fix: allow wechat message aes key trailing bits
This commit is contained in:
kdletters
@@ -7,7 +7,12 @@ use axum::{
|
|||||||
http::{HeaderMap, HeaderValue, StatusCode, header::CONTENT_TYPE},
|
http::{HeaderMap, HeaderValue, StatusCode, header::CONTENT_TYPE},
|
||||||
response::{IntoResponse, Response},
|
response::{IntoResponse, Response},
|
||||||
};
|
};
|
||||||
use base64::{Engine as _, engine::general_purpose::STANDARD as BASE64_STANDARD};
|
use base64::{
|
||||||
|
Engine as _, alphabet,
|
||||||
|
engine::general_purpose::{
|
||||||
|
GeneralPurpose, GeneralPurposeConfig, STANDARD as BASE64_STANDARD,
|
||||||
|
},
|
||||||
|
};
|
||||||
use bytes::Bytes;
|
use bytes::Bytes;
|
||||||
use cbc::cipher::{BlockDecryptMut, KeyIvInit, block_padding::NoPadding};
|
use cbc::cipher::{BlockDecryptMut, KeyIvInit, block_padding::NoPadding};
|
||||||
use ring::{
|
use ring::{
|
||||||
@@ -53,6 +58,10 @@ const WECHAT_MINIPROGRAM_MESSAGE_ENCODING_AES_KEY_BYTES: usize = 43;
|
|||||||
const WECHAT_MINIPROGRAM_MESSAGE_AES_KEY_BYTES: usize = 32;
|
const WECHAT_MINIPROGRAM_MESSAGE_AES_KEY_BYTES: usize = 32;
|
||||||
const WECHAT_MINIPROGRAM_MESSAGE_RANDOM_BYTES: usize = 16;
|
const WECHAT_MINIPROGRAM_MESSAGE_RANDOM_BYTES: usize = 16;
|
||||||
const WECHAT_MINIPROGRAM_MESSAGE_LENGTH_BYTES: usize = 4;
|
const WECHAT_MINIPROGRAM_MESSAGE_LENGTH_BYTES: usize = 4;
|
||||||
|
const WECHAT_MINIPROGRAM_MESSAGE_AES_KEY_BASE64: GeneralPurpose = GeneralPurpose::new(
|
||||||
|
&alphabet::STANDARD,
|
||||||
|
GeneralPurposeConfig::new().with_decode_allow_trailing_bits(true),
|
||||||
|
);
|
||||||
|
|
||||||
#[derive(Clone, Debug)]
|
#[derive(Clone, Debug)]
|
||||||
pub enum WechatPayClient {
|
pub enum WechatPayClient {
|
||||||
@@ -1193,7 +1202,7 @@ fn decode_wechat_message_push_encoding_aes_key(
|
|||||||
)));
|
)));
|
||||||
}
|
}
|
||||||
let padded_key = format!("{encoding_aes_key}=");
|
let padded_key = format!("{encoding_aes_key}=");
|
||||||
let key = BASE64_STANDARD
|
let key = WECHAT_MINIPROGRAM_MESSAGE_AES_KEY_BASE64
|
||||||
.decode(padded_key.as_bytes())
|
.decode(padded_key.as_bytes())
|
||||||
.map_err(|error| {
|
.map_err(|error| {
|
||||||
WechatPayError::InvalidConfig(format!(
|
WechatPayError::InvalidConfig(format!(
|
||||||
@@ -2176,6 +2185,18 @@ mod tests {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn decode_wechat_message_push_encoding_aes_key_allows_trailing_bits() {
|
||||||
|
let canonical_key = BASE64_STANDARD.encode([0u8; 32]);
|
||||||
|
let mut encoding_aes_key = canonical_key.trim_end_matches('=').to_string();
|
||||||
|
encoding_aes_key.replace_range(encoding_aes_key.len() - 1.., "B");
|
||||||
|
|
||||||
|
let decoded = decode_wechat_message_push_encoding_aes_key(&encoding_aes_key)
|
||||||
|
.expect("wechat aes key with trailing bits should decode");
|
||||||
|
|
||||||
|
assert_eq!(decoded, vec![0u8; WECHAT_MINIPROGRAM_MESSAGE_AES_KEY_BYTES]);
|
||||||
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn wechat_message_push_signature_uses_sorted_sha1_parts() {
|
fn wechat_message_push_signature_uses_sorted_sha1_parts() {
|
||||||
let token = "token-1";
|
let token = "token-1";
|
||||||
|
|||||||
Reference in New Issue
Block a user