链接1:http://i.qq.com/
我们一般是通过这个访问QQ空间之后,浏览器拿到返回的页面之后又会自动根据页面的链接访问其他资源,实际编程时不用写这步,除非你想模拟浏览器
链接2:http://xui.ptlogin2.qq.com/cgi-bin/xlogin?proxy_url=http%3A//qzs.qq.com/qzone/v6/portal/proxy.html&daid=5&pt_qzone_sig=1&hide_title_bar=1&low_login=0&qlogin_auto_login=1&no_verifyimg=1&link_target=blank&appid=549000912&style=22&target=self&s_url=http%3A%2F%2Fqzs.qq.com%2Fqzone%2Fv5%2Floginsucc.html%3Fpara%3Dizone&pt_qr_app=%E6%89%8B%E6%9C%BAQQ%E7%A9%BA%E9%97%B4&pt_qr_link=http%3A//z.qzone.com/download.html&self_regurl=http%3A//qzs.qq.com/qzone/v6/reg/index.html&pt_qr_help_link=http%3A//z.qzone.com/download.html
这个是http://i.qq.com/返回页面包含的,这个链接能帮我们获取到一些cookies信息,比如:pt_login_sig pt_clientip pt_serverip pt_local_token uikey等等,看上去比较重要的是pt_login_sig,后面有链接要用到它,不过就算这个值重复了服务器也能正常访问
关系:链接3的login_sig=链接2cookie的pt_login_sig
链接3:http://check.ptlogin2.qq.com/check?regmaster=&pt_tea=1&pt_vcode=1&uin=[QQ号码]&appid=549000912&js_ver=10132&js_type=1&login_sig=Jb8qYYR6XWBExI*sJL*jj20hiQ72ZFMg06OIKOHDVoaoJxi0Cl90-lYtEtEgHMHb&u1=http%3A%2F%2Fqzs.qq.com%2Fqzone%2Fv5%2Floginsucc.html%3Fpara%3Dizone&r=0.8120620810567006
这个是当你在登录窗口输入完用户名之后,ajax自动校验的链接,服务器返回的是下面这样一个字符串
ptui_checkVC('0','!HIE','\x00\x00\x00\x00\x3a\x6d\x15\xdc','6720543da1e5adc5b0aab8b3932b2ec4ef8c38a32bbd9ad59d35f1074a7256be8f7fce48e0ca1642d5d2a3502d8a1c1049e285c81e1af7b3','0');checkVC的第一个参数为0时的关系:链接4的verifycode=checkVC的第二个参数,链接4的pt_verifysession_v1=链接3cookie的ptvfsession,链接4的p=加密后的密码
链接4:http://ptlogin2.qq.com/login?u=[QQ号码]&verifycode=!CED&pt_vcode_v1=0&pt_verifysession_v1=8fe5343710afe3cbf7b62f4ee56e747251f23edddf0c681087c169738022caded5e33d5621468c7c81ce236cb0e76aaf4a7b8d8499bbb44d&p=jG1LpyBWFAsL9w-199hdIHuvpllpsBufclV9ZECJXkZcmrHlBKlh12WXQvzxSGxQMGkBndMzikwrEgqPJtUEurShStmzGYNKLKTNHP92snWXipoDUUg-G3VSeiw-nryQvE6Mr0khGUqbD2W2FcyMWPihe8MBmFoQpOSsSJWe7Br30kwS8co*WjgDh0aM1xAKGMfpG*QRxEXJ2Cj6L-Tb5Q__&pt_randsalt=0&u1=http%3A%2F%2Fqzs.qq.com%2Fqzone%2Fv5%2Floginsucc.html%3Fpara%3Dizone&ptredirect=0&h=1&t=1&g=1&from_ui=1&ptlang=2052&action=5-15-1441425206927&js_ver=10132&js_type=1&login_sig=Ro4T6*1opNh*GcOfSYi5iKaDT0uB5F-S7KM3rEn-DzkZI1uewRtX*xjfqFRnKbkU&pt_uistyle=32&aid=549000912&daid=5&pt_qzone_sig=1
重要的就是分析这个加密后的密码了,下文主要用来分析这个。
切换到登录按钮,右键-->使用Firebug查看元素
然后可以看到它在HTML中的位置,然后我们点击右边的事件,可以看到它对应一个js脚本中的click函数
先右键复制函数,然后再右键在脚本中查看
复制下来的函数是这样的:
(function (e){e&&e.preventDefault();if(pt.plogin.needShowNewVc==true){pt.plogin.showVC()}else{pt.plogin.submit(e)}})搜索到的结果
$.e.add(domBtn, 'click', function (e) {
e && e.preventDefault();
if (pt.plogin.needShowNewVc == true) {
pt.plogin.showVC()
} else {
pt.plogin.submit(e)
}
});找到如下内容,注意var b = pt.plogin.getSubmitUrl('login');这个就调用了getSubmitUrl函数执行后面加密操作
submit: function (a) {
if (pt.plogin.cntCheckTimeout >= 2) {
pt.plogin.show_err(pt.plogin.checkErr[pt.ptui.lang]);
pt.plogin.needVc = false;
pt.plogin.needShowNewVc = false;
return
}
pt.plogin.submitTime = new Date().getTime();
a && a.preventDefault();
if (pt.plogin.lastCheckAccount != pt.plogin.account && !pt.plogin.hasCheck) {
pt.plogin.check(arguments.callee);
return
}
if (!pt.plogin.ptui_onLogin(document.loginform)) {
return false
} else {
$.cookie.set('ptui_loginuin', escape(document.loginform.u.value), pt.ptui.domain, '/', 24 * 30)
}
if (pt.plogin.checkRet == - 1 || pt.plogin.checkRet == 3) {
pt.plogin.show_err(pt.plogin.checkErr[pt.ptui.lang]);
pt.plogin.lastCheckAccount = '';
pt.plogin.domFocus($('p'));
pt.plogin.check();
return
}
clearTimeout(pt.plogin.loginClock);
pt.plogin.loginClock = setTimeout('pt.plogin.loginTimeout();', 5000);
var b = pt.plogin.getSubmitUrl('login');
$.winName.set('login_href', encodeURIComponent(pt.ptui.href));
pt.plogin.showLoading();
if (pt.plogin.isVCSessionTimeOut() && !pt.plogin.needVc) {
pt.plogin.lastCheckAccount = '';
pt.plogin.check();
window.setTimeout(function () {
pt.plogin.submit()
}, 1000)
} else {
$.http.loadScript(b);
pt.plogin.isdTime['7808-7-2-0'] = new Date().getTime()
}
return false
},下面我们找getSubmitUrl这个函数
getSubmitUrl: function (b) {
var a = pt.plogin.loginUrl + b + '?';
var f = {
};
if (b == 'pt_susp_repush') {
return a += 'appid=' + pt.ptui.appid + '&daid=' + pt.ptui.daid
}
if (b == 'login') {
f.u = encodeURIComponent(pt.plogin.at_account);
f.verifycode = $('verifycode').value;
if (pt.plogin.needShowNewVc) {
f.pt_vcode_v1 = 1
} else {
f.pt_vcode_v1 = 0
}
f.pt_verifysession_v1 = pt.plogin.pt_verifysession || $.cookie.get('verifysession');
var d = $('p').value;
if (pt.plogin.armSafeEdit.isSafe) {
d = pt.plogin.armSafeEdit.safepwd
}
f.p = $.Encryption.getEncryption(d, pt.plogin.salt, f.verifycode, pt.plogin.armSafeEdit.isSafe);
f.pt_randsalt = pt.plogin.isRandSalt || 0
}
if (b == 'login') {
f.u1 = encodeURIComponent(pt.qlogin.getSurl($('u').value))
} else {
f.u1 = encodeURIComponent(pt.qlogin.getSurl())
}
f.ptredirect = pt.ptui.target;
f.h = 1;
f.t = 1;
f.g = 1;
f.from_ui = 1;
f.ptlang = pt.ptui.lang;
f.action = pt.plogin.action.join('-') + '-' + (new Date() - 0);
f.js_ver = pt.ptui.ptui_version;
f.js_type = pt.plogin.js_type;
f.login_sig = pt.ptui.login_sig;
f.pt_uistyle = pt.ptui.style;
if (pt.ptui.low_login == 1 && pt.plogin.low_login_enable && !pt.plogin.isMailLogin) {
f.low_login_enable = 1;
f.low_login_hour = pt.plogin.low_login_hour
}
if (pt.ptui.csimc != '0') {
f.csimc = pt.ptui.csimc;
f.csnum = pt.ptui.csnum;
f.authid = pt.ptui.authid
}
f.aid = pt.ptui.appid;
if (pt.ptui.daid) {
f.daid = pt.ptui.daid
}
if (pt.ptui.pt_3rd_aid != '0') {
f.pt_3rd_aid = pt.ptui.pt_3rd_aid
}
if (pt.ptui.regmaster) {
f.regmaster = pt.ptui.regmaster
}
if (pt.ptui.mibao_css) {
f.mibao_css = pt.ptui.mibao_css
}
if (pt.ptui.pt_qzone_sig == '1') {
f.pt_qzone_sig = 1
}
if (pt.ptui.pt_light == '1') {
f.pt_light = 1
}
for (var c in f) {
a += (c + '=' + f[c] + '&')
}
return a
},其中代码中比较重要的是f.p = $.Encryption.getEncryption(d, pt.plogin.salt, f.verifycode, pt.plogin.armSafeEdit.isSafe);
最后一个参数pt.plogin.armSafeEdit.isSafe不是很重要,这个参数用来判断你安全控件装没装,没装的话密码传原来的值,装了的话密码传md5值
下面找getEncryption这个函数
function getEncryption(password, salt, vcode, isMd5) {
vcode = vcode || '';
password = password || '';
var md5Pwd = isMd5 ? password : md5(password),
h1 = hexchar2bin(md5Pwd),
s2 = md5(h1 + salt),
rsaH1 = $pt.RSA.rsa_encrypt(h1),
rsaH1Len = (rsaH1.length / 2).toString(16),
hexVcode = TEA.strToBytes(vcode.toUpperCase(), true),
vcodeLen = Number(hexVcode.length / 2).toString(16);
while (vcodeLen.length < 4) {
vcodeLen = '0' + vcodeLen
}
while (rsaH1Len.length < 4) {
rsaH1Len = '0' + rsaH1Len
}
TEA.initkey(s2);
var saltPwd = TEA.enAsBase64(rsaH1Len + rsaH1 + TEA.strToBytes(salt) + vcodeLen + hexVcode);
TEA.initkey('');
setTimeout(function () {
__monitor(488358, 1)
}, 0);
return saltPwd.replace(/[\/\+=]/g, function (a) {
return {
'/': '-',
'+': '*',
'=': '_'
}
[
a
]
})
}回顾getEncryption(password, salt, vcode, isMd5)的四个参数
getEncryption(d, pt.plogin.salt, f.verifycode, pt.plogin.armSafeEdit.isSafe)
password = d d是原始密码值(如果安装了安全控件则是密码的md5值)
salt = pt.plogin.salt 用户名产生的随机盐 用户名执行uin2hex函数得到
vcode = f.verifycode 直接从cookies中拿即可,验证码
isMd5 = pt.plogin.armSafeEdit.isSafe true表示安全控件加载成功 false表示失败
事实上安全控件的作用就是对密码进行md5加密,getEncryption代码中通过pt.plogin.armSafeEdit.isSafe判断是否加密过
后面的基本估计大家都能自己分析了,新的加密方法增加了RSA加密,主要是下面这句代码
rsaH1 = $pt.RSA.rsa_encrypt(h1)$.RSA = $pt.RSA = function () {
function h(z, t) {
return new au(z, t)
}
function aj(aC, aD) {
var t = '';
var z = 0;
while (z + aD < aC.length) {
t += aC.substring(z, z + aD) + '\n';
z += aD
}
return t + aC.substring(z, aC.length)
}
function u(t) {
if (t < 16) {
return '0' + t.toString(16)
} else {
return t.toString(16)
}
}
function ah(aD, aG) {
if (aG < aD.length + 11) {
uv_alert('Message too long for RSA');
return null
}
var aF = new Array();
var aC = aD.length - 1;
while (aC >= 0 && aG > 0) {
var aE = aD.charCodeAt(aC--);
aF[--aG] = aE
}
aF[--aG] = 0;
var z = new af();
var t = new Array();
while (aG > 2) {
t[0] = 0;
while (t[0] == 0) {
z.nextBytes(t)
}
aF[--aG] = t[0]
}
aF[--aG] = 2;
aF[--aG] = 0;
return new au(aF)
}
function N() {
this.n = null;
this.e = 0;
this.d = null;
this.p = null;
this.q = null;
this.dmp1 = null;
this.dmq1 = null;
this.coeff = null
}
function q(z, t) {
if (z != null && t != null && z.length > 0 && t.length > 0) {
this.n = h(z, 16);
this.e = parseInt(t, 16)
} else {
uv_alert('Invalid RSA public key')
}
}
function Y(t) {
return t.modPowInt(this.e, this.n)
}
function r(aC) {
var t = ah(aC, (this.n.bitLength() + 7) >> 3);
if (t == null) {
return null
}
var aD = this.doPublic(t);
if (aD == null) {
return null
}
var z = aD.toString(16);
if ((z.length & 1) == 0) {
return z
} else {
return '0' + z
}
}
N.prototype.doPublic = Y;
N.prototype.setPublic = q;
N.prototype.encrypt = r;
var ay;
var ak = 244837814094590;
var ab = ((ak & 16777215) == 15715070);
function au(z, t, aC) {
if (z != null) {
if ('number' == typeof z) {
this.fromNumber(z, t, aC)
} else {
if (t == null && 'string' != typeof z) {
this.fromString(z, 256)
} else {
this.fromString(z, t)
}
}
}
}
function j() {
return new au(null)
}
function b(aE, t, z, aD, aG, aF) {
while (--aF >= 0) {
var aC = t * this[aE++] + z[aD] + aG;
aG = Math.floor(aC / 67108864);
z[aD++] = aC & 67108863
}
return aG
}
function aA(aE, aJ, aK, aD, aH, t) {
var aG = aJ & 32767,
aI = aJ >> 15;
while (--t >= 0) {
var aC = this[aE] & 32767;
var aF = this[aE++] >> 15;
var z = aI * aC + aF * aG;
aC = aG * aC + ((z & 32767) << 15) + aK[aD] + (aH & 1073741823);
aH = (aC >>> 30) + (z >>> 15) + aI * aF + (aH >>> 30);
aK[aD++] = aC & 1073741823
}
return aH
}
function az(aE, aJ, aK, aD, aH, t) {
var aG = aJ & 16383,
aI = aJ >> 14;
while (--t >= 0) {
var aC = this[aE] & 16383;
var aF = this[aE++] >> 14;
var z = aI * aC + aF * aG;
aC = aG * aC + ((z & 16383) << 14) + aK[aD] + aH;
aH = (aC >> 28) + (z >> 14) + aI * aF;
aK[aD++] = aC & 268435455
}
return aH
}
if (ab && (navigator.appName == 'Microsoft Internet Explorer')) {
au.prototype.am = aA;
ay = 30
} else {
if (ab && (navigator.appName != 'Netscape')) {
au.prototype.am = b;
ay = 26
} else {
au.prototype.am = az;
ay = 28
}
}
au.prototype.DB = ay;
au.prototype.DM = ((1 << ay) - 1);
au.prototype.DV = (1 << ay);
var ac = 52;
au.prototype.FV = Math.pow(2, ac);
au.prototype.F1 = ac - ay;
au.prototype.F2 = 2 * ay - ac;
var ag = '0123456789abcdefghijklmnopqrstuvwxyz';
var ai = new Array();
var ar,
x;
ar = '0'.charCodeAt(0);
for (x = 0; x <= 9; ++x) {
ai[ar++] = x
}
ar = 'a'.charCodeAt(0);
for (x = 10; x < 36; ++x) {
ai[ar++] = x
}
ar = 'A'.charCodeAt(0);
for (x = 10; x < 36; ++x) {
ai[ar++] = x
}
function aB(t) {
return ag.charAt(t)
}
function C(z, t) {
var aC = ai[z.charCodeAt(t)];
return (aC == null) ? - 1 : aC
}
function aa(z) {
for (var t = this.t - 1; t >= 0; --t) {
z[t] = this[t]
}
z.t = this.t;
z.s = this.s
}
function p(t) {
this.t = 1;
this.s = (t < 0) ? - 1 : 0;
if (t > 0) {
this[0] = t
} else {
if (t < - 1) {
this[0] = t + DV
} else {
this.t = 0
}
}
}
function c(t) {
var z = j();
z.fromInt(t);
return z
}
function y(aG, z) {
var aD;
if (z == 16) {
aD = 4
} else {
if (z == 8) {
aD = 3
} else {
if (z == 256) {
aD = 8
} else {
if (z == 2) {
aD = 1
} else {
if (z == 32) {
aD = 5
} else {
if (z == 4) {
aD = 2
} else {
this.fromRadix(aG, z);
return
}
}
}
}
}
}
this.t = 0;
this.s = 0;
var aF = aG.length,
aC = false,
aE = 0;
while (--aF >= 0) {
var t = (aD == 8) ? aG[aF] & 255 : C(aG, aF);
if (t < 0) {
if (aG.charAt(aF) == '-') {
aC = true
}
continue
}
aC = false;
if (aE == 0) {
this[this.t++] = t
} else {
if (aE + aD > this.DB) {
this[this.t - 1] |= (t & ((1 << (this.DB - aE)) - 1)) << aE;
this[this.t++] = (t >> (this.DB - aE))
} else {
this[this.t - 1] |= t << aE
}
}
aE += aD;
if (aE >= this.DB) {
aE -= this.DB
}
}
if (aD == 8 && (aG[0] & 128) != 0) {
this.s = - 1;
if (aE > 0) {
this[this.t - 1] |= ((1 << (this.DB - aE)) - 1) << aE
}
}
this.clamp();
if (aC) {
au.ZERO.subTo(this, this)
}
}
function Q() {
var t = this.s & this.DM;
while (this.t > 0 && this[this.t - 1] == t) {
--this.t
}
}
function s(z) {
if (this.s < 0) {
return '-' + this.negate().toString(z)
}
var aC;
if (z == 16) {
aC = 4
} else {
if (z == 8) {
aC = 3
} else {
if (z == 2) {
aC = 1
} else {
if (z == 32) {
aC = 5
} else {
if (z == 4) {
aC = 2
} else {
return this.toRadix(z)
}
}
}
}
}
var aE = (1 << aC) - 1,
aH,
t = false,
aF = '',
aD = this.t;
var aG = this.DB - (aD * this.DB) % aC;
if (aD-- > 0) {
if (aG < this.DB && (aH = this[aD] >> aG) > 0) {
t = true;
aF = aB(aH)
}
while (aD >= 0) {
if (aG < aC) {
aH = (this[aD] & ((1 << aG) - 1)) << (aC - aG);
aH |= this[--aD] >> (aG += this.DB - aC)
} else {
aH = (this[aD] >> (aG -= aC)) & aE;
if (aG <= 0) {
aG += this.DB;
--aD
}
}
if (aH > 0) {
t = true
}
if (t) {
aF += aB(aH)
}
}
}
return t ? aF : '0'
}
function T() {
var t = j();
au.ZERO.subTo(this, t);
return t
}
function an() {
return (this.s < 0) ? this.negate() : this
}
function I(t) {
var aC = this.s - t.s;
if (aC != 0) {
return aC
}
var z = this.t;
aC = z - t.t;
if (aC != 0) {
return aC
}
while (--z >= 0) {
if ((aC = this[z] - t[z]) != 0) {
return aC
}
}
return 0
}
function l(z) {
var aD = 1,
aC;
if ((aC = z >>> 16) != 0) {
z = aC;
aD += 16
}
if ((aC = z >> 8) != 0) {
z = aC;
aD += 8
}
if ((aC = z >> 4) != 0) {
z = aC;
aD += 4
}
if ((aC = z >> 2) != 0) {
z = aC;
aD += 2
}
if ((aC = z >> 1) != 0) {
z = aC;
aD += 1
}
return aD
}
function w() {
if (this.t <= 0) {
return 0
}
return this.DB * (this.t - 1) + l(this[this.t - 1] ^ (this.s & this.DM))
}
function at(aC, z) {
var t;
for (t = this.t - 1; t >= 0; --t) {
z[t + aC] = this[t]
}
for (t = aC - 1; t >= 0; --t) {
z[t] = 0
}
z.t = this.t + aC;
z.s = this.s
}
function Z(aC, z) {
for (var t = aC; t < this.t; ++t) {
z[t - aC] = this[t]
}
z.t = Math.max(this.t - aC, 0);
z.s = this.s
}
function v(aH, aD) {
var z = aH % this.DB;
var t = this.DB - z;
var aF = (1 << t) - 1;
var aE = Math.floor(aH / this.DB),
aG = (this.s << z) & this.DM,
aC;
for (aC = this.t - 1; aC >= 0; --aC) {
aD[aC + aE + 1] = (this[aC] >> t) | aG;
aG = (this[aC] & aF) << z
}
for (aC = aE - 1; aC >= 0; --aC) {
aD[aC] = 0
}
aD[aE] = aG;
aD.t = this.t + aE + 1;
aD.s = this.s;
aD.clamp()
}
function n(aG, aD) {
aD.s = this.s;
var aE = Math.floor(aG / this.DB);
if (aE >= this.t) {
aD.t = 0;
return
}
var z = aG % this.DB;
var t = this.DB - z;
var aF = (1 << z) - 1;
aD[0] = this[aE] >> z;
for (var aC = aE + 1; aC < this.t; ++aC) {
aD[aC - aE - 1] |= (this[aC] & aF) << t;
aD[aC - aE] = this[aC] >> z
}
if (z > 0) {
aD[this.t - aE - 1] |= (this.s & aF) << t
}
aD.t = this.t - aE;
aD.clamp()
}
function ad(z, aD) {
var aC = 0,
aE = 0,
t = Math.min(z.t, this.t);
while (aC < t) {
aE += this[aC] - z[aC];
aD[aC++] = aE & this.DM;
aE >>= this.DB
}
if (z.t < this.t) {
aE -= z.s;
while (aC < this.t) {
aE += this[aC];
aD[aC++] = aE & this.DM;
aE >>= this.DB
}
aE += this.s
} else {
aE += this.s;
while (aC < z.t) {
aE -= z[aC];
aD[aC++] = aE & this.DM;
aE >>= this.DB
}
aE -= z.s
}
aD.s = (aE < 0) ? - 1 : 0;
if (aE < - 1) {
aD[aC++] = this.DV + aE
} else {
if (aE > 0) {
aD[aC++] = aE
}
}
aD.t = aC;
aD.clamp()
}
function F(z, aD) {
var t = this.abs(),
aE = z.abs();
var aC = t.t;
aD.t = aC + aE.t;
while (--aC >= 0) {
aD[aC] = 0
}
for (aC = 0; aC < aE.t; ++aC) {
aD[aC + t.t] = t.am(0, aE[aC], aD, aC, 0, t.t)
}
aD.s = 0;
aD.clamp();
if (this.s != z.s) {
au.ZERO.subTo(aD, aD)
}
}
function S(aC) {
var t = this.abs();
var z = aC.t = 2 * t.t;
while (--z >= 0) {
aC[z] = 0
}
for (z = 0; z < t.t - 1; ++z) {
var aD = t.am(z, t[z], aC, 2 * z, 0, 1);
if ((aC[z + t.t] += t.am(z + 1, 2 * t[z], aC, 2 * z + 1, aD, t.t - z - 1)) >= t.DV) {
aC[z + t.t] -= t.DV;
aC[z + t.t + 1] = 1
}
}
if (aC.t > 0) {
aC[aC.t - 1] += t.am(z, t[z], aC, 2 * z, 0, 1)
}
aC.s = 0;
aC.clamp()
}
function G(aK, aH, aG) {
var aQ = aK.abs();
if (aQ.t <= 0) {
return
}
var aI = this.abs();
if (aI.t < aQ.t) {
if (aH != null) {
aH.fromInt(0)
}
if (aG != null) {
this.copyTo(aG)
}
return
}
if (aG == null) {
aG = j()
}
var aE = j(),
z = this.s,
aJ = aK.s;
var aP = this.DB - l(aQ[aQ.t - 1]);
if (aP > 0) {
aQ.lShiftTo(aP, aE);
aI.lShiftTo(aP, aG)
} else {
aQ.copyTo(aE);
aI.copyTo(aG)
}
var aM = aE.t;
var aC = aE[aM - 1];
if (aC == 0) {
return
}
var aL = aC * (1 << this.F1) + ((aM > 1) ? aE[aM - 2] >> this.F2 : 0);
var aT = this.FV / aL,
aS = (1 << this.F1) / aL,
aR = 1 << this.F2;
var aO = aG.t,
aN = aO - aM,
aF = (aH == null) ? j() : aH;
aE.dlShiftTo(aN, aF);
if (aG.compareTo(aF) >= 0) {
aG[aG.t++] = 1;
aG.subTo(aF, aG)
}
au.ONE.dlShiftTo(aM, aF);
aF.subTo(aE, aE);
while (aE.t < aM) {
aE[aE.t++] = 0
}
while (--aN >= 0) {
var aD = (aG[--aO] == aC) ? this.DM : Math.floor(aG[aO] * aT + (aG[aO - 1] + aR) * aS);
if ((aG[aO] += aE.am(0, aD, aG, aN, 0, aM)) < aD) {
aE.dlShiftTo(aN, aF);
aG.subTo(aF, aG);
while (aG[aO] < --aD) {
aG.subTo(aF, aG)
}
}
}
if (aH != null) {
aG.drShiftTo(aM, aH);
if (z != aJ) {
au.ZERO.subTo(aH, aH)
}
}
aG.t = aM;
aG.clamp();
if (aP > 0) {
aG.rShiftTo(aP, aG)
}
if (z < 0) {
au.ZERO.subTo(aG, aG)
}
}
function P(t) {
var z = j();
this.abs().divRemTo(t, null, z);
if (this.s < 0 && z.compareTo(au.ZERO) > 0) {
t.subTo(z, z)
}
return z
}
function M(t) {
this.m = t
}
function X(t) {
if (t.s < 0 || t.compareTo(this.m) >= 0) {
return t.mod(this.m)
} else {
return t
}
}
function am(t) {
return t
}
function L(t) {
t.divRemTo(this.m, null, t)
}
function J(t, aC, z) {
t.multiplyTo(aC, z);
this.reduce(z)
}
function aw(t, z) {
t.squareTo(z);
this.reduce(z)
}
M.prototype.convert = X;
M.prototype.revert = am;
M.prototype.reduce = L;
M.prototype.mulTo = J;
M.prototype.sqrTo = aw;
function D() {
if (this.t < 1) {
return 0
}
var t = this[0];
if ((t & 1) == 0) {
return 0
}
var z = t & 3;
z = (z * (2 - (t & 15) * z)) & 15;
z = (z * (2 - (t & 255) * z)) & 255;
z = (z * (2 - (((t & 65535) * z) & 65535))) & 65535;
z = (z * (2 - t * z % this.DV)) % this.DV;
return (z > 0) ? this.DV - z : - z
}
function g(t) {
this.m = t;
this.mp = t.invDigit();
this.mpl = this.mp & 32767;
this.mph = this.mp >> 15;
this.um = (1 << (t.DB - 15)) - 1;
this.mt2 = 2 * t.t
}
function al(t) {
var z = j();
t.abs().dlShiftTo(this.m.t, z);
z.divRemTo(this.m, null, z);
if (t.s < 0 && z.compareTo(au.ZERO) > 0) {
this.m.subTo(z, z)
}
return z
}
function av(t) {
var z = j();
t.copyTo(z);
this.reduce(z);
return z
}
function R(t) {
while (t.t <= this.mt2) {
t[t.t++] = 0
}
for (var aC = 0; aC < this.m.t; ++aC) {
var z = t[aC] & 32767;
var aD = (z * this.mpl + (((z * this.mph + (t[aC] >> 15) * this.mpl) & this.um) << 15)) & t.DM;
z = aC + this.m.t;
t[z] += this.m.am(0, aD, t, aC, 0, this.m.t);
while (t[z] >= t.DV) {
t[z] -= t.DV;
t[++z]++
}
}
t.clamp();
t.drShiftTo(this.m.t, t);
if (t.compareTo(this.m) >= 0) {
t.subTo(this.m, t)
}
}
function ao(t, z) {
t.squareTo(z);
this.reduce(z)
}
function B(t, aC, z) {
t.multiplyTo(aC, z);
this.reduce(z)
}
g.prototype.convert = al;
g.prototype.revert = av;
g.prototype.reduce = R;
g.prototype.mulTo = B;
g.prototype.sqrTo = ao;
function k() {
return ((this.t > 0) ? (this[0] & 1) : this.s) == 0
}
function A(aH, aI) {
if (aH > 4294967295 || aH < 1) {
return au.ONE
}
var aG = j(),
aC = j(),
aF = aI.convert(this),
aE = l(aH) - 1;
aF.copyTo(aG);
while (--aE >= 0) {
aI.sqrTo(aG, aC);
if ((aH & (1 << aE)) > 0) {
aI.mulTo(aC, aF, aG)
} else {
var aD = aG;
aG = aC;
aC = aD
}
}
return aI.revert(aG)
}
function ap(aC, t) {
var aD;
if (aC < 256 || t.isEven()) {
aD = new M(t)
} else {
aD = new g(t)
}
return this.exp(aC, aD)
}
au.prototype.copyTo = aa;
au.prototype.fromInt = p;
au.prototype.fromString = y;
au.prototype.clamp = Q;
au.prototype.dlShiftTo = at;
au.prototype.drShiftTo = Z;
au.prototype.lShiftTo = v;
au.prototype.rShiftTo = n;
au.prototype.subTo = ad;
au.prototype.multiplyTo = F;
au.prototype.squareTo = S;
au.prototype.divRemTo = G;
au.prototype.invDigit = D;
au.prototype.isEven = k;
au.prototype.exp = A;
au.prototype.toString = s;
au.prototype.negate = T;
au.prototype.abs = an;
au.prototype.compareTo = I;
au.prototype.bitLength = w;
au.prototype.mod = P;
au.prototype.modPowInt = ap;
au.ZERO = c(0);
au.ONE = c(1);
var o;
var W;
var ae;
function d(t) {
W[ae++] ^= t & 255;
W[ae++] ^= (t >> 8) & 255;
W[ae++] ^= (t >> 16) & 255;
W[ae++] ^= (t >> 24) & 255;
if (ae >= O) {
ae -= O
}
}
function V() {
d(new Date().getTime())
}
if (W == null) {
W = new Array();
ae = 0;
var K;
if (navigator.appName == 'Netscape' && navigator.appVersion < '5' && window.crypto && window.crypto.random) {
var H = window.crypto.random(32);
for (K = 0; K < H.length; ++K) {
W[ae++] = H.charCodeAt(K) & 255
}
}
while (ae < O) {
K = Math.floor(65536 * Math.random());
W[ae++] = K >>> 8;
W[ae++] = K & 255
}
ae = 0;
V()
}
function E() {
if (o == null) {
V();
o = aq();
o.init(W);
for (ae = 0; ae < W.length; ++ae) {
W[ae] = 0
}
ae = 0
}
return o.next()
}
function ax(z) {
var t;
for (t = 0; t < z.length; ++t) {
z[t] = E()
}
}
function af() {
}
af.prototype.nextBytes = ax;
function m() {
this.i = 0;
this.j = 0;
this.S = new Array()
}
function f(aE) {
var aD,
z,
aC;
for (aD = 0; aD < 256; ++aD) {
this.S[aD] = aD
}
z = 0;
for (aD = 0; aD < 256; ++aD) {
z = (z + this.S[aD] + aE[aD % aE.length]) & 255;
aC = this.S[aD];
this.S[aD] = this.S[z];
this.S[z] = aC
}
this.i = 0;
this.j = 0
}
function a() {
var z;
this.i = (this.i + 1) & 255;
this.j = (this.j + this.S[this.i]) & 255;
z = this.S[this.i];
this.S[this.i] = this.S[this.j];
this.S[this.j] = z;
return this.S[(z + this.S[this.i]) & 255]
}
m.prototype.init = f;
m.prototype.next = a;
function aq() {
return new m()
}
var O = 256;
function U(aD, aC, z) {
aC = 'F20CE00BAE5361F8FA3AE9CEFA495362FF7DA1BA628F64A347F0A8C012BF0B254A30CD92ABFFE7A6EE0DC424CB6166F8819EFA5BCCB20EDFB4AD02E412CCF579B1CA711D55B8B0B3AEB60153D5E0693A2A86F3167D7847A0CB8B00004716A9095D9BADC977CBB804DBDCBA6029A9710869A453F27DFDDF83C016D928B3CBF4C7';
z = '3';
var t = new N();
t.setPublic(aC, z);
return t.encrypt(aD)
}
return {
rsa_encrypt: U
}
}();以前js代码中就有的QQ的TEA函数
(function (t) {
var u = '',
a = 0,
h = [
],
z = [
],
A = 0,
w = 0,
o = [
],
v = [
],
p = true;
function f() {
return Math.round(Math.random() * 4294967295)
}
function k(E, F, B) {
if (!B || B > 4) {
B = 4
}
var C = 0;
for (var D = F; D < F + B; D++) {
C <<= 8;
C |= E[D]
}
return (C & 4294967295) >>> 0
}
function b(C, D, B) {
C[D + 3] = (B >> 0) & 255;
C[D + 2] = (B >> 8) & 255;
C[D + 1] = (B >> 16) & 255;
C[D + 0] = (B >> 24) & 255
}
function y(E) {
if (!E) {
return ''
}
var B = '';
for (var C = 0; C < E.length; C++) {
var D = Number(E[C]).toString(16);
if (D.length == 1) {
D = '0' + D
}
B += D
}
return B
}
function x(C) {
var D = '';
for (var B = 0; B < C.length; B += 2) {
D += String.fromCharCode(parseInt(C.substr(B, 2), 16))
}
return D
}
function c(E, B) {
if (!E) {
return ''
}
if (B) {
E = m(E)
}
var D = [
];
for (var C = 0; C < E.length; C++) {
D[C] = E.charCodeAt(C)
}
return y(D)
}
function m(E) {
var D,
F,
C = [
],
B = E.length;
for (D = 0; D < B; D++) {
F = E.charCodeAt(D);
if (F > 0 && F <= 127) {
C.push(E.charAt(D))
} else {
if (F >= 128 && F <= 2047) {
C.push(String.fromCharCode(192 | ((F >> 6) & 31)), String.fromCharCode(128 | (F & 63)))
} else {
if (F >= 2048 && F <= 65535) {
C.push(String.fromCharCode(224 | ((F >> 12) & 15)), String.fromCharCode(128 | ((F >> 6) & 63)), String.fromCharCode(128 | (F & 63)))
}
}
}
}
return C.join('')
}
function j(D) {
h = new Array(8);
z = new Array(8);
A = w = 0;
p = true;
a = 0;
var B = D.length;
var E = 0;
a = (B + 10) % 8;
if (a != 0) {
a = 8 - a
}
o = new Array(B + a + 10);
h[0] = ((f() & 248) | a) & 255;
for (var C = 1; C <= a; C++) {
h[C] = f() & 255
}
a++;
for (var C = 0; C < 8; C++) {
z[C] = 0
}
E = 1;
while (E <= 2) {
if (a < 8) {
h[a++] = f() & 255;
E++
}
if (a == 8) {
r()
}
}
var C = 0;
while (B > 0) {
if (a < 8) {
h[a++] = D[C++];
B--
}
if (a == 8) {
r()
}
}
E = 1;
while (E <= 7) {
if (a < 8) {
h[a++] = 0;
E++
}
if (a == 8) {
r()
}
}
return o
}
function s(F) {
var E = 0;
var C = new Array(8);
var B = F.length;
v = F;
if (B % 8 != 0 || B < 16) {
return null
}
z = n(F);
a = z[0] & 7;
E = B - a - 10;
if (E < 0) {
return null
}
for (var D = 0; D < C.length; D++) {
C[D] = 0
}
o = new Array(E);
w = 0;
A = 8;
a++;
var G = 1;
while (G <= 2) {
if (a < 8) {
a++;
G++
}
if (a == 8) {
C = F;
if (!g()) {
return null
}
}
}
var D = 0;
while (E != 0) {
if (a < 8) {
o[D] = (C[w + a] ^ z[a]) & 255;
D++;
E--;
a++
}
if (a == 8) {
C = F;
w = A - 8;
if (!g()) {
return null
}
}
}
for (G = 1; G < 8; G++) {
if (a < 8) {
if ((C[w + a] ^ z[a]) != 0) {
return null
}
a++
}
if (a == 8) {
C = F;
w = A;
if (!g()) {
return null
}
}
}
return o
}
function r() {
for (var B = 0; B < 8; B++) {
if (p) {
h[B] ^= z[B]
} else {
h[B] ^= o[w + B]
}
}
var C = l(h);
for (var B = 0; B < 8; B++) {
o[A + B] = C[B] ^ z[B];
z[B] = h[B]
}
w = A;
A += 8;
a = 0;
p = false
}
function l(B) {
var C = 16;
var H = k(B, 0, 4);
var G = k(B, 4, 4);
var J = k(u, 0, 4);
var I = k(u, 4, 4);
var F = k(u, 8, 4);
var E = k(u, 12, 4);
var D = 0;
var K = 2654435769 >>> 0;
while (C-- > 0) {
D += K;
D = (D & 4294967295) >>> 0;
H += ((G << 4) + J) ^ (G + D) ^ ((G >>> 5) + I);
H = (H & 4294967295) >>> 0;
G += ((H << 4) + F) ^ (H + D) ^ ((H >>> 5) + E);
G = (G & 4294967295) >>> 0
}
var L = new Array(8);
b(L, 0, H);
b(L, 4, G);
return L
}
function n(B) {
var C = 16;
var H = k(B, 0, 4);
var G = k(B, 4, 4);
var J = k(u, 0, 4);
var I = k(u, 4, 4);
var F = k(u, 8, 4);
var E = k(u, 12, 4);
var D = 3816266640 >>> 0;
var K = 2654435769 >>> 0;
while (C-- > 0) {
G -= ((H << 4) + F) ^ (H + D) ^ ((H >>> 5) + E);
G = (G & 4294967295) >>> 0;
H -= ((G << 4) + J) ^ (G + D) ^ ((G >>> 5) + I);
H = (H & 4294967295) >>> 0;
D -= K;
D = (D & 4294967295) >>> 0
}
var L = new Array(8);
b(L, 0, H);
b(L, 4, G);
return L
}
function g() {
var B = v.length;
for (var C = 0; C < 8; C++) {
z[C] ^= v[A + C]
}
z = n(z);
A += 8;
a = 0;
return true
}
function q(F, E) {
var D = [
];
if (E) {
for (var C = 0; C < F.length; C++) {
D[C] = F.charCodeAt(C) & 255
}
} else {
var B = 0;
for (var C = 0; C < F.length; C += 2) {
D[B++] = parseInt(F.substr(C, 2), 16)
}
}
return D
}
t.TEA = {
encrypt: function (E, D) {
var C = q(E, D);
var B = j(C);
return y(B)
},
enAsBase64: function (G, F) {
var E = q(G, F);
var D = j(E);
var B = '';
for (var C = 0; C < D.length; C++) {
B += String.fromCharCode(D[C])
}
return btoa(B)
},
decrypt: function (D) {
var C = q(D, false);
var B = s(C);
return y(B)
},
initkey: function (B, C) {
u = q(B, C)
},
bytesToStr: x,
strToBytes: c,
bytesInStr: y,
dataFromStr: q
};
var d = {
};
d.PADCHAR = '=';
d.ALPHA = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/';
d.getbyte = function (D, C) {
var B = D.charCodeAt(C);
if (B > 255) {
throw 'INVALID_CHARACTER_ERR: DOM Exception 5'
}
return B
};
d.encode = function (F) {
if (arguments.length != 1) {
throw 'SyntaxError: Not enough arguments'
}
var C = d.PADCHAR;
var H = d.ALPHA;
var G = d.getbyte;
var E,
I;
var B = [
];
F = '' + F;
var D = F.length - F.length % 3;
if (F.length == 0) {
return F
}
for (E = 0; E < D; E += 3) {
I = (G(F, E) << 16) | (G(F, E + 1) << 8) | G(F, E + 2);
B.push(H.charAt(I >> 18));
B.push(H.charAt((I >> 12) & 63));
B.push(H.charAt((I >> 6) & 63));
B.push(H.charAt(I & 63))
}
switch (F.length - D) {
case 1:
I = G(F, E) << 16;
B.push(H.charAt(I >> 18) + H.charAt((I >> 12) & 63) + C + C);
break;
case 2:
I = (G(F, E) << 16) | (G(F, E + 1) << 8);
B.push(H.charAt(I >> 18) + H.charAt((I >> 12) & 63) + H.charAt((I >> 6) & 63) + C);
break
}
return B.join('')
};
if (!window.btoa) {
window.btoa = d.encode
}
})(window);暂时就分析到这里
或许这个链接能够帮大家理解:http://www.jianshu.com/p/4217d8f3574b
原始JS:点这里
4556
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
