzufSz29YAxrOBsbYzxn1Bhq6", "z2vUzxjHDguGA2v5igzHAwXLza", "C2LNBIbLBgfWC2vKihrPBwuH", "x19TywTLu2LNBIWGCMvZDwX0oG", "lgv4ChjLC3m9", "mtq0mtC3nKjKwLDQwG", "x19WyxjZzvrVA2vU", "x19Yzxf1zxn0rgvWCYbLBMqU", "z2v0vg9Rzw5F", "Dg9Rzw4GAxmGzw1WDhK", "mcfa", "CMv0DxjUia", "lcbHBgDVoG", "lcbFBg9HzgvKx2nHy2HLCZO", "CgfYyw1ZigLZigvTChr5", "x19Yzxf1zxn0qwXNB3jPDgHTigvUzc4", "y3jLyxrLigLUC3rHBMnLihDPDgGGyxbWswq9", "x002wt9KDMzondbwtuzBwa", "CgfYyw1ZignVBNrHAw5ZihjLC2vYDMvKihbHCMfTig5HBwuU", "DgvZDcbLCNi", "ntC5mdG5B0PlCuTl", "x19TywTLu2LNBG", "C3vJy2vZCW", "x19Yzxf1zxn0qwXNB3jPDgHTihn0yxj0lG", "CYnS", "odDUoceT", "nteZode4mNDTwKjxBq", "x19Nzw5tAwDUlcbWyxjHBxntDhi6", "lcbLpq", "Dw5RBM93BIbLCNjVCI4", "x19PBMLdB25MAwC", "nduXmtiWBhHjDKDU", "Bg9HzcbYywmGANmGC3vJy2vZCYe", "lgTLEt0", "ExL5Eu1nzgrOAg1TC3ntu1m", "mtGXnZm0nKrtDKPRwG", "x19Yzxf1zxn0rgvWCYbZDgfYDc4", "x19Nzw5tAwDU", "lcb0B2TLBJO", "lcbMCdO", "mZe0mdGYsuHeC3rs", "x19Nzw5ezwzHDwX0s2v5igLUChv0pq", "lcbZAwDUzwrtDhi6", "yNuX", "x19Nzw5ezwzHDwX0s2v5", "BwfPBI5ZAwDUi19FCMvXDwvZDerLChm", "x19Yzxf1zxn0qwXNB3jPDgHT", "x19Yzxf1zxn0rgvWCYb1C2uGBMv3igzWlcbMCdO"];
  65. return (V = function () {
  66. return e
  67. }
  68. )()
  69. }
  70. var X = Z;
  71. (function (e, t) {
  72. for (var r = Z, n = e(); ;)
  73. try {
  74. if (296934 === -(0,
  75. b.default)(r(392)) / 1 + -(0,
  76. b.default)(r(342)) / 2 + -(0,
  77. b.default)(r(412)) / 3 + (0,
  78. b.default)(r(377)) / 4 + -(0,
  79. b.default)(r(403)) / 5 + (0,
  80. b.default)(r(407)) / 6 + (0,
  81. b.default)(r(398)) / 7)
  82. break;
  83. n.push(n.shift())
  84. } catch (e) {
  85. console.log(e)
  86. n.push(n.shift())
  87. }
  88. }
  89. )(V);
  90. var __parseToken = function (e, t, r) {
  91. return e ? vk(e).call(e, t, r) : ""
  92. }
  93. , _defaultAlgorithm = {
  94. local_key_1: CryptoJS.MD5,
  95. local_key_2: CryptoJS.SHA256,
  96. local_key_3: CryptoJS.HmacSHA256
  97. }
  98. , algos = {
  99. MD5: CryptoJS.MD5,
  100. SHA256: CryptoJS.SHA256,
  101. SHA512: CryptoJS.SHA512,
  102. HmacSHA256: CryptoJS.HmacSHA256,
  103. HmacSHA512: CryptoJS.HmacSHA512,
  104. HmacMD5: CryptoJS.HmacMD5
  105. }
  106. , __algorithm = function (e, t, r) {
  107. var n = X
  108. , a = this._defaultAlgorithm[e];
  109. return e === 'local_key_3' ? a(t, r).toString(CryptoJS.enc.Hex) : a(t).toString(CryptoJS.enc.Hex)
  110. };
  111. var _this = {
  112. __parseToken: __parseToken,
  113. __algorithm: __algorithm,
  114. _defaultAlgorithm: _defaultAlgorithm,
  115. algos: algos
  116. };
  117. var genDefaultKey = function (e, t, a, i) {
  118. for (var c, s, u, l, h, f, g, p, d, b, y, k, w = n, _ = o, x = [], S = 0; ;)
  119. switch (_[S++]) {
  120. case 1:
  121. c = x[x.length - 1];
  122. break;
  123. case 3:
  124. x.push(e);
  125. break;
  126. case 4:
  127. x.push(a);
  128. break;
  129. case 6:
  130. x.push(R);
  131. break;
  132. case 9:
  133. x[x.length - 2] = x[x.length - 2][x[x.length - 1]],
  134. x.length--;
  135. break;
  136. case 15:
  137. null != x[x.length - 2] ? (x[x.length - 3] = w.call(x[x.length - 3], x[x.length - 2], x[x.length - 1]),
  138. x.length -= 2) : (k = x[x.length - 3],
  139. x[x.length - 3] = k(x[x.length - 1]),
  140. x.length -= 2);
  141. break;
  142. case 16:
  143. x.push(L);
  144. break;
  145. case 18:
  146. y = x[x.length - 1];
  147. break;
  148. case 21:
  149. u = x[x.length - 1];
  150. break;
  151. case 22:
  152. x.push(void 0);
  153. break;
  154. case 23:
  155. x.push(p);
  156. break;
  157. case 26:
  158. x.push(d);
  159. break;
  160. case 29:
  161. x.pop();
  162. break;
  163. case 30:
  164. x[x.length - 1] = x[x.length - 1][r[_[S++]]];
  165. break;
  166. case 31:
  167. x.push(_this[r[_[S++]]]);
  168. break;
  169. case 32:
  170. x.push((function (t) {
  171. var a, i, s, l, f = n, g = o, p = [], d = 162;
  172. e: for (; ;)
  173. switch (g[d++]) {
  174. case 2:
  175. p[p.length - 3][p[p.length - 2]] = p[p.length - 1],
  176. p.length -= 2;
  177. break;
  178. case 5:
  179. p[p.length - 2] = p[p.length - 2][p[p.length - 1]],
  180. p.length--;
  181. break;
  182. case 7:
  183. p.push(e);
  184. break;
  185. case 8:
  186. p.push(1);
  187. break;
  188. case 12:
  189. p[p.length - 1] = !p[p.length - 1];
  190. break;
  191. case 15:
  192. p.push(isNaN);
  193. break;
  194. case 23:
  195. p[p.length - 4] = f.call(p[p.length - 4], p[p.length - 3], p[p.length - 2], p[p.length - 1]),
  196. p.length -= 3;
  197. break;
  198. case 26:
  199. s = p.pop(),
  200. p[p.length - 1] += s;
  201. break;
  202. case 28:
  203. p[p.length - 1] = p[p.length - 1][r[13 + g[d++]]];
  204. break;
  205. case 30:
  206. p.push(i);
  207. break;
  208. case 31:
  209. p.push(a);
  210. break;
  211. case 32:
  212. p.pop();
  213. break;
  214. case 33:
  215. p.push(c);
  216. break;
  217. case 40:
  218. a = p[p.length - 1];
  219. break;
  220. case 41:
  221. p.push(null);
  222. break;
  223. case 43:
  224. p.pop() ? ++d : d += g[d];
  225. break;
  226. case 46:
  227. p.push(u);
  228. break;
  229. case 48:
  230. p.push(O);
  231. break;
  232. case 50:
  233. p.push(0);
  234. break;
  235. case 51:
  236. p.push(h);
  237. break;
  238. case 53:
  239. return;
  240. case 59:
  241. s = p.pop(),
  242. p[p.length - 1] = p[p.length - 1] >= s;
  243. break;
  244. case 62:
  245. p.push(b);
  246. break;
  247. case 65:
  248. y = p[p.length - 1];
  249. break;
  250. case 68:
  251. p[p.length - 1] ? (++d,
  252. --p.length) : d += g[d];
  253. break;
  254. case 69:
  255. p.push(t);
  256. break;
  257. case 72:
  258. d += g[d];
  259. break;
  260. case 74:
  261. p.push(g[d++]);
  262. break;
  263. case 75:
  264. u = p[p.length - 1];
  265. break;
  266. case 80:
  267. for (s = p.pop(),
  268. l = 0; l < g[d + 1]; ++l)
  269. if (s === r[13 + g[d + 2 * l + 2]]) {
  270. d += g[d + 2 * l + 3];
  271. continue e
  272. }
  273. d += g[d];
  274. break;
  275. case 83:
  276. p.push(void 0);
  277. break;
  278. case 85:
  279. p.push(r[13 + g[d++]]);
  280. break;
  281. case 87:
  282. p.push(p[p.length - 1]),
  283. p[p.length - 2] = p[p.length - 2][r[13 + g[d++]]];
  284. break;
  285. case 90:
  286. i = p[p.length - 1];
  287. break;
  288. case 91:
  289. p.push(v);
  290. break;
  291. case 92:
  292. p.push(y);
  293. break;
  294. case 95:
  295. p.push(new Array(g[d++]));
  296. break;
  297. case 96:
  298. null != p[p.length - 2] ? (p[p.length - 3] = f.call(p[p.length - 3], p[p.length - 2], p[p.length - 1]),
  299. p.length -= 2) : (s = p[p.length - 3],
  300. p[p.length - 3] = s(p[p.length - 1]),
  301. p.length -= 2);
  302. break;
  303. case 98:
  304. p[p.length - 5] = f.call(p[p.length - 5], p[p.length - 4], p[p.length - 3], p[p.length - 2], p[p.length - 1]),
  305. p.length -= 4
  306. }
  307. }
  308. ));
  309. break;
  310. case 33:
  311. p = x[x.length - 1];
  312. break;
  313. case 35:
  314. x[x.length - 5] = w.call(x[x.length - 5], x[x.length - 4], x[x.length - 3], x[x.length - 2], x[x.length - 1]),
  315. x.length -= 4;
  316. break;
  317. case 36:
  318. x[x.length - 4] = w.call(x[x.length - 4], x[x.length - 3], x[x.length - 2], x[x.length - 1]),
  319. x.length -= 3;
  320. break;
  321. case 37:
  322. x.push(new RegExp(r[_[S++]]));
  323. break;
  324. case 40:
  325. x.push(t);
  326. break;
  327. case 41:
  328. x.push(r[_[S++]]);
  329. break;
  330. case 43:
  331. return x.pop();
  332. case 44:
  333. x.push(x[x.length - 1]),
  334. x[x.length - 2] = x[x.length - 2][r[_[S++]]];
  335. break;
  336. case 48:
  337. x.push(m);
  338. break;
  339. case 50:
  340. d = x[x.length - 1];
  341. break;
  342. case 51:
  343. x.push(X);
  344. break;
  345. case 53:
  346. h = x[x.length - 1];
  347. break;
  348. case 56:
  349. x.push(i);
  350. break;
  351. case 57:
  352. x.push(f);
  353. break;
  354. case 62:
  355. x.push(h);
  356. break;
  357. case 66:
  358. s = x[x.length - 1];
  359. break;
  360. case 68:
  361. x.push(null);
  362. break;
  363. case 71:
  364. b = x[x.length - 1];
  365. break;
  366. case 72:
  367. f = x[x.length - 1];
  368. break;
  369. case 75:
  370. x.push(_this);
  371. break;
  372. case 76:
  373. x.push(_[S++]);
  374. break;
  375. case 77:
  376. x.pop() ? ++S : S += _[S];
  377. break;
  378. case 79:
  379. l = x[x.length - 1];
  380. break;
  381. case 81:
  382. x.push(g);
  383. break;
  384. case 84:
  385. g = x[x.length - 1];
  386. break;
  387. case 85:
  388. x.push(U);
  389. break;
  390. case 87:
  391. x.push(u);
  392. break;
  393. case 88:
  394. x.push(0);
  395. break;
  396. case 90:
  397. x.push(l);
  398. break;
  399. case 91:
  400. x.push(s);
  401. break;
  402. case 96:
  403. k = x.pop(),
  404. x[x.length - 1] += k;
  405. break;
  406. case 98:
  407. return
  408. }
  409. };
  410. var genSign = function (e, t) {
  411. for (var a, i, c, s, u = n, l = o, h = [], f = 272; ;)
  412. switch (l[f++]) {
  413. case 2:
  414. h.push(null);
  415. break;
  416. case 4:
  417. c = h[h.length - 1];
  418. break;
  419. case 8:
  420. h.push(r[20 + l[f++]]);
  421. break;
  422. case 10:
  423. return h.pop();
  424. case 14:
  425. h.push((function (e) {
  426. for (var t, n = o, a = [], i = 340; ;)
  427. switch (n[i++]) {
  428. case 7:
  429. a[a.length - 1] = a[a.length - 1][r[27 + n[i++]]];
  430. break;
  431. case 16:
  432. return;
  433. case 61:
  434. a.push(r[27 + n[i++]]);
  435. break;
  436. case 65:
  437. t = a.pop(),
  438. a[a.length - 1] += t;
  439. break;
  440. case 75:
  441. return a.pop();
  442. case 76:
  443. a.push(e)
  444. }
  445. }
  446. ));
  447. break;
  448. case 25:
  449. h.push(0);
  450. break;
  451. case 26:
  452. h.push(l[f++]);
  453. break;
  454. case 28:
  455. h.push(c);
  456. break;
  457. case 34:
  458. h.push(t);
  459. break;
  460. case 35:
  461. h.pop();
  462. break;
  463. case 47:
  464. a = h[h.length - 1];
  465. break;
  466. case 50:
  467. h.push(h[h.length - 1]),
  468. h[h.length - 2] = h[h.length - 2][r[20 + l[f++]]];
  469. break;
  470. case 52:
  471. return;
  472. case 53:
  473. h.push(void 0);
  474. break;
  475. case 58:
  476. h.push(z);
  477. break;
  478. case 62:
  479. h.push(X);
  480. break;
  481. case 69:
  482. h.push(U);
  483. break;
  484. case 72:
  485. h[h.length - 4] = u.call(h[h.length - 4], h[h.length - 3], h[h.length - 2], h[h.length - 1]),
  486. h.length -= 3;
  487. break;
  488. case 73:
  489. h.push(_this[r[20 + l[f++]]]);
  490. break;
  491. case 75:
  492. null != h[h.length - 2] ? (h[h.length - 3] = u.call(h[h.length - 3], h[h.length - 2], h[h.length - 1]),
  493. h.length -= 2) : (s = h[h.length - 3],
  494. h[h.length - 3] = s(h[h.length - 1]),
  495. h.length -= 2);
  496. break;
  497. case 80:
  498. s = h.pop(),
  499. h[h.length - 1] += s;
  500. break;
  501. case 85:
  502. h.push(i);
  503. break;
  504. case 88:
  505. h.push(e);
  506. break;
  507. case 91:
  508. h.push(a);
  509. break;
  510. case 93:
  511. h.push(w);
  512. break;
  513. case 95:
  514. i = h[h.length - 1];
  515. break;
  516. case 96:
  517. h.push(G);
  518. break;
  519. case 98:
  520. h[h.length - 1] = h[h.length - 1][r[20 + l[f++]]]
  521. }
  522. };

先调用genDefaultKey,入参是四个,分别是上面得到的Token、FP、APPID、时间戳+07拿到值,再调用签名函数getSign,入参数则是genDefaultKey的值加params,如下所示:

  1. params = {
  2. "functionId": "mzhprice_getCustomRealPriceInfoForColor",
  3. "appid": "search-pc-java",
  4. "client": "pc",
  5. "clientVersion": "1.0.0",
  6. "t": str(int(time.time() * 1000)),
  7. "body": '{"skuPriceInfoRequestList":[{"skuId":"10105124153052"},{"skuId":"10102973236034"},{"skuId":"10060158269227"},{"skuId":"10085438117915"},{"skuId":"100023408281"},{"skuId":"10034095072591"},{"skuId":"10099066159774"},{"skuId":"10102882832111"},{"skuId":"10081102086006"},{"skuId":"10102882779610"},{"skuId":"10105124220789"},{"skuId":"10102882813512"},{"skuId":"10102882813511"},{"skuId":"10105124218483"},{"skuId":"100114410144"},{"skuId":"10093665009265"},{"skuId":"10039552855611"},{"skuId":"10036842860178"},{"skuId":"11677624998"},{"skuId":"26616715173"}],"area":"19_1659_37260_37346","source":"search_pc","fields":"11101100111001"}',
  8. }

注意!其中body需要经过SHA256加密,实现算法如下所示:
 

  1. function GEN_SHA256(s) {
  2. var chrsz = 8;
  3. var hexcase = 0;
  4. function safe_add(x, y) {
  5. var lsw = (x & 0xFFFF) + (y & 0xFFFF);
  6. var msw = (x >> 16) + (y >> 16) + (lsw >> 16);
  7. return (msw << 16) | (lsw & 0xFFFF)
  8. }
  9. function S(X, n) {
  10. return (X >>> n) | (X << (32 - n))
  11. }
  12. function R(X, n) {
  13. return (X >>> n)
  14. }
  15. function Ch(x, y, z) {
  16. return ((x & y) ^ ((~x) & z))
  17. }
  18. function Maj(x, y, z) {
  19. return ((x & y) ^ (x & z) ^ (y & z))
  20. }
  21. function Sigma0256(x) {
  22. return (S(x, 2) ^ S(x, 13) ^ S(x, 22))
  23. }
  24. function Sigma1256(x) {
  25. return (S(x, 6) ^ S(x, 11) ^ S(x, 25))
  26. }
  27. function Gamma0256(x) {
  28. return (S(x, 7) ^ S(x, 18) ^ R(x, 3))
  29. }
  30. function Gamma1256(x) {
  31. return (S(x, 17) ^ S(x, 19) ^ R(x, 10))
  32. }
  33. function core_sha256(m, l) {
  34. var K = new Array(0x428A2F98, 0x71374491, 0xB5C0FBCF, 0xE9B5DBA5, 0x3956C25B, 0x59F111F1, 0x923F82A4, 0xAB1C5ED5, 0xD807AA98, 0x12835B01, 0x243185BE, 0x550C7DC3, 0x72BE5D74, 0x80DEB1FE, 0x9BDC06A7, 0xC19BF174, 0xE49B69C1, 0xEFBE4786, 0xFC19DC6, 0x240CA1CC, 0x2DE92C6F, 0x4A7484AA, 0x5CB0A9DC, 0x76F988DA, 0x983E5152, 0xA831C66D, 0xB00327C8, 0xBF597FC7, 0xC6E00BF3, 0xD5A79147, 0x6CA6351, 0x14292967, 0x27B70A85, 0x2E1B2138, 0x4D2C6DFC, 0x53380D13, 0x650A7354, 0x766A0ABB, 0x81C2C92E, 0x92722C85, 0xA2BFE8A1, 0xA81A664B, 0xC24B8B70, 0xC76C51A3, 0xD192E819, 0xD6990624, 0xF40E3585, 0x106AA070, 0x19A4C116, 0x1E376C08, 0x2748774C, 0x34B0BCB5, 0x391C0CB3, 0x4ED8AA4A, 0x5B9CCA4F, 0x682E6FF3, 0x748F82EE, 0x78A5636F, 0x84C87814, 0x8CC70208, 0x90BEFFFA, 0xA4506CEB, 0xBEF9A3F7, 0xC67178F2);
  35. var HASH = new Array(0x6A09E667, 0xBB67AE85, 0x3C6EF372, 0xA54FF53A, 0x510E527F, 0x9B05688C, 0x1F83D9AB, 0x5BE0CD19);
  36. var W = new Array(64);
  37. var a, b, c, d, e, f, g, h, i, j;
  38. var T1, T2;
  39. m[l >> 5] |= 0x80 << (24 - l % 32);
  40. m[((l + 64 >> 9) << 4) + 15] = l;
  41. for (var i = 0; i < m.length; i += 16) {
  42. a = HASH[0];
  43. b = HASH[1];
  44. c = HASH[2];
  45. d = HASH[3];
  46. e = HASH[4];
  47. f = HASH[5];
  48. g = HASH[6];
  49. h = HASH[7];
  50. for (var j = 0; j < 64; j++) {
  51. if (j < 16)
  52. W[j] = m[j + i];
  53. else
  54. W[j] = safe_add(safe_add(safe_add(Gamma1256(W[j - 2]), W[j - 7]), Gamma0256(W[j - 15])), W[j - 16]);
  55. T1 = safe_add(safe_add(safe_add(safe_add(h, Sigma1256(e)), Ch(e, f, g)), K[j]), W[j]);
  56. T2 = safe_add(Sigma0256(a), Maj(a, b, c));
  57. h = g;
  58. g = f;
  59. f = e;
  60. e = safe_add(d, T1);
  61. d = c;
  62. c = b;
  63. b = a;
  64. a = safe_add(T1, T2)
  65. }
  66. HASH[0] = safe_add(a, HASH[0]);
  67. HASH[1] = safe_add(b, HASH[1]);
  68. HASH[2] = safe_add(c, HASH[2]);
  69. HASH[3] = safe_add(d, HASH[3]);
  70. HASH[4] = safe_add(e, HASH[4]);
  71. HASH[5] = safe_add(f, HASH[5]);
  72. HASH[6] = safe_add(g, HASH[6]);
  73. HASH[7] = safe_add(h, HASH[7])
  74. }
  75. return HASH
  76. }
  77. function str2binb(str) {
  78. var bin = Array();
  79. var mask = (1 << chrsz) - 1;
  80. for (var i = 0; i < str.length * chrsz; i += chrsz) {
  81. bin[i >> 5] |= (str.charCodeAt(i / chrsz) & mask) << (24 - i % 32)
  82. }
  83. return bin
  84. }
  85. function Utf8Encode(string) {
  86. string = string.replace(/\r\n/g, "\n");
  87. var utftext = "";
  88. for (var n = 0; n < string.length; n++) {
  89. var c = string.charCodeAt(n);
  90. if (c < 128) {
  91. utftext += String.fromCharCode(c)
  92. } else if ((c > 127) && (c < 2048)) {
  93. utftext += String.fromCharCode((c >> 6) | 192);
  94. utftext += String.fromCharCode((c & 63) | 128)
  95. } else {
  96. utftext += String.fromCharCode((c >> 12) | 224);
  97. utftext += String.fromCharCode(((c >> 6) & 63) | 128);
  98. utftext += String.fromCharCode((c & 63) | 128)
  99. }
  100. }
  101. return utftext
  102. }
  103. function binb2hex(binarray) {
  104. var hex_tab = hexcase ? "0123456789ABCDEF" : "0123456789abcdef";
  105. var str = "";
  106. for (var i = 0; i < binarray.length * 4; i++) {
  107. str += hex_tab.charAt((binarray[i >> 2] >> ((3 - i % 4) * 8 + 4)) & 0xF) + hex_tab.charAt((binarray[i >> 2] >> ((3 - i % 4) * 8)) & 0xF)
  108. }
  109. return str
  110. }
  111. s = Utf8Encode(s);
  112. return binb2hex(core_sha256(str2binb(s), s.length * chrsz))
  113. };

调用GEN_SHA256把body参数拿出来丢进去最后toString一下

6、第六部分,版本号

7、第七部分,时间戳

接下来的六、七部分当然也就不需要给出思路了,一个版本号一个时间戳,大家自行生成即可!!!

8、第八部分,AES 上面参数经过AES加密生成


实现算法如下所示:

  1. function _aesEncrypt(data) {
  2. var i = CryptoJS.AES.encrypt(
  3. data,
  4. CryptoJS.enc.Utf8.parse('_M6Y?dvfN40VMF[X'), // 密钥
  5. {
  6. iv: CryptoJS.enc.Utf8.parse(["01", "02", "03", "04", "05", "06", "07", "08"].join(""))
  7. }
  8. );
  9. return CryptoJS.enc.Base64.encode(i.ciphertext)
  10. }

data是什么?是ENV构造的环境参数,包括版本号、指纹、设备信息的参数。

最后,我们来测试一下校验一下这JS的算法效果,如下所示:

图1(nodejs测试源码环境)


当前纯算法稳定!无任何601,当然算法不对就是601,也不全是!比如价格接口它是有TLS指纹校验的,请求的时候用三方模块处理一下即可!不然的话也会出现601。

技术支持:

UVHvvJozOTg0ODg3MuW+ruS/oe+8mmJ5YzYzNTLmiJZtZXRhYnljZueUteaKpe+8mmJ5YzAx (base64解码)

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/weixin_40725706/article/detail/717305
推荐阅读
相关标签
  

闽ICP备14008679号