From c16de232add7f992c425b90e0b7abb333057ea24 Mon Sep 17 00:00:00 2001 From: lyswhut Date: Fri, 30 Dec 2022 13:16:40 +0800 Subject: [PATCH] =?UTF-8?q?=E5=AE=8C=E5=96=84=E5=90=8C=E6=AD=A5?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/common/types/sync.d.ts | 1 - src/main/modules/sync/server/auth.ts | 11 +++++++---- src/main/modules/sync/server/utils.ts | 10 ++++++++-- 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/src/common/types/sync.d.ts b/src/common/types/sync.d.ts index 08aa06e0..bba80cc8 100644 --- a/src/common/types/sync.d.ts +++ b/src/common/types/sync.d.ts @@ -53,7 +53,6 @@ declare namespace LX { interface KeyInfo { clientId: string key: string - iv: string deviceName: string connectionTime?: number } diff --git a/src/main/modules/sync/server/auth.ts b/src/main/modules/sync/server/auth.ts index 5f4d8fce..1dcd2db9 100644 --- a/src/main/modules/sync/server/auth.ts +++ b/src/main/modules/sync/server/auth.ts @@ -6,6 +6,7 @@ import { createClientKeyInfo, getClientKeyInfo, setClientKeyInfo, + rsaEncrypt, } from './utils' import querystring from 'node:querystring' @@ -20,7 +21,7 @@ export const authCode = async(req: http.IncomingMessage, res: http.ServerRespons if (typeof req.headers.m == 'string' && ip && (requestIps.get(ip) ?? 0) < 10) { if (req.headers.m) { label: - if (req.headers.i) { + if (req.headers.i) { // key验证 if (typeof req.headers.i != 'string') break label const keyInfo = getClientKeyInfo(req.headers.i) if (!keyInfo) break label @@ -40,7 +41,7 @@ export const authCode = async(req: http.IncomingMessage, res: http.ServerRespons } msg = aesEncrypt(SYNC_CODE.helloMsg, keyInfo.key) } - } else { + } else { // 连接码验证 let key = ''.padStart(16, Buffer.from(authCode).toString('hex')) // const iv = Buffer.from(key.split('').reverse().join('')).toString('base64') key = Buffer.from(key).toString('base64') @@ -54,8 +55,10 @@ export const authCode = async(req: http.IncomingMessage, res: http.ServerRespons // console.log(text) if (text.startsWith(SYNC_CODE.authMsg)) { code = 200 - const deviceName = text.replace(SYNC_CODE.authMsg, '') || 'Unknown' - msg = aesEncrypt(JSON.stringify(createClientKeyInfo(deviceName)), key) + const data = text.split('\n') + const publicKey = `-----BEGIN PUBLIC KEY-----\n${data[1]}\n-----END PUBLIC KEY-----` + const deviceName = data[2] || 'Unknown' + msg = rsaEncrypt(Buffer.from(JSON.stringify(createClientKeyInfo(deviceName))), publicKey) } } } diff --git a/src/main/modules/sync/server/utils.ts b/src/main/modules/sync/server/utils.ts index 144ddf92..baf051a1 100644 --- a/src/main/modules/sync/server/utils.ts +++ b/src/main/modules/sync/server/utils.ts @@ -1,5 +1,5 @@ import { networkInterfaces } from 'os' -import { randomBytes, createCipheriv, createDecipheriv } from 'crypto' +import { randomBytes, createCipheriv, createDecipheriv, publicEncrypt, privateDecrypt, constants } from 'crypto' import { join } from 'path' import getStore from '@main/utils/store' @@ -41,7 +41,6 @@ export const createClientKeyInfo = (deviceName: string): LX.Sync.KeyInfo => { const keyInfo: LX.Sync.KeyInfo = { clientId: randomBytes(4 * 4).toString('base64'), key: randomBytes(16).toString('base64'), - iv: randomBytes(16).toString('base64'), deviceName, } const store = getStore(STORE_NAME) @@ -79,6 +78,13 @@ export const aesDecrypt = (text: string, key: string): string => { return Buffer.concat([decipher.update(Buffer.from(text, 'base64')), decipher.final()]).toString() } +export const rsaEncrypt = (buffer: Buffer, key: string): string => { + return publicEncrypt({ key, padding: constants.RSA_PKCS1_OAEP_PADDING }, buffer).toString('base64') +} +export const rsaDecrypt = (buffer: Buffer, key: string): Buffer => { + return privateDecrypt({ key, padding: constants.RSA_PKCS1_OAEP_PADDING }, buffer) +} + export const encryptMsg = (keyInfo: LX.Sync.KeyInfo, msg: string): string => { return msg // if (!keyInfo) return ''