perf: 优化加密 (#8206)

* perf: 优化加密 * perf: 优化加密 * perf: 优化加密传输 Co-authored-by: ibuler <ibuler@qq.com>
2025-09-07 10:20:57 +00:00 · 2022-05-10 17:28:10 +08:00
parent b44fa64994
commit aff5b0035d
8 changed files with 98 additions and 11 deletions
--- a/apps/static/js/jumpserver.js
+++ b/apps/static/js/jumpserver.js
@@ -1502,18 +1502,89 @@ function getStatusIcon(status, mapping, title) {
    return icon;
 }

+
+function fillKey(key) {
+    let keySize = 128
+    // 如果超过 key 16 位, 最大取 32 位，需要更改填充
+    if (key.length > 16) {
+        key = key.slice(0, 32)
+        keySize = keySize * 2
+    }
+    const filledKeyLength = keySize / 8
+    if (key.length >= filledKeyLength) {
+        return key.slice(0, filledKeyLength)
+    }
+    const filledKey = Buffer.alloc(keySize / 8)
+    const keys = Buffer.from(key)
+    for (let i = 0; i < keys.length; i++) {
+        filledKey[i] = keys[i]
+    }
+    return filledKey
+}
+
+function aesEncrypt(text, originKey) {
+    const key = CryptoJS.enc.Utf8.parse(fillKey(originKey));
+    return CryptoJS.AES.encrypt(text, key, {
+        mode: CryptoJS.mode.ECB,
+        padding: CryptoJS.pad.ZeroPadding
+    }).toString();
+}
+
+function rsaEncrypt(text, pubKey) {
+    if (!text) {
+        return text
+    }
+    const jsEncrypt = new JSEncrypt();
+    jsEncrypt.setPublicKey(pubKey);
+    return jsEncrypt.encrypt(text);
+}
+
+function rsaDecrypt(cipher, pkey) {
+    const jsEncrypt = new JSEncrypt();
+    jsEncrypt.setPrivateKey(pkey);
+    return jsEncrypt.decrypt(cipher)
+}
+
+
+window.rsaEncrypt = rsaEncrypt
+window.rsaDecrypt = rsaDecrypt
+
 function encryptPassword(password) {
    if (!password) {
        return ''
    }
-    var rsaPublicKeyText = getCookie('jms_public_key')
+    const aesKey = (Math.random() + 1).toString(36).substring(2)
+    // public key 是 base64 存储的
+    const rsaPublicKeyText = getCookie('jms_public_key')
        .replaceAll('"', '')
-    var rsaPublicKey = atob(rsaPublicKeyText)
-    var jsencrypt = new JSEncrypt(); //加密对象
-    jsencrypt.setPublicKey(rsaPublicKey); // 设置密钥
-    var value = jsencrypt.encrypt(password); //加密
-    return value
+    const rsaPublicKey = atob(rsaPublicKeyText)
+    const keyCipher = rsaEncrypt(aesKey, rsaPublicKey)
+    const passwordCipher = aesEncrypt(password, aesKey)
+    return `${keyCipher}:${passwordCipher}`
 }


+function randomString(length) {
+    const characters ='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
+    let result = '';
+    const charactersLength = characters.length;
+    for ( let i = 0; i < length; i++ ) {
+        result += characters.charAt(Math.floor(Math.random() * charactersLength));
+    }
+
+    return result;
+}
+
+function testEncrypt() {
+    const radio = []
+    const len2 = []
+    for (let i=1;i<4096;i++) {
+        const password = randomString(i)
+        const cipher = encryptPassword(password)
+        len2.push([password.length, cipher.length])
+        radio.push(cipher.length/password.length)
+    }
+    return radio
+}
+
 window.encryptPassword = encryptPassword