Issues in WXBizDataCrypt.js (master) - Issues in master - garyvv/node-sharp - Measure and Improve Code Quality continuously with Scrutinizer

Issues (124)

app/util/wechat/WXBizDataCrypt.js (1 issue)

Labels

Bug 1

Severity

Major 1

var crypto = require('crypto')

function WXBizDataCrypt(appId, sessionKey) {
  this.appId = appId
  this.sessionKey = sessionKey
}

WXBizDataCrypt.prototype.decryptData = function (encryptedData, iv) {
  // base64 decode
  var sessionKey = new Buffer(this.sessionKey, 'base64')

  encryptedData = new Buffer(encryptedData, 'base64')
  iv = new Buffer(iv, 'base64')

  try {
    // 解密
    var decipher = crypto.createDecipheriv('aes-128-cbc', sessionKey, iv)
    // 设置自动 padding 为 true，删除填充补位
    decipher.setAutoPadding(true)
    var decoded = decipher.update(encryptedData, 'binary', 'utf8')
    decoded += decipher.final('utf8')

    decoded = JSON.parse(decoded)

  } catch (err) {
    throw new Error('Illegal Buffer')
  }

  if (decoded.watermark.appid !== this.appId) {
    throw new Error('Illegal Buffer')
  }

  return decoded
}

module.exports = WXBizDataCrypt


1			var crypto = require('crypto')
2
3			function WXBizDataCrypt(appId, sessionKey) {
4			this.appId = appId
5			this.sessionKey = sessionKey
6			}
7
8			WXBizDataCrypt.prototype.decryptData = function (encryptedData, iv) {
9			// base64 decode
10			var sessionKey = new Buffer(this.sessionKey, 'base64')
			0 ignored issues – show Bug introduced 2018-06-25 02:35 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `Buffer` seems to be never declared. If this is a global, consider adding a `/** global: Buffer */` comment. This checks looks for references to variables that have not been declared. This is most likey a typographical error or a variable has been renamed. To learn more about declaring variables in Javascript, see the MDN. Loading history...
11			encryptedData = new Buffer(encryptedData, 'base64')
12			iv = new Buffer(iv, 'base64')
13
14			try {
15			// 解密
16			var decipher = crypto.createDecipheriv('aes-128-cbc', sessionKey, iv)
17			// 设置自动 padding 为 true，删除填充补位
18			decipher.setAutoPadding(true)
19			var decoded = decipher.update(encryptedData, 'binary', 'utf8')
20			decoded += decipher.final('utf8')
21
22			decoded = JSON.parse(decoded)
23
24			} catch (err) {
25			throw new Error('Illegal Buffer')
26			}
27
28			if (decoded.watermark.appid !== this.appId) {
29			throw new Error('Illegal Buffer')
30			}
31
32			return decoded
33			}
34
35			module.exports = WXBizDataCrypt
36

garyvv / node-sharp

Issues (124)

app/util/wechat/WXBizDataCrypt.js (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like