最新webqq密码的加密方式分析过程(老),这个虽然不是最新的,但是分析过程值得参考。
2015最新WebQQ3.0协议解析与实现(二),这个是较新的,讲密码加密的。
下面是2015-9-11 webqq官网mq_comm.js的加密函数:
function getEncryption(password, salt, vcode, isMd5) {
vcode = vcode || "";
password = password || "";
var md5Pwd = isMd5 ? password : md5(password), // MD5加密
h1 = hexchar2bin(md5Pwd), // 十六进制字符转换成二进制
s2 = md5(h1 + salt),
rsaH1 = $pt.RSA.rsa_encrypt(h1), // RSA加密
rsaH1Len = (rsaH1.length / 2).toString(16),
hexVcode = TEA.strToBytes(vcode.toUpperCase(), true),
vcodeLen = Number(hexVcode.length / 2).toString(16);
while (vcodeLen.length < 4) {
vcodeLen = "0" + vcodeLen
}
while (rsaH1Len.length < 4) {
rsaH1Len = "0" + rsaH1Len
}
TEA.initkey(s2); // TEA加密
var saltPwd = TEA.enAsBase64(rsaH1Len + rsaH1 + TEA.strToBytes(salt) + vcodeLen + hexVcode);
TEA.initkey("");
setTimeout(function () {
__monitor(488358, 1)
}, 0);
return saltPwd.replace(/[\/\+=]/g, function (a) {
return { "/": "-", "+": "*", "=": "_" }[a]
})
}