From b3ba7e7e406a4e87b4e1b5f62dfae4a643563f06 Mon Sep 17 00:00:00 2001 From: "DESKTOP-6C3NK6N\\WXS" <815034831@qq.com> Date: Thu, 19 Sep 2024 16:17:01 +0800 Subject: [PATCH 1/6] =?UTF-8?q?=E6=95=8F=E6=84=9F=E4=BF=A1=E6=81=AF?= =?UTF-8?q?=E5=8A=A0=E5=AF=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- package.json | 2 ++ src/api/user.js | 10 +++++++++- src/utils/encrypt/crypto.js | 36 ++++++++++++++++++++++++++++++++++++ src/utils/encrypt/index.js | 28 ++++++++++++++++++++++++++++ src/utils/request.js | 9 ++++++--- 5 files changed, 81 insertions(+), 4 deletions(-) create mode 100644 src/utils/encrypt/crypto.js create mode 100644 src/utils/encrypt/index.js diff --git a/package.json b/package.json index adbd5052..5565add2 100644 --- a/package.json +++ b/package.json @@ -33,6 +33,7 @@ "cornerstone-math": "^0.1.10", "cornerstone-tools": "^6.0.10", "cornerstone-wado-image-loader": "^4.13.2", + "crypto-js": "^4.2.0", "dcmjs": "^0.29.8", "dicom-parser": "^1.8.9", "dicomedit": "^0.1.0", @@ -43,6 +44,7 @@ "hammerjs": "^2.0.8", "html2canvas": "^1.4.1", "js-md5": "^0.7.3", + "jsencrypt": "^3.3.2", "jszip": "^3.7.1", "moment": "^2.27.0", "node-polyfill-webpack-plugin": "^2.0.1", diff --git a/src/api/user.js b/src/api/user.js index 67027318..f7a60455 100644 --- a/src/api/user.js +++ b/src/api/user.js @@ -4,7 +4,8 @@ export function login(data) { return request({ url: '/user/login', method: 'post', - data + data, + ENCRYPT: true }) } export function loginOut(params) { @@ -185,3 +186,10 @@ export function sendMFAEmail(params) { params }) } +// 获取公钥 +export function getPublicKey() { + return request({ + url: `/user/getPublicKey`, + method: 'get', + }) +} diff --git a/src/utils/encrypt/crypto.js b/src/utils/encrypt/crypto.js new file mode 100644 index 00000000..f8a8294d --- /dev/null +++ b/src/utils/encrypt/crypto.js @@ -0,0 +1,36 @@ +// crypto.js +import CryptoJS from 'crypto-js'; +import { JSEncrypt } from "jsencrypt"; +import { getPublicKey } from "@/api/user.js" +export const Crypto = { + AES: { + encrypt: function (plaintext, secretKey) { + return CryptoJS.AES.encrypt(plaintext, secretKey).toString(); + }, + decrypt: function (ciphertext, secretKey) { + const bytes = CryptoJS.AES.decrypt(ciphertext, secretKey); + return bytes.toString(CryptoJS.enc.Utf8); + } + } +}; +export const Encrypt = { + encrypt: async function (plaintext) { + let PublicKey = null; + if (sessionStorage.getItem('PublicKey')) { + PublicKey = sessionStorage.getItem('PublicKey'); + } else { + let res = await getPublicKey(); + if (res.IsSuccess) { + PublicKey = res.Result + sessionStorage.setItem('PublicKey', res.Result) + } else { + return false; + } + } + let encryptor = new JSEncrypt() + encryptor.setPublicKey(PublicKey) + return encryptor.encrypt(JSON.stringify(plaintext)) + + }, + +}; diff --git a/src/utils/encrypt/index.js b/src/utils/encrypt/index.js new file mode 100644 index 00000000..c92c8c1c --- /dev/null +++ b/src/utils/encrypt/index.js @@ -0,0 +1,28 @@ +import { Encrypt, Crypto } from "./crypto"; +export const encryptConfig = async (config) => { + let secretKey = randomRange(10, 43); + let encryptSecretKey = await Encrypt.encrypt(secretKey); // 密钥进行非对称加密 + if (encryptSecretKey) { + config.headers['X-Encrypted-Key'] = encryptSecretKey; + } + if (config.data && Object.prototype.toString.call(config.data) === '[object Object]') { + Object.keys(config.data).forEach(key => { + config.data[key] = Crypto.AES.encrypt(config.data[key], secretKey) + }) + } + return config; +} +const randomRange = (min, max, charStr) => { + var returnStr = "", + range; + if (typeof max == 'string') { + charStr = max; + } + range = ((max && typeof max == 'number') ? Math.round(Math.random() * (max - min)) + min : min); + charStr = charStr || 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'; + for (var i = 0; i < range; i++) { + var index = Math.round(Math.random() * (charStr.length - 1)); + returnStr += charStr.substring(index, index + 1); + } + return returnStr; +} \ No newline at end of file diff --git a/src/utils/request.js b/src/utils/request.js index 29a8e1f3..033579db 100644 --- a/src/utils/request.js +++ b/src/utils/request.js @@ -4,7 +4,7 @@ import store from '@/store' import router from '@/router' import WHITELIST from "./whiteList" import moment from 'moment-timezone'; -console.log(moment.tz.guess()) +import { encryptConfig } from "@/utils/encrypt" axios.defaults.withCredentials = false const service = axios.create({ baseURL: '/api', @@ -16,13 +16,16 @@ var path // var lang = store.state.lang.language service.interceptors.request.use( - config => { + async config => { path = router && router.app && router.app._route && router.app._route.path config.headers['Content-Type'] = 'application/json;charset=UTF-8' var language = zzSessionStorage.getItem('lang') config.headers['Accept-Language'] = language === 'en' ? 'en-US,en;q=0.5' : 'zh-CN,zh;q=0.9' config.headers['TimeZoneId'] = moment.tz.guess() - if (store.getters.token) { + if (config.ENCRYPT) { + config = await encryptConfig(config) + } + if (store.getters.token && !config.clearToken) { config.headers.Authorization = `Bearer ${store.getters.token}` } try { From 8300cbaccf383791bb2cf66ba1148b213d46b379 Mon Sep 17 00:00:00 2001 From: "DESKTOP-6C3NK6N\\WXS" <815034831@qq.com> Date: Thu, 19 Sep 2024 16:49:20 +0800 Subject: [PATCH 2/6] 1 --- src/utils/encrypt/crypto.js | 2 +- src/utils/encrypt/index.js | 5 +++-- src/utils/request.js | 10 +++++++--- 3 files changed, 11 insertions(+), 6 deletions(-) diff --git a/src/utils/encrypt/crypto.js b/src/utils/encrypt/crypto.js index f8a8294d..582b96ec 100644 --- a/src/utils/encrypt/crypto.js +++ b/src/utils/encrypt/crypto.js @@ -21,7 +21,7 @@ export const Encrypt = { } else { let res = await getPublicKey(); if (res.IsSuccess) { - PublicKey = res.Result + PublicKey = decodeURI(res.Result) sessionStorage.setItem('PublicKey', res.Result) } else { return false; diff --git a/src/utils/encrypt/index.js b/src/utils/encrypt/index.js index c92c8c1c..6019ef08 100644 --- a/src/utils/encrypt/index.js +++ b/src/utils/encrypt/index.js @@ -6,8 +6,9 @@ export const encryptConfig = async (config) => { config.headers['X-Encrypted-Key'] = encryptSecretKey; } if (config.data && Object.prototype.toString.call(config.data) === '[object Object]') { - Object.keys(config.data).forEach(key => { - config.data[key] = Crypto.AES.encrypt(config.data[key], secretKey) + Object.keys(config.data).forEach(async key => { + // config.data[key] = Crypto.AES.encrypt(config.data[key], secretKey) + config.data[key] = await Encrypt.encrypt(config.data[key]) }) } return config; diff --git a/src/utils/request.js b/src/utils/request.js index 033579db..7cc7d22c 100644 --- a/src/utils/request.js +++ b/src/utils/request.js @@ -22,9 +22,13 @@ service.interceptors.request.use( var language = zzSessionStorage.getItem('lang') config.headers['Accept-Language'] = language === 'en' ? 'en-US,en;q=0.5' : 'zh-CN,zh;q=0.9' config.headers['TimeZoneId'] = moment.tz.guess() - if (config.ENCRYPT) { - config = await encryptConfig(config) - } + // if (config.ENCRYPT) { + // try{ + // config = await encryptConfig(config) + // }catch(err){ + // console.log(err) + // } + // } if (store.getters.token && !config.clearToken) { config.headers.Authorization = `Bearer ${store.getters.token}` } From c77ca02cbc428abc9e226d898b4e10743bf1b07d Mon Sep 17 00:00:00 2001 From: "DESKTOP-6C3NK6N\\WXS" <815034831@qq.com> Date: Thu, 19 Sep 2024 17:27:31 +0800 Subject: [PATCH 3/6] 1 --- src/utils/encrypt/crypto.js | 17 +++++++++++------ src/utils/encrypt/index.js | 4 ++-- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/src/utils/encrypt/crypto.js b/src/utils/encrypt/crypto.js index 582b96ec..7b55ad35 100644 --- a/src/utils/encrypt/crypto.js +++ b/src/utils/encrypt/crypto.js @@ -19,14 +19,19 @@ export const Encrypt = { if (sessionStorage.getItem('PublicKey')) { PublicKey = sessionStorage.getItem('PublicKey'); } else { - let res = await getPublicKey(); - if (res.IsSuccess) { - PublicKey = decodeURI(res.Result) - sessionStorage.setItem('PublicKey', res.Result) - } else { - return false; + try { + let res = await getPublicKey(); + if (res.IsSuccess) { + PublicKey = atob(res.Result) + sessionStorage.setItem('PublicKey', PublicKey) + } else { + return false; + } + } catch (err) { + console.log(err) } } + console.log(PublicKey) let encryptor = new JSEncrypt() encryptor.setPublicKey(PublicKey) return encryptor.encrypt(JSON.stringify(plaintext)) diff --git a/src/utils/encrypt/index.js b/src/utils/encrypt/index.js index 6019ef08..2be2cd66 100644 --- a/src/utils/encrypt/index.js +++ b/src/utils/encrypt/index.js @@ -7,8 +7,8 @@ export const encryptConfig = async (config) => { } if (config.data && Object.prototype.toString.call(config.data) === '[object Object]') { Object.keys(config.data).forEach(async key => { - // config.data[key] = Crypto.AES.encrypt(config.data[key], secretKey) - config.data[key] = await Encrypt.encrypt(config.data[key]) + config.data[key] = Crypto.AES.encrypt(config.data[key], secretKey) + // config.data[key] = await Encrypt.encrypt(config.data[key]) }) } return config; From 449e999d43a55569f7d229b7645b73e2e7a15e16 Mon Sep 17 00:00:00 2001 From: "DESKTOP-6C3NK6N\\WXS" <815034831@qq.com> Date: Thu, 19 Sep 2024 17:34:15 +0800 Subject: [PATCH 4/6] =?UTF-8?q?=E5=8A=A0=E5=AF=86=E6=B5=8B=E8=AF=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/utils/encrypt/crypto.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/utils/encrypt/crypto.js b/src/utils/encrypt/crypto.js index 7b55ad35..5c085683 100644 --- a/src/utils/encrypt/crypto.js +++ b/src/utils/encrypt/crypto.js @@ -17,13 +17,13 @@ export const Encrypt = { encrypt: async function (plaintext) { let PublicKey = null; if (sessionStorage.getItem('PublicKey')) { - PublicKey = sessionStorage.getItem('PublicKey'); + PublicKey = atob(sessionStorage.getItem('PublicKey')); } else { try { let res = await getPublicKey(); if (res.IsSuccess) { PublicKey = atob(res.Result) - sessionStorage.setItem('PublicKey', PublicKey) + sessionStorage.setItem('PublicKey', res.Result) } else { return false; } @@ -34,7 +34,7 @@ export const Encrypt = { console.log(PublicKey) let encryptor = new JSEncrypt() encryptor.setPublicKey(PublicKey) - return encryptor.encrypt(JSON.stringify(plaintext)) + return encryptor.encrypt(plaintext) }, From 0144ae91e88e2538d3e7dd6438849af69eb0b2f9 Mon Sep 17 00:00:00 2001 From: "DESKTOP-6C3NK6N\\WXS" <815034831@qq.com> Date: Fri, 20 Sep 2024 09:53:33 +0800 Subject: [PATCH 5/6] =?UTF-8?q?=E5=8A=A0=E7=A7=98=E6=B5=8B=E8=AF=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/utils/encrypt/crypto.js | 7 +++++-- src/utils/encrypt/index.js | 3 ++- src/utils/request.js | 4 ++-- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/src/utils/encrypt/crypto.js b/src/utils/encrypt/crypto.js index 5c085683..0b44f276 100644 --- a/src/utils/encrypt/crypto.js +++ b/src/utils/encrypt/crypto.js @@ -5,7 +5,11 @@ import { getPublicKey } from "@/api/user.js" export const Crypto = { AES: { encrypt: function (plaintext, secretKey) { - return CryptoJS.AES.encrypt(plaintext, secretKey).toString(); + return CryptoJS.AES.encrypt(plaintext, CryptoJS.enc.Utf8.parse(secretKey), { + mode: CryptoJS.mode.ECB, + padding: CryptoJS.pad.Pkcs7, + iv: '' + }).ciphertext.toString(CryptoJS.enc.Base64).replace(/\+/g, '-').replace(/\//g, '_'); }, decrypt: function (ciphertext, secretKey) { const bytes = CryptoJS.AES.decrypt(ciphertext, secretKey); @@ -31,7 +35,6 @@ export const Encrypt = { console.log(err) } } - console.log(PublicKey) let encryptor = new JSEncrypt() encryptor.setPublicKey(PublicKey) return encryptor.encrypt(plaintext) diff --git a/src/utils/encrypt/index.js b/src/utils/encrypt/index.js index 2be2cd66..606451aa 100644 --- a/src/utils/encrypt/index.js +++ b/src/utils/encrypt/index.js @@ -1,6 +1,6 @@ import { Encrypt, Crypto } from "./crypto"; export const encryptConfig = async (config) => { - let secretKey = randomRange(10, 43); + let secretKey = randomRange(32, 32); let encryptSecretKey = await Encrypt.encrypt(secretKey); // 密钥进行非对称加密 if (encryptSecretKey) { config.headers['X-Encrypted-Key'] = encryptSecretKey; @@ -8,6 +8,7 @@ export const encryptConfig = async (config) => { if (config.data && Object.prototype.toString.call(config.data) === '[object Object]') { Object.keys(config.data).forEach(async key => { config.data[key] = Crypto.AES.encrypt(config.data[key], secretKey) + console.log(config.data[key], 'KEY') // config.data[key] = await Encrypt.encrypt(config.data[key]) }) } diff --git a/src/utils/request.js b/src/utils/request.js index 7cc7d22c..861e3d0c 100644 --- a/src/utils/request.js +++ b/src/utils/request.js @@ -23,9 +23,9 @@ service.interceptors.request.use( config.headers['Accept-Language'] = language === 'en' ? 'en-US,en;q=0.5' : 'zh-CN,zh;q=0.9' config.headers['TimeZoneId'] = moment.tz.guess() // if (config.ENCRYPT) { - // try{ + // try { // config = await encryptConfig(config) - // }catch(err){ + // } catch (err) { // console.log(err) // } // } From 693e2405783cb439347bfb4425553a7b62a9ce8a Mon Sep 17 00:00:00 2001 From: "DESKTOP-6C3NK6N\\WXS" <815034831@qq.com> Date: Fri, 20 Sep 2024 10:15:21 +0800 Subject: [PATCH 6/6] =?UTF-8?q?=E6=95=8F=E6=84=9F=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=E5=8A=A0=E5=AF=86?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/utils/encrypt/crypto.js | 2 +- src/utils/request.js | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/utils/encrypt/crypto.js b/src/utils/encrypt/crypto.js index 0b44f276..474fbfdd 100644 --- a/src/utils/encrypt/crypto.js +++ b/src/utils/encrypt/crypto.js @@ -9,7 +9,7 @@ export const Crypto = { mode: CryptoJS.mode.ECB, padding: CryptoJS.pad.Pkcs7, iv: '' - }).ciphertext.toString(CryptoJS.enc.Base64).replace(/\+/g, '-').replace(/\//g, '_'); + }).ciphertext.toString(CryptoJS.enc.Base64); }, decrypt: function (ciphertext, secretKey) { const bytes = CryptoJS.AES.decrypt(ciphertext, secretKey); diff --git a/src/utils/request.js b/src/utils/request.js index 861e3d0c..0f122229 100644 --- a/src/utils/request.js +++ b/src/utils/request.js @@ -22,13 +22,13 @@ service.interceptors.request.use( var language = zzSessionStorage.getItem('lang') config.headers['Accept-Language'] = language === 'en' ? 'en-US,en;q=0.5' : 'zh-CN,zh;q=0.9' config.headers['TimeZoneId'] = moment.tz.guess() - // if (config.ENCRYPT) { - // try { - // config = await encryptConfig(config) - // } catch (err) { - // console.log(err) - // } - // } + if (config.ENCRYPT) { + try { + config = await encryptConfig(config) + } catch (err) { + console.log(err) + } + } if (store.getters.token && !config.clearToken) { config.headers.Authorization = `Bearer ${store.getters.token}` }