完善同步

src/common/types/sync.d.ts

@@ -53,7 +53,6 @@ declare namespace LX {
     interface KeyInfo {
       clientId: string
       key: string
-      iv: string
       deviceName: string
       connectionTime?: number
     }

src/main/modules/sync/server/auth.ts

@@ -6,6 +6,7 @@ import {
   createClientKeyInfo,
   getClientKeyInfo,
   setClientKeyInfo,
+  rsaEncrypt,
 } from './utils'
 import querystring from 'node:querystring'
 
@@ -20,7 +21,7 @@ export const authCode = async(req: http.IncomingMessage, res: http.ServerRespons
   if (typeof req.headers.m == 'string' && ip && (requestIps.get(ip) ?? 0) < 10) {
     if (req.headers.m) {
       label:
-      if (req.headers.i) {
+      if (req.headers.i) { // key验证
         if (typeof req.headers.i != 'string') break label
         const keyInfo = getClientKeyInfo(req.headers.i)
         if (!keyInfo) break label
@@ -40,7 +41,7 @@ export const authCode = async(req: http.IncomingMessage, res: http.ServerRespons
           }
           msg = aesEncrypt(SYNC_CODE.helloMsg, keyInfo.key)
         }
-      } else {
+      } else { // 连接码验证
         let key = ''.padStart(16, Buffer.from(authCode).toString('hex'))
         // const iv = Buffer.from(key.split('').reverse().join('')).toString('base64')
         key = Buffer.from(key).toString('base64')
@@ -54,8 +55,10 @@ export const authCode = async(req: http.IncomingMessage, res: http.ServerRespons
         // console.log(text)
         if (text.startsWith(SYNC_CODE.authMsg)) {
           code = 200
-          const deviceName = text.replace(SYNC_CODE.authMsg, '') || 'Unknown'
+          const data = text.split('\n')
-          msg = aesEncrypt(JSON.stringify(createClientKeyInfo(deviceName)), key)
+          const publicKey = `-----BEGIN PUBLIC KEY-----\n${data[1]}\n-----END PUBLIC KEY-----`
+          const deviceName = data[2] || 'Unknown'
+          msg = rsaEncrypt(Buffer.from(JSON.stringify(createClientKeyInfo(deviceName))), publicKey)
         }
       }
     }

src/main/modules/sync/server/utils.ts

@@ -1,5 +1,5 @@
 import { networkInterfaces } from 'os'
-import { randomBytes, createCipheriv, createDecipheriv } from 'crypto'
+import { randomBytes, createCipheriv, createDecipheriv, publicEncrypt, privateDecrypt, constants } from 'crypto'
 import { join } from 'path'
 import getStore from '@main/utils/store'
 
@@ -41,7 +41,6 @@ export const createClientKeyInfo = (deviceName: string): LX.Sync.KeyInfo => {
   const keyInfo: LX.Sync.KeyInfo = {
     clientId: randomBytes(4 * 4).toString('base64'),
     key: randomBytes(16).toString('base64'),
-    iv: randomBytes(16).toString('base64'),
     deviceName,
   }
   const store = getStore(STORE_NAME)
@@ -79,6 +78,13 @@ export const aesDecrypt = (text: string, key: string): string => {
   return Buffer.concat([decipher.update(Buffer.from(text, 'base64')), decipher.final()]).toString()
 }
 
+export const rsaEncrypt = (buffer: Buffer, key: string): string => {
+  return publicEncrypt({ key, padding: constants.RSA_PKCS1_OAEP_PADDING }, buffer).toString('base64')
+}
+export const rsaDecrypt = (buffer: Buffer, key: string): Buffer => {
+  return privateDecrypt({ key, padding: constants.RSA_PKCS1_OAEP_PADDING }, buffer)
+}
+
 export const encryptMsg = (keyInfo: LX.Sync.KeyInfo, msg: string): string => {
   return msg
   // if (!keyInfo) return ''