Skip to content

Commit 4baf642

Browse files
MojicodeMojicode
committed
support gmalg symmetry&asymmetry
1 parent f888557 commit 4baf642

5 files changed

Lines changed: 60 additions & 28 deletions

File tree

lib/crypto.js

Lines changed: 20 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -202,12 +202,21 @@ function paddingPass(password,keyLen){
202202
return password;
203203
}
204204
}
205+
205206
/**
206207
* 加密方法
207208
* @param secret 加密key
208209
* @param plaintext 需要加密的明文
209210
* @returns string 加密后的十六进制格式
210211
*/
212+
var symEncrypt = function(symKey, plaintext, algType = 'aes') {
213+
if(algType === "gmAlg") {
214+
return keypairs.gmAlgSymEnc(symKey, plaintext);
215+
} else {
216+
return aesEncrypt(symKey, plaintext);
217+
}
218+
};
219+
211220
var aesEncrypt = function(secret, plaintext) {
212221
var secretPadded = paddingPass(secret,AESKeyLength);
213222
var aesKey =Buffer.from(secretPadded, 'utf8');
@@ -216,7 +225,7 @@ var aesEncrypt = function(secret, plaintext) {
216225
var plainBuf = Buffer.from(plaintext, 'utf8');
217226
var encryptedBytes = cipher.update(plainBuf);
218227
encryptedBytes = Buffer.concat([encryptedBytes, cipher.final()]);
219-
return encryptedBytes.toString('hex');;
228+
return encryptedBytes.toString('hex');
220229
};
221230

222231
/**
@@ -225,6 +234,14 @@ var aesEncrypt = function(secret, plaintext) {
225234
* @param encryptedHex 密文十六进制格式
226235
* @returns string 解密后的明文
227236
*/
237+
var symDecrypt = function(symKey, encryptedHex, algType = 'aes') {
238+
if(algType === "gmAlg") {
239+
return keypairs.gmAlgSymDec(symKey, encryptedHex);
240+
} else {
241+
return aesDecrypt(symKey, encryptedHex);
242+
}
243+
};
244+
228245
var aesDecrypt = function(secret, encryptedHex) {
229246
var secretPadded = paddingPass(secret,AESKeyLength);
230247
var aesKey =Buffer.from(secretPadded, 'utf8');
@@ -396,8 +413,8 @@ var decryptText = function(cipherText,secret){
396413
module.exports = {
397414
eciesEncrypt,
398415
eciesDecrypt,
399-
aesEncrypt,
400-
aesDecrypt,
416+
symEncrypt,
417+
symDecrypt,
401418
encryptText,
402419
decryptText
403420
};

lib/util.js

Lines changed: 24 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -29,23 +29,29 @@ function getSequence(api, address) {
2929

3030
}
3131

32-
function generateToken(key, secret) {
33-
var secret = secret;
34-
var token;
35-
if (!secret) {
36-
secret = cryptoo.randomBytes(AESKeyLength/2).toString('hex');
37-
var keypair = keypairs.deriveKeypair(key);
38-
token = crypto.eciesEncrypt(secret, keypair.publicKey);
39-
} else {
40-
token = crypto.eciesEncrypt(secret, key);
41-
}
42-
return token;
32+
function generateToken(key, secretIn) {
33+
let symKey = secretIn;
34+
let token;
35+
const isUserPub = symKey ? true : false;
36+
symKey = symKey ? symKey : cryptoo.randomBytes(AESKeyLength / 2).toString('hex');
37+
if (key === "gmAlg" || process.env.CRP_ALG === "gmAlg") {
38+
token = keypairs.gmAlgSm2Enc(key, symKey);
39+
} else {
40+
const userPub = isUserPub ? key : keypairs.deriveKeypair(key).publicKey;
41+
token = crypto.eciesEncrypt(symKey, userPub);
42+
}
43+
return token;
4344
}
4445

4546
function decodeToken(that, token) {
46-
var keypair = keypairs.deriveKeypair(that.connect.secret);
47-
var secret = crypto.eciesDecrypt(token, keypair.privateKey);
48-
return secret;
47+
let symKey;
48+
if(that.connect.secret === "gmAlg") {
49+
symKey = keypairs.gmAlgSm2Dec(that.connect.secret, token);
50+
} else {
51+
let keypair = keypairs.deriveKeypair(that.connect.secret);
52+
symKey = crypto.eciesDecrypt(token, keypair.privateKey);
53+
}
54+
return symKey;
4955
}
5056

5157

@@ -215,12 +221,13 @@ function checkUserMatchPublicKey(user,publicKey){
215221
return true;
216222
}
217223
var PUBLICKEY_LENGTH = 33;
224+
const GM_PUBLICKEY_LENGTH = 65;
218225
var ACCOUNT_PUBLIC = 35;
219-
if(publicKey.length != 2 * PUBLICKEY_LENGTH){
226+
if(publicKey.length != 2 * PUBLICKEY_LENGTH || publicKey.length != 2 * GM_PUBLICKEY_LENGTH){
220227
var decoded = addressCodec.decode(publicKey, ACCOUNT_PUBLIC);
221-
var decodedPublic = decoded.slice(1,1+PUBLICKEY_LENGTH);
228+
var decodedPublic = decoded.slice(1, decoded.length-4);
222229
publicKey = Bytes2HexString(decodedPublic);
223-
}
230+
}
224231
var address = keypairs.deriveAddress(publicKey)
225232
return user == address;
226233
}

src/eventManager.js

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -248,7 +248,8 @@ function _decryptData(pass,tx){
248248

249249
if(tx.Raw){
250250
if(pass){
251-
tx.Raw = crypto.aesDecrypt(pass,tx.Raw);
251+
const algType = tx.publicKey.slice(0,2) === "47" ? "gmAlg" : "aes";
252+
tx.Raw = crypto.symDecrypt(pass, tx.Raw, algType);
252253
}else{
253254
tx.Raw = util.convertHexToString(tx.Raw);
254255
}

src/index.js

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -291,8 +291,13 @@ ChainsqlAPI.prototype.createTable = function (name, raw, inputOpt) {
291291

292292
if (confidential) {
293293
var token = generateToken(that.connect.secret);
294-
var secret = decodeToken(that, token);
295-
payment.raw = crypto.aesEncrypt(secret, payment.raw).toUpperCase();
294+
var symKey = decodeToken(that, token);
295+
if(that.connect.secret === "gmAlg") {
296+
payment.raw = crypto.symEncrypt(symKey, payment.raw, "gmAlg").toUpperCase();
297+
} else {
298+
payment.raw = crypto.symEncrypt(symKey, payment.raw).toUpperCase();
299+
}
300+
296301
payment.token = token.toUpperCase();
297302
} else {
298303
payment.raw = convertStringToHex(payment.raw);
@@ -650,7 +655,8 @@ function handleCommit(ChainSQL, object, resolve, reject) {
650655
var secret = decodeToken(ChainSQL, token);
651656
if (cache[i].Raw) {
652657
if (cache[i].OpType != opType.t_grant) {
653-
cache[i].Raw = crypto.aesEncrypt(secret, JSON.stringify(cache[i].Raw)).toUpperCase();
658+
const algType = ChainSQL.connect.secret === "gmAlg" ? "gmAlg" : "aes";
659+
cache[i].Raw = crypto.symEncrypt(secret, JSON.stringify(cache[i].Raw), algType).toUpperCase();
654660
} else {
655661
cache[i].Raw = convertStringToHex(JSON.stringify(cache[i].Raw));
656662
}

src/table.js

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -394,7 +394,7 @@ Table.prototype.prepareJson = function() {
394394
};
395395
if (that.exec == 'r_insert' && that.field) {
396396
payment.autoFillField = convertStringToHex(that.field);
397-
};
397+
}
398398

399399
return new Promise(function (resolve, reject) {
400400
prepareTable(that, payment, resolve, reject);
@@ -403,11 +403,12 @@ Table.prototype.prepareJson = function() {
403403
function prepareTable(ChainSQL, payment, resolve, reject) {
404404
var connect = ChainSQL.connect;
405405

406-
getUserToken(connect.api.connection, connect.scope, connect.address, ChainSQL.tab).then(function(token) {
407-
token = token[ ChainSQL.connect.scope + ChainSQL.tab];
406+
getUserToken(connect.api.connection, connect.scope, connect.address, ChainSQL.tab).then(function (token) {
407+
token = token[ChainSQL.connect.scope + ChainSQL.tab];
408408
if (token && token != '') {
409409
var secret = decodeToken(ChainSQL, token);
410-
payment.raw = crypto.aesEncrypt(secret, payment.raw).toUpperCase();
410+
const algType = ChainSQL.connect.secret === "gmAlg" ? "gmAlg" : "aes";
411+
payment.raw = crypto.symEncrypt(secret, payment.raw, algType).toUpperCase();
411412
} else {
412413
payment.raw = convertStringToHex(payment.raw);
413414
}

0 commit comments

Comments
 (0)