From 28db6fc696c0707b20bc34e6552702024992b821 Mon Sep 17 00:00:00 2001 From: Yuan Si Date: Mon, 22 May 2023 00:41:22 +0800 Subject: [PATCH] Initial support for LLAS Signed-off-by: Yuan Si --- config/config.go | 4 ++ encrypt/rsa.go | 28 ++++++++++ main.go | 5 +- router/router.go | 129 +++++++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 165 insertions(+), 1 deletion(-) diff --git a/config/config.go b/config/config.go index 5d84fbb..4ec8a02 100644 --- a/config/config.go +++ b/config/config.go @@ -22,6 +22,10 @@ var ( UserEng *xorm.Engine PackageVersion = "97.4.6" + + // LLAS + StartUpKey = "e0xrykyuBrLlwZhd" + MasterVersion = "8d6246b7c4264db4" ) func init() { diff --git a/encrypt/rsa.go b/encrypt/rsa.go index 7537155..142f496 100644 --- a/encrypt/rsa.go +++ b/encrypt/rsa.go @@ -171,3 +171,31 @@ func RSA_Sign_SHA1(cipherText []byte, privatekeypath string) []byte { return signature } + +func RSA_DecryptOAEP(cipherText []byte, privatekeypath string) []byte { + //open privatekeyfile + privatekeyfile, err := os.Open(privatekeypath) + if err != nil { + panic(err) + } + defer privatekeyfile.Close() + //get privatekeyfile content + privatekeyinfo, _ := privatekeyfile.Stat() + buf := make([]byte, privatekeyinfo.Size()) + privatekeyfile.Read(buf) + //pem decode + privatekeyblock, _ := pem.Decode(buf) + //X509 decode + parseKey, err := x509.ParsePKCS8PrivateKey(privatekeyblock.Bytes) + if err != nil { + panic(err) + } + privateKey := parseKey.(*rsa.PrivateKey) + //decrypt the cipher + plainText, err := rsa.DecryptOAEP(sha1.New(), rand.Reader, privateKey, cipherText, nil) + if err != nil { + panic(err) + } + + return plainText +} diff --git a/main.go b/main.go index 2b80c17..5695893 100644 --- a/main.go +++ b/main.go @@ -9,7 +9,7 @@ import ( func main() { // Gin - // gin.SetMode(gin.ReleaseMode) + gin.SetMode(gin.ReleaseMode) // Router r := gin.Default() @@ -17,5 +17,8 @@ func main() { // SIF router.SifRouter(r) + // AS + router.AsRouter(r) + r.Run(":80") // listen and serve on 0.0.0.0:8080 (for windows "localhost:8080") } diff --git a/router/router.go b/router/router.go index effc47f..8a6f7e1 100644 --- a/router/router.go +++ b/router/router.go @@ -1,16 +1,28 @@ package router import ( + "encoding/base64" + "fmt" + "honoka-chan/config" + "honoka-chan/encrypt" "honoka-chan/handler" "honoka-chan/middleware" + "honoka-chan/utils" + "io" "net/http" "os" "path/filepath" "strings" + "time" "github.com/gin-contrib/sessions" "github.com/gin-contrib/sessions/cookie" "github.com/gin-gonic/gin" + "github.com/tidwall/gjson" +) + +var ( + sessionKey = "12345678123456781234567812345678" ) func SifRouter(r *gin.Engine) { @@ -139,3 +151,120 @@ func SifRouter(r *gin.Engine) { w.POST("/upload", handler.Upload) } } + +func AsRouter(r *gin.Engine) { + + s := r.Group("ep3071") + { + s.POST("/login/login", func(ctx *gin.Context) { + body, err := io.ReadAll(ctx.Request.Body) + if err != nil { + panic(err) + } + defer ctx.Request.Body.Close() + + var mask string + req := gjson.Parse(string(body)) + req.ForEach(func(key, value gjson.Result) bool { + if value.Get("mask").String() != "" { + mask = value.Get("mask").String() + return false + } + return true + }) + fmt.Println("Request data:", req.String()) + fmt.Println("Mask:", mask) + + mask64, err := base64.StdEncoding.DecodeString(mask) + if err != nil { + panic(err) + } + randomBytes := encrypt.RSA_DecryptOAEP(mask64, "privatekey.pem") + fmt.Println("Random Bytes:", randomBytes) + + newKey := utils.SliceXor(randomBytes, []byte(sessionKey)) + newKey64 := base64.StdEncoding.EncodeToString(newKey) + + loginBody := strings.ReplaceAll(utils.ReadAllText("data/login_body.txt"), "SESSION_KEY", newKey64) + signBody := fmt.Sprintf("%d,\"%s\",0,%s", time.Now().UnixMilli(), config.MasterVersion, loginBody) + + ep := strings.ReplaceAll(ctx.Request.URL.String(), "/ep3071", "") + fmt.Println(ep) + + sign := encrypt.HMAC_SHA1_Encrypt([]byte(ep+" "+signBody), []byte(config.StartUpKey)) + fmt.Println(sign) + + res := fmt.Sprintf("[%s,\"%s\"]", signBody, sign) + // fmt.Println(res) + + ctx.Header("Content-Type", "application/json") + ctx.String(http.StatusOK, res) + }) + s.POST("/bootstrap/fetchBootstrap", func(ctx *gin.Context) { + body, err := io.ReadAll(ctx.Request.Body) + if err != nil { + panic(err) + } + defer ctx.Request.Body.Close() + fmt.Println(string(body)) + + ep := strings.ReplaceAll(ctx.Request.URL.String(), "/ep3071", "") + fmt.Println(ep) + + bootstrapBody := utils.ReadAllText("data/bootstrap_body.txt") + signBody := fmt.Sprintf("%d,\"%s\",0,%s", time.Now().UnixMilli(), config.MasterVersion, bootstrapBody) + sign := encrypt.HMAC_SHA1_Encrypt([]byte(ep+" "+signBody), []byte(sessionKey)) + fmt.Println(sign) + + res := fmt.Sprintf("[%s,\"%s\"]", signBody, sign) + // fmt.Println(res) + + ctx.Header("Content-Type", "application/json") + ctx.String(http.StatusOK, res) + }) + s.POST("/billing/fetchBillingHistory", func(ctx *gin.Context) { + body, err := io.ReadAll(ctx.Request.Body) + if err != nil { + panic(err) + } + defer ctx.Request.Body.Close() + fmt.Println(string(body)) + + ep := strings.ReplaceAll(ctx.Request.URL.String(), "/ep3071", "") + fmt.Println(ep) + + bootstrapBody := utils.ReadAllText("data/bill_body.txt") + signBody := fmt.Sprintf("%d,\"%s\",0,%s", time.Now().UnixMilli(), config.MasterVersion, bootstrapBody) + sign := encrypt.HMAC_SHA1_Encrypt([]byte(ep+" "+signBody), []byte(sessionKey)) + fmt.Println(sign) + + res := fmt.Sprintf("[%s,\"%s\"]", signBody, sign) + // fmt.Println(res) + + ctx.Header("Content-Type", "application/json") + ctx.String(http.StatusOK, res) + }) + s.POST("/notice/fetchNotice", func(ctx *gin.Context) { + body, err := io.ReadAll(ctx.Request.Body) + if err != nil { + panic(err) + } + defer ctx.Request.Body.Close() + fmt.Println(string(body)) + + ep := strings.ReplaceAll(ctx.Request.URL.String(), "/ep3071", "") + fmt.Println(ep) + + bootstrapBody := utils.ReadAllText("data/notice_body.txt") + signBody := fmt.Sprintf("%d,\"%s\",0,%s", time.Now().UnixMilli(), config.MasterVersion, bootstrapBody) + sign := encrypt.HMAC_SHA1_Encrypt([]byte(ep+" "+signBody), []byte(sessionKey)) + fmt.Println(sign) + + res := fmt.Sprintf("[%s,\"%s\"]", signBody, sign) + // fmt.Println(res) + + ctx.Header("Content-Type", "application/json") + ctx.String(http.StatusOK, res) + }) + } +}