feat: API加密 前端已经实现RSA/SM2 AES/SM4

packages/utils/package.json

@@ -22,7 +22,14 @@
   "dependencies": {
     "@vben-core/shared": "workspace:*",
     "@vben-core/typings": "workspace:*",
+    "crypto-js": "^4.2.0",
     "file-type": "^19.5.0",
+    "jsencrypt": "^3.5.4",
+    "sm-crypto": "^0.3.13",
     "vue-router": "catalog:"
+  },
+  "devDependencies": {
+    "@types/crypto-js": "^4.2.2",
+    "@types/sm-crypto": "^0.3.4"
   }
 }

packages/utils/src/encryption/base.ts

@@ -0,0 +1,71 @@
+export interface EncryptionOptions {
+  /**
+   * 私钥
+   */
+  privateKey: string;
+
+  /**
+   * 公钥
+   */
+  publicKey: string;
+}
+
+/**
+ * 非对称加解密 抽象类
+ * 提供基本的加密和解密功能接口
+ */
+export abstract class BaseAsymmetricEncryption {
+  /**
+   * 私钥
+   */
+  protected privateKey: string;
+
+  /**
+   * 公钥
+   */
+  protected publicKey: string;
+
+  /**
+   * 构造函数
+   * @param options 加解密选项，包含公钥和私钥
+   */
+  constructor(options: EncryptionOptions) {
+    this.publicKey = options.publicKey;
+    this.privateKey = options.privateKey;
+  }
+
+  /**
+   * 解密方法
+   * @param encryptedData 解密后的数据
+   * @returns 解密后的原始数据
+   */
+  abstract decrypt(encryptedData: string): string;
+
+  /**
+   * 加密方法
+   * @param data 需要加密的数据
+   * @returns 加密后的数据
+   */
+  abstract encrypt(data: string): string;
+}
+
+/**
+ * 对称加解密抽象类
+ */
+export abstract class BaseSymmetricEncryption {
+  /**
+   * 解密方法
+   * @param data 解密后的数据
+   * @param key 密钥
+   * @returns 解密后的原始数据
+   */
+  abstract decrypt(data: string, key: string): string;
+
+  /**
+   * 加密方法
+   * @param data 需要加密的数据
+   * @param key 密钥
+   * @returns 加密后的数据
+   */
+  abstract encrypt(data: string, key: string): string;
+}

packages/utils/src/encryption/crypto.ts

@@ -0,0 +1,30 @@
+import CryptoJS from 'crypto-js';
+
+/**
+ * 随机字符串
+ *
+ * @returns str
+ */
+export function randomStr(length = 32) {
+  const str = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
+  let result = '';
+  for (let i = length; i > 0; --i)
+    result += str[Math.floor(Math.random() * str.length)];
+  return result;
+}
+
+/**
+ * base64编码
+ * @param str
+ * @returns base64编码
+ */
+export function encodeBase64(str: string) {
+  return CryptoJS.enc.Base64.stringify(CryptoJS.enc.Utf8.parse(str));
+}
+
+/**
+ * 解码base64
+ */
+export function decodeBase64(str: string) {
+  return CryptoJS.enc.Base64.parse(str).toString();
+}

packages/utils/src/encryption/impl/aes.ts

@@ -0,0 +1,28 @@
+import CryptoJS from 'crypto-js';
+
+import { BaseSymmetricEncryption } from '../base';
+
+/**
+ * AES 实现
+ */
+export class AesEncryption extends BaseSymmetricEncryption {
+  override decrypt(data: string, key: string): string {
+    // 必须格式化字符串才能正常使用
+    const aesKey = CryptoJS.enc.Utf8.parse(key);
+    const decrypted = CryptoJS.AES.decrypt(data, aesKey, {
+      mode: CryptoJS.mode.ECB,
+      padding: CryptoJS.pad.Pkcs7,
+    });
+    return decrypted.toString(CryptoJS.enc.Utf8);
+  }
+
+  override encrypt(data: string, key: string): string {
+    // 必须格式化字符串才能正常使用
+    const aesKey = CryptoJS.enc.Utf8.parse(key);
+    const encrypted = CryptoJS.AES.encrypt(data, aesKey, {
+      mode: CryptoJS.mode.ECB,
+      padding: CryptoJS.pad.Pkcs7,
+    });
+    return encrypted.toString();
+  }
+}

packages/utils/src/encryption/impl/rsa.ts

@@ -0,0 +1,30 @@
+import JSEncrypt from 'jsencrypt';
+
+import { BaseAsymmetricEncryption } from '../base';
+
+/**
+ * RSA 实现
+ */
+export class RsaEncryption extends BaseAsymmetricEncryption {
+  override decrypt(str: string): string {
+    const instance = new JSEncrypt();
+    instance.setPrivateKey(this.privateKey);
+    const ret = instance.decrypt(str);
+
+    if (ret === false) {
+      throw new Error('RsaEncryption decrypt error');
+    }
+
+    return ret;
+  }
+
+  override encrypt(str: string): string {
+    const instance = new JSEncrypt();
+    instance.setPublicKey(this.publicKey);
+    const ret = instance.encrypt(str);
+    if (ret === false) {
+      throw new Error('RsaEncryption encrypt error');
+    }
+    return ret;
+  }
+}

packages/utils/src/encryption/impl/sm2.ts

@@ -0,0 +1,33 @@
+/* eslint-disable no-console */
+import { sm2 } from 'sm-crypto';
+
+import { BaseAsymmetricEncryption } from '../base';
+
+/**
+ * SM2 实现
+ * 注意生成的公钥必须为04开头 或者使用下面的generateSm2KeyPair生成
+ * @see https://tool.hiofd.com/sm2-key-gen/ 这里可以生成04开头的SM2密钥对
+ */
+export class Sm2Encryption extends BaseAsymmetricEncryption {
+  override decrypt(str: string): string {
+    return sm2.doDecrypt(str, this.privateKey);
+  }
+
+  override encrypt(str: string): string {
+    return sm2.doEncrypt(str, this.publicKey);
+  }
+}
+
+export function generateSm2KeyPair() {
+  const { privateKey, publicKey } = sm2.generateKeyPairHex();
+  return {
+    privateKey,
+    publicKey,
+  };
+}
+
+export function logSm2KeyPair() {
+  const { privateKey, publicKey } = generateSm2KeyPair();
+  console.log('privateKey', privateKey);
+  console.log('publicKey', publicKey);
+}

packages/utils/src/encryption/impl/sm4.ts

@@ -0,0 +1,37 @@
+import CryptoJS from 'crypto-js';
+import { sm4 } from 'sm-crypto';
+
+import { BaseSymmetricEncryption } from '../base';
+
+/**
+ * SM4 实现
+ */
+export class Sm4Encryption extends BaseSymmetricEncryption {
+  override decrypt(data: string, key: string): string {
+    this.checkKey(key);
+    const keyHex = CryptoJS.enc.Hex.stringify(CryptoJS.enc.Utf8.parse(key));
+    return sm4.decrypt(data, keyHex);
+  }
+
+  override encrypt(data: string, key: string): string {
+    this.checkKey(key);
+    /**
+     * 转hex字符串
+     * encrypt方法的key需要为`16进制字符串`而非`原始字符串`
+     * 比如字符串ab a为0x61 b为0x62  转字符串为 6162
+     */
+    const keyHex = CryptoJS.enc.Hex.stringify(CryptoJS.enc.Utf8.parse(key));
+
+    return sm4.encrypt(data, keyHex);
+  }
+
+  /**
+   * key长度只能为16位字符串
+   * @param key key
+   */
+  private checkKey(key: string) {
+    if (key.length !== 16) {
+      throw new Error('SM4 key must be 16 bytes');
+    }
+  }
+}

packages/utils/src/encryption/index.ts

@@ -0,0 +1,6 @@
+export * from './base';
+export * from './crypto';
+export * from './impl/aes';
+export * from './impl/rsa';
+export * from './impl/sm2';
+export * from './impl/sm4';

packages/utils/src/index.ts

@@ -1,3 +1,4 @@
+export * from './encryption';
 export * from './helpers';
 export * from '@vben-core/shared/cache';
 export * from '@vben-core/shared/color';