login登录加密

//引用加密库
document.write("<script type=\"text/javascript\" charset='utf-8' src=\"/com/lib/md5.js\"><\/script>");
document.write("<script type=\"text/javascript\" charset='utf-8' src=\"/com/lib/jsbn.js\"><\/script>");
document.write("<script type=\"text/javascript\" charset='utf-8' src=\"/com/lib/prng4.js\"><\/script>");
document.write("<script type=\"text/javascript\" charset='utf-8' src=\"/com/lib/rng.js\"><\/script>");
document.write("<script type=\"text/javascript\" charset='utf-8' src=\"/com/lib/rsa.js\"><\/script>");

// JavaScript Document
DelCookie("only_use_webrc");// 清除只使用WEB资源标记
DelCookie("webonly");// 清除不启动服务标记
DelCookie("isWebSvcLogout");// 清除使用WEB资源注销标记
DelCookie("is_reminded");// 清除过期提醒标记
Cookie.clearCookie();
Cookie.delCookie("need_ist_cscm");
var v =Cookie.getCookie("need_ist_cscm");//暂时不知道什么原因,这句不加就是清不掉need_ist_cscm
var g_documentComplete = 0;
var INST_COMP = 4;
var INST_MAC = 5;


/* add for M6.6*/
//记录vpn是从哪里访问的
var hashIndex = location.href.lastIndexOf("#");
var sourceUrl = "";
if(hashIndex != -1 && location.href.length > (hashIndex + 1)) {
	sourceUrl = location.href.substr(hashIndex + 1);
	sourceUrl = decodeURIComponent(sourceUrl);
}
else {
	sourceUrl = location.href;
}
sourceUrl = sourceUrl.replace(/\?.*/,""); //把url中的参数去掉,不需要
SetCookie("VpnLine", sourceUrl);


var checkAttackResult = null;
var checkMITMAttack = false;
/*
if(IsIE()){
	checkMITMAttack = false;
}
*/
//禁用启用登录按钮
function disableSubBtn(state){
	var form = $ID("formLogin");
	if(form){
		for(var i=0,len = form.elements.length;i<len;i++){
			var el = form.elements[i];
			assert("debug",el.type);
			if(el.type){
				el.disabled = state;
			}
		}
	}
}

function loadedAction(){
	if(client.showHelpCenter == '1' && !$ID("helper")){
		addStyleLink("/com/css/helper.css");//加帮助链接
		var helpLink = window.language === 'zh_CN' ? '/com/help/' : '/com/help_en/';
		var helperStr = '<div class="link_bar" id="_link_bar"><a class="helper" href="' + helpLink + '" target="_blank">'+tr('帮助')+'</a></div>';
		append(document.body,helperStr);
	}

	var langEl = $ID("language");
	if(langEl){
		var sys_lang = String(
			window.navigator.language
			|| window.navigator.systemLanguage
			|| window.navigator.userLanguage
			|| window.navigator.browserLanguage
		).toLowerCase();
		//非中文环境不显示语言切换按钮
		if(sys_lang !== 'zh-cn'){
			langEl.style.display = "none";
		}else{
			langEl.style.display = "";
			if($ID("zh_CN") && $ID("en_US")){
				var zh_CN = $ID('zh_CN'),
					en_US = $ID('en_US');
				if(zh_CN && window.language === 'zh_CN'){
					zh_CN.removeAttribute('href');
					zh_CN.className = 'zh_CN_disable';
				}
				if(en_US && window.language !== 'zh_CN'){
					en_US.removeAttribute('href');
					en_US.className = 'en_US_disable';
				}
			}
		}
	}

	checkMITMAttack = typeof client.EnableMidAtkCheck!="undefined"?client.EnableMidAtkCheck=="1":false;
	//checkMITMAttack = true;
	if(checkMITMAttack){
		SetCookie("ignore_cscm","0");
		disableSubBtn(true);//禁用输入元素
		CscmManager.createCscm(function(){
			checkAttackResult = g_CscmObj.CheckMITMAttack().toString();
			if(checkAttackResult!=null&&checkAttackResult.toString()!="0"){
				//disableSubBtn(true);
				alert(tr("你访问的SSL VPN正遭受中间人攻击,将不能使用用户名/密码认证!"));
			}
			else{//检测到没有被攻击
				if(useProxy()){//同时启用中间人攻击与ie代理
					alert(tr("服务器启用中间人攻击检测,不允许使用IE代理登录")+tr('SSLVPN'));
				}
				else{//启用输入元素
					disableSubBtn(false);
				}
			}
			try{
				initPageState();
			}
			catch(e){
				//alert(e.message);
			}
		});
	}
	else{
		initPageState();
	}
}
loadedAction.done = false;

document.write("<script language=\"javascript\" type=\"text/javascript\" charset='utf-8' src=\"/com/64sys.js\"><\/scr"+"ipt>");	//x64位支持

addEvent(window, 'load', function () {
	if (Browser.is64 && Browser.isIE) {
		InitFor64('login');
	} else {
		loadedAction.done = true;
		loadedAction();
	}

	// Start add by hcz for M7.1 2016.01.05
	// 规避解决 win10 ie11浏览器下默认模板登录页面渲染多余输入框的问题,再次设置元素宽度,重排页面
	if ($ID("label_psw")) {
		$ID("label_psw").style.width = "100%";
	}
	// End add by hcz for M7.1 2016.01.05

});

/*M5.3EN*/
var doHide = (function(){
		if(window.tmlversion < window.TMLVER){
			return function(el){
				el = typeof(el) === 'string' ? document.getElementById(el) : el;
				if(el){
					el.className = 'hide';
				}
			}
		}else{
			return function(el){
				el = typeof(el) === 'string' ? document.getElementById(el) : el;
				if(el){
					el.style.display = 'none';
				}
			}
		}
	})(),
	doShow = (function(){
		if(window.tmlversion < window.TMLVER){
			return function(el){
				el = typeof(el) === 'string' ? document.getElementById(el) : el;
				if(el){
					el.className = '';
				}
			}
		}else{
			return function(el){
				el = typeof(el) === 'string' ? document.getElementById(el) : el;
				if(el){
					el.style.display = '';
				}
			}
		}
	})();
/*end M5.3EN*/

function initPageState(){

	if(isWin()){
		var sangforTool = $ID("SangforTool");
		if(sangforTool && client.showSvpntool == "1"){
			doShow(sangforTool);
		}
	}
	if(isMac() && !$ID("MacSystem")){
		var ComLayer = $ID("ComLayer"),
			MacSystem,
			MacSysLink;
		if(ComLayer){
			if(ComLayer.tagName === "A"){
				MacSystem = document.createElement('a');
				MacSysLink = MacSystem;

				MacSysLink.href = "javascript:onInstall(INST_MAC)";
				MacSysLink.innerHTML = tr("手动安装组件");
			}else{
				MacSystem = document.createElement('li');
				MacSysLink = MacSystem;

				MacSysLink.innerHTML = '<a href="javascript:onInstall(INST_MAC)">'+tr('手动安装组件')+'</a>';
			}
			MacSysLink.id = "MacSystem";
			MacSysLink.className = "hide";
			ComLayer.parentNode.insertBefore(MacSystem, ComLayer);
			client.N_MACSYSTEM = "MacSystem";
		}
	}
	if(Browser.isIpad){	//M5.2 20110613 luyi
		var iPadClient = $ID("iPadClient"),
            keyTools =$ID("key_tools"),
			iPadClientLink;
        //M7.6.3 20180402 zll
		if(keyTools){
            doHide(keyTools);
		}
		if(iPadClient){
			if(iPadClient.tagName === "A"){
				iPadClientLink = iPadClient;
			}else{
				iPadClientLink = iPadClient.getElementsByTagName("A")[0];
			}
			if(iPadClientLink){
				iPadClientLink.innerHTML = tr("使用客户端,获得更好体验");
				//iPadClientLink.href = "http://itunes.apple.com/us/app/easyconnect/id440460214?ls=1&mt=8";
                iPadClientLink.href = "/por/ipad.csp";
			}
			doShow(iPadClient);
		}
		if(client.showHelpCenter == "1" && $ID('helper')){
			doHide($ID('helper'));
		}
	}else{
		if(client.showHelpCenter == "1" && $ID('helper')){
			doShow($ID('helper'));
		}
	}
	if(DKEY_READY_INSTALL_CSCM == GetCookie("UsingDkey")){
			CertLogin();
	}
	/* check Anonymous login */
	if(client.EnableAnonymous == '1' && client.denyNormalAccess == '1'){
		if(errorMsg != ''){
			alert(errorMsg);
			window.close();
		}
		$ID(client.N_INPUTNAME).value = client.content["ANONYMOUS_USER"];
		$ID(client.N_INPUTPASS).value = "";
		$ID(client.N_LOGFORM).submit();
	}

	checkAnonymousLogin();
	/* initialize layout */
	SetCookie("g_LoginPage","login_psw");
	SetCookie("VisitTimes","0");
	SetCookie("haveLogin", "0");
	Cookie.setCookie("auto_login_count",0);
	if(errorMsg != "" && errorMsg.indexOf(tr("尝试暴破登录,启用图形校验码"))==-1){
		showMsg("error", errorMsg);
	}else{
		hideMsg();
	}

	var doDisplay = (client.N_HIDEBUTTONS != "true" || GetCookie("g_LoginPage") == "logout")? doShow : doHide;
	doDisplay(client.N_SIGNINBYCERT);	//show cert login button
	var dkeyBnt = $ID(client.N_SIGNINBYDKEY);
	if(!isWin()){//跨平台不支dkey登录
		doHide(dkeyBnt);
	}
	else{
		doDisplay(dkeyBnt);	//show dkey login button
	}

	if($ID("loginTypes")){
		doDisplay('loginTypes');
	}

	// 忘记密码
    if (client.EnableResetPsw == "1") {
        doShow("resetpsw");
    }
    else {
        doHide("resetpsw");
    }


	if(client.EnableRandCode == '1'){
		$ID(client.N_INPUTRAND).getElementsByTagName('img')[0].src = '/por/rand_code.csp';
		doShow(client.N_INPUTRAND);
	}else{
		doHide(client.N_INPUTRAND);
	}

	if(client.showSetup == "1" && !Browser.isIpad){
		if(isMac()){
			doShow(client.N_MACSYSTEM);
			doHide(client.N_COMPLAYER);
		}else{
			doShow(client.N_COMPLAYER);
			doHide(client.N_MACSYSTEM);
		}
	}else{
		doHide(client.N_COMPLAYER);
		doHide(client.N_MACSYSTEM);
	}
	if(isWin()){
		if(client.EnableDKeyVer != "0"){
			doShow(client.N_DKEYTIPS);
		}else{
			doHide(client.N_DKEYTIPS);
		}
	}

	g_documentComplete = 1;

	//M60易用性改进
	addEvent($ID(client.N_INPUTPASS),'focus',function(){
		this.select();
	});

	if($ID(client.N_INPUTNAME) != null){
		try{ $ID(client.N_INPUTNAME).focus(); }catch(ex){}
	}
}

//切换图形验证码
function ChangeRandCode()
{
	var objImg = $ID(client.N_RANDCODEIMG);
	objImg.src='/por/rand_code.csp?rnd='+Math.random();
}

//这个方法点击证书登录时触发
function CertLogin(){
	SetCookie("UsingDkey","0");
	self.location.href = 'login_cert.csp';
}

function checkAnonymousLogin()
{

	try{
		var nodeInput = $ID(client.N_INPUTNAME);
		var nodeButton = $ID(client.N_BUTTONNAME);
		var certname = GetCookie("CERT_USERNAME");
		if(client.EnableAnonymous == "1" && (certname == "SangforDefaultValue" || certname == "0" || certname == "SinforDefaultValue") )
		{
			var anonyButton = $ID(client.N_ANONYBUTTONNAME);
			if(anonyButton)
			{//M60之后匿名按钮用新的按钮
				anonyButton.style.display = '';
			}
			else
			{//M60以下版本的逻辑,匿名按钮与登录按钮是同一个
				nodeButton.innerHTML = (nodeInput.value.length > 0)?client.content['NORMAL_LOGIN']:client.content['ANONYMOUS_LOGIN'];
			}
		}
		else {

		}

	}catch(e){/*do nothing*/}
}

function closeSoftKb()
{
	if(client.EnableKeypad == "1")
		closekeyboard();
}


//panwc added for 4.2 anonymous login 2009.04.14 -->
function onInputNameFocus()
{
	if(client.EnableAnonymous == "1")
		$ID(client.N_BUTTONNAME).innerHTML = client.content['NORMAL_LOGIN'];
}

function onButtonMouseMove()
{
	checkAnonymousLogin();
}

function onInputNameBlur()
{
	checkAnonymousLogin();
}

function onInstall(toInstall)
{
	var parma =  "width=400,height=160,top=100,left=100,resizable=yes,location=no,menubar=no,scrollbars=no,status=no";
	window.open("../com/setup.html?" + toInstall,"install", parma);
}

function HandleDkey()
{
	var ua = navigator.userAgent.toLowerCase();
	if (ua.indexOf("edge") >= 0) {
		alert(tr("Edge浏览器暂不支持USB-Key登录,请更换其他浏览器"));
	} else {
		window.location = "dkey_portal.csp";
	}
}

function HelpCenter()
{
	var help_link = window.language === 'zh_CN' ? '../com/help/' : '../com/help_en/';
	window.open(help_link);
}

if(Browser.isIpad || (!Browser.isIE && /x64/.test(navigator.userAgent.toLowerCase()))){
	SetCookie("webonly","1");
	SetCookie("allowlogin","1");
}

//将登录按钮原submit类型改为button类型
function nomalLogin()
{
	if(formSubmit(false))
	{
		var form = $ID("formLogin");
		if(form)
		{
			$ID(client.N_LOGFORM).submit();
		}
	}
}

//新增匿名登录
function anonymousLogin()
{
	if(formSubmit(true))
	{
		var form = $ID("formLogin");
		if(form)
		{
			$ID(client.N_LOGFORM).submit();
		}
	}
}

//M6.8增加对密码RSA加密
function doEncrypt(str){
	var rsa;
	rsa = new RSAKey();
	var exp = typeof(client.EncryptExp) !== 'undefined' ? client.EncryptExp : "65537";
	rsa.setPublic(client.EncryptKey, parseInt(exp).toString(16));
	var res = rsa.encrypt(str);
	if (res) {
		return res;
	}
	return "";
}

//m60开始新增isAnonymous,支持匿名按钮独立出来
function formSubmit(isAnonymous)
{
	var progid = G_DLLS[ID_CSCM][ID_PROGID];
	if(!g_CscmObj)
	{
		g_CscmObj = CreateObject(progid);
	}

	/* //6.9以前版本升级上来后, 不存在SetSvpnStartTime接口, 会报脚本错误
	if(g_CscmObj != null && isWin())//windows才需要统计时间
	{
		g_CscmObj.SetSvpnStartTime();
	}
	*/

	if(typeof(g_documentComplete) == "undefined" || g_documentComplete == 0)
		return false;
	if(checkReLoginEx()) return  false;
    var usrname = $ID(client.N_INPUTNAME).value.trim();
	$ID(client.N_INPUTNAME).value = usrname;
	var usrpsw = $ID(client.N_INPUTPASS).value;
	var isEncrypt = 1;
	if($ID(client.N_BUTTONNAME).innerHTML == client.content["ANONYMOUS_LOGIN"]){
		isAnonymous = true;
	}
	if(typeof(client.EncryptKey) == "undefined" || !client.EncryptKey || isAnonymous){
		isEncrypt = 0;	//密钥不存在(兼容老模板)或匿名登录时, 不加密
	}else{
		usrpsw = doEncrypt(usrpsw);
	}
	var url = $ID("formLogin").action;
	if(url.indexOf("?") == -1){
		$ID("formLogin").action = url + "?encrypt="+isEncrypt;
	}else{
		$ID("formLogin").action = url + "&encrypt="+isEncrypt;
	}
	var isValidSign = true;
	if(isAnonymous){
 		$ID(client.N_INPUTNAME).value = client.content["ANONYMOUS_USER"];
		$ID(client.N_INPUTPASS).value = "";
		$ID("randcode").value = "";
		return isValidSign;
	}
	 //panwc added end
	if(usrname == ""){
		showMsg("error",client.content["NEED_USERNAME"]);
		$ID(client.N_INPUTNAME).focus();
		isValidSign = false;
	}

	if(mbStringLength(usrname) > 72){
		showMsg("error",client.content["INVALID_USER"]);
		$ID(client.N_INPUTNAME).focus();
		isValidSign = false;
	}
	var rand = "";
	if(client.EnableRandCode == '1'){
		rand=$ID("randcode").value;
		if(rand == ""){
			showMsg("error",client.content["NEED_RANDCODE"]);
			$ID("randcode").focus();
			isValidSign = false;
		}
	}

	if(isValidSign==true){
		$ID(client.N_BUTTONNAME).disabled = true;
		showMsg("load",client.content['LOGING']);
	}
	//checkAttackResult = 0;
	if(checkMITMAttack&&isValidSign){
		if(checkAttackResult=="0"){
			//alert("rand:"+rand);
			var result =  g_CscmObj.GetMITEMAttackResult(usrname,usrpsw,rand.toLowerCase()).toString();
			//alert("result:"+result);
			$ID("txtMITEMAttack").value = result;
			var randcodeEl = $ID("randcode");
			randcodeEl.id = "_randcode";
			randcodeEl.name = "_randcode";
			randcodeEl.value = "";
			var hiddenCode = createHidden("svpn_rand_code");
			hiddenCode.value = hex_md5(rand.toString().toLowerCase());
			var parentEl = $ID("txtMITEMAttack").parentNode;
			parentEl.appendChild(hiddenCode);

			$ID(client.N_INPUTPASS).value = "";//清空密码
		}
		else{
			alert(tr("没有通过安全检查,不能登录"));
			isValidSign = false;
		}
	}else if(isValidSign){
		//最后填充加密后的值,避免重复加密
		$ID(client.N_INPUTPASS).value = usrpsw;
	}

	return isValidSign;
}

 

posted @ 2018-07-21 19:00  爱吃醋的工程师  阅读(1827)  评论(0编辑  收藏  举报