Main module for api interacting with TeraBox
Classes
Methods
(inner) signDownload(s1, s2) → {string}
- Description:
- Generates a signed download token using a modified RC4-like algorithm
This function implements a stream cipher similar to RC4 that:
1. Initializes a permutation array using the secret key (s1)
2. Generates a pseudorandom keystream
3. XORs the input data (s2) with the keystream
4. Returns the result as a Base64-encoded string
- Generates a signed download token using a modified RC4-like algorithm
This function implements a stream cipher similar to RC4 that:
- Source:
Example
const signature = signDownload('secret-key', 'data-to-sign');
// Returns something like: "X3p8YFJjUA=="Parameters:
| Name | Type | Description |
|---|---|---|
s1 |
string | The secret key used for signing (should be at least 1 character) |
s2 |
string | The input data to be signed |
Returns:
Base64-encoded signature
- Type
- string
(inner) checkMd5val(md5) → {boolean}
- Description:
- Validates whether a string is a properly formatted MD5 hash
Checks if the input:
1. Is exactly 32 characters long
2. Contains only hexadecimal characters (a-f, 0-9)
3. Is in lowercase
Note: This only validates the format, not the cryptographic correctness of the hash.
- Validates whether a string is a properly formatted MD5 hash
- Source:
Example
checkMd5val('d41d8cd98f00b204e9800998ecf8427e') // returns true
checkMd5val('D41D8CD98F00B204E9800998ECF8427E') // returns false (uppercase)
checkMd5val('z41d8cd98f00b204e9800998ecf8427e') // returns false (invalid character)
checkMd5val('d41d8cd98f') // returns false (too short)Parameters:
| Name | Type | Description |
|---|---|---|
md5 |
* | The value to check (typically a string) |
Returns:
True if the input is a valid MD5 format, false otherwise
- Type
- boolean
(inner) checkMd5arr(arr) → {boolean}
- Description:
- Validates that all elements in an array are properly formatted MD5 hashes
Checks if:
1. The input is an array
2. Every element in the array passes checkMd5val() validation
(32-character hexadecimal strings in lowercase)
- Validates that all elements in an array are properly formatted MD5 hashes
- Source:
- See:
-
- Function CheckMd5Val for individual MD5 hash validation logic
Example
checkMd5arr(['d41d8cd98f00b204e9800998ecf8427e', '5d41402abc4b2a76b9719d911017c592']) // true
checkMd5arr(['d41d8cd98f00b204e9800998ecf8427e', 'invalid']) // false
checkMd5arr('not an array') // false
checkMd5arr([]) // false (empty array is considered invalid)Parameters:
| Name | Type | Description |
|---|---|---|
arr |
* | The array to validate |
Returns:
True if all elements are valid MD5 hashes, false otherwise
(also returns false if input is not an array)
- Type
- boolean
(inner) decodeMd5(md5) → {string}
- Description:
- Applies a custom transformation to what appears to be an MD5 hash
This function performs a series of reversible transformations on an input string
that appears to be an MD5 hash (32 hexadecimal characters). The transformation includes:
1. Character restoration at position 9
2. XOR operation with position-dependent values
3. Byte reordering of the result
- Applies a custom transformation to what appears to be an MD5 hash
- Source:
Example
decodeMd5('a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6') // returns transformed value
decodeMd5('short') // returns 'short' (unchanged)Parameters:
| Name | Type | Description |
|---|---|---|
md5 |
string | The input string (expected to be 32 hexadecimal characters) |
Throws:
Will return the original input unchanged if length is not 32
Returns:
The transformed result (32 hexadecimal characters)
- Type
- string
(inner) changeBase64Type(str, modeopt) → {string}
- Description:
- Converts between standard and URL-safe Base64 encoding formats
Base64 strings may contain '+', '/' and '=' characters that need to be replaced
for safe use in URLs. This function provides bidirectional conversion:
- Mode 1: Converts to URL-safe Base64 (RFC 4648 §5)
- Mode 2: Converts back to standard Base64
- Converts between standard and URL-safe Base64 encoding formats
- Source:
- See:
-
- RFC 4648 §5 for URL-safe Base64
Example
// To URL-safe Base64
changeBase64Type('a+b/c=') // returns 'a-b_c='
// To standard Base64
changeBase64Type('a-b_c=', 2) // returns 'a+b/c='Parameters:
| Name | Type | Attributes | Default | Description |
|---|---|---|---|---|
str |
string | The Base64 string to convert | ||
mode |
number |
<optional> |
1
|
Conversion direction: 1 = to URL-safe (default), 2 = to standard |
Returns:
The converted Base64 string
- Type
- string
(inner) decryptAES(pp1, pp2) → {string}
- Description:
- Decrypts AES-128-CBC encrypted data using provided parameters
This function:
1. Converts both parameters from URL-safe Base64 to standard Base64
2. Extracts the IV (first 16 bytes) and ciphertext from pp1
3. Uses pp2 as the decryption key
4. Performs AES-128-CBC decryption
- Decrypts AES-128-CBC encrypted data using provided parameters
- Source:
- See:
-
- Function ChangeBase64Type for Base64 format conversion
Example
// Example usage (with actual encrypted data)
const decrypted = decryptAES(
'MTIzNDU2Nzg5MDEyMzQ1Ng==...', // IV + ciphertext
'c2VjcmV0LWtleS1kYXRhCg==' // Key
);Parameters:
| Name | Type | Description |
|---|---|---|
pp1 |
string | Combined IV and ciphertext in URL-safe Base64 format: First 16 bytes are IV, remainder is ciphertext |
pp2 |
string | Encryption key in URL-safe Base64 format |
Requires:
- module:crypto
Throws:
-
May throw errors for invalid inputs or decryption failures
- Type
- Error
Returns:
The decrypted UTF-8 string
- Type
- string
(inner) encryptRSA(message, publicKeyPEM, modeopt) → {string}
- Description:
- Encrypts data using RSA with a public key, with optional MD5 preprocessing
Supports two encryption modes:
1. Direct encryption of the message (default)
2. MD5 hash preprocessing (applies MD5 + length padding before encryption)
- Encrypts data using RSA with a public key, with optional MD5 preprocessing
- Source:
Example
// Direct encryption
encryptRSA('secret message', publicKey);
// With MD5 preprocessing
encryptRSA('secret message', publicKey, 2);Parameters:
| Name | Type | Attributes | Default | Description |
|---|---|---|---|---|
message |
string | The plaintext message to encrypt | ||
publicKeyPEM |
string | Buffer | RSA public key in PEM format | ||
mode |
number |
<optional> |
1
|
Encryption mode: 1 = direct encryption, 2 = MD5 hash preprocessing |
Requires:
- module:crypto
Throws:
-
May throw errors for invalid keys or encryption failures
- Type
- Error
Returns:
Base64-encoded encrypted data
- Type
- string
(inner) prandGen(clientopt, seval, encpwd, email, browseridopt, random) → {string}
- Description:
- Generates a pseudo-random SHA-1 hash from combined client parameters
Creates a deterministic hash value by combining multiple client-specific parameters.
This is typically used for generating session tokens or unique identifiers.
- Generates a pseudo-random SHA-1 hash from combined client parameters
- Source:
Example
// Basic usage
const token = prandGen('web', 'session123', 'encryptedPwd', 'user@example.com', 'browser123', 'randomValue');
// With default client and empty browserid
const token = prandGen(undefined, 'session123', 'encryptedPwd', 'user@example.com', '', 'randomValue');Parameters:
| Name | Type | Attributes | Default | Description |
|---|---|---|---|---|
client |
string |
<optional> |
'web'
|
Client identifier (e.g., 'web', 'mobile') |
seval |
string | Session evaluation parameter | ||
encpwd |
string | Encrypted password or password hash | ||
email |
string | User's email address | ||
browserid |
string |
<optional> |
''
|
Browser fingerprint or identifier |
random |
string | Random value |
Requires:
- module:crypto
Returns:
SHA-1 hash of the combined parameters (40-character hex string)
- Type
- string