@@ -22,6 +22,10 @@ var (
|
||||
UserEng *xorm.Engine
|
||||
|
||||
PackageVersion = "97.4.6"
|
||||
|
||||
// LLAS
|
||||
StartUpKey = "e0xrykyuBrLlwZhd"
|
||||
MasterVersion = "8d6246b7c4264db4"
|
||||
)
|
||||
|
||||
func init() {
|
||||
|
||||
@@ -171,3 +171,31 @@ func RSA_Sign_SHA1(cipherText []byte, privatekeypath string) []byte {
|
||||
|
||||
return signature
|
||||
}
|
||||
|
||||
func RSA_DecryptOAEP(cipherText []byte, privatekeypath string) []byte {
|
||||
//open privatekeyfile
|
||||
privatekeyfile, err := os.Open(privatekeypath)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
defer privatekeyfile.Close()
|
||||
//get privatekeyfile content
|
||||
privatekeyinfo, _ := privatekeyfile.Stat()
|
||||
buf := make([]byte, privatekeyinfo.Size())
|
||||
privatekeyfile.Read(buf)
|
||||
//pem decode
|
||||
privatekeyblock, _ := pem.Decode(buf)
|
||||
//X509 decode
|
||||
parseKey, err := x509.ParsePKCS8PrivateKey(privatekeyblock.Bytes)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
privateKey := parseKey.(*rsa.PrivateKey)
|
||||
//decrypt the cipher
|
||||
plainText, err := rsa.DecryptOAEP(sha1.New(), rand.Reader, privateKey, cipherText, nil)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
|
||||
return plainText
|
||||
}
|
||||
|
||||
@@ -9,7 +9,7 @@ import (
|
||||
|
||||
func main() {
|
||||
// Gin
|
||||
// gin.SetMode(gin.ReleaseMode)
|
||||
gin.SetMode(gin.ReleaseMode)
|
||||
|
||||
// Router
|
||||
r := gin.Default()
|
||||
@@ -17,5 +17,8 @@ func main() {
|
||||
// SIF
|
||||
router.SifRouter(r)
|
||||
|
||||
// AS
|
||||
router.AsRouter(r)
|
||||
|
||||
r.Run(":80") // listen and serve on 0.0.0.0:8080 (for windows "localhost:8080")
|
||||
}
|
||||
|
||||
@@ -1,16 +1,28 @@
|
||||
package router
|
||||
|
||||
import (
|
||||
"encoding/base64"
|
||||
"fmt"
|
||||
"honoka-chan/config"
|
||||
"honoka-chan/encrypt"
|
||||
"honoka-chan/handler"
|
||||
"honoka-chan/middleware"
|
||||
"honoka-chan/utils"
|
||||
"io"
|
||||
"net/http"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/gin-contrib/sessions"
|
||||
"github.com/gin-contrib/sessions/cookie"
|
||||
"github.com/gin-gonic/gin"
|
||||
"github.com/tidwall/gjson"
|
||||
)
|
||||
|
||||
var (
|
||||
sessionKey = "12345678123456781234567812345678"
|
||||
)
|
||||
|
||||
func SifRouter(r *gin.Engine) {
|
||||
@@ -139,3 +151,120 @@ func SifRouter(r *gin.Engine) {
|
||||
w.POST("/upload", handler.Upload)
|
||||
}
|
||||
}
|
||||
|
||||
func AsRouter(r *gin.Engine) {
|
||||
|
||||
s := r.Group("ep3071")
|
||||
{
|
||||
s.POST("/login/login", func(ctx *gin.Context) {
|
||||
body, err := io.ReadAll(ctx.Request.Body)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
defer ctx.Request.Body.Close()
|
||||
|
||||
var mask string
|
||||
req := gjson.Parse(string(body))
|
||||
req.ForEach(func(key, value gjson.Result) bool {
|
||||
if value.Get("mask").String() != "" {
|
||||
mask = value.Get("mask").String()
|
||||
return false
|
||||
}
|
||||
return true
|
||||
})
|
||||
fmt.Println("Request data:", req.String())
|
||||
fmt.Println("Mask:", mask)
|
||||
|
||||
mask64, err := base64.StdEncoding.DecodeString(mask)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
randomBytes := encrypt.RSA_DecryptOAEP(mask64, "privatekey.pem")
|
||||
fmt.Println("Random Bytes:", randomBytes)
|
||||
|
||||
newKey := utils.SliceXor(randomBytes, []byte(sessionKey))
|
||||
newKey64 := base64.StdEncoding.EncodeToString(newKey)
|
||||
|
||||
loginBody := strings.ReplaceAll(utils.ReadAllText("data/login_body.txt"), "SESSION_KEY", newKey64)
|
||||
signBody := fmt.Sprintf("%d,\"%s\",0,%s", time.Now().UnixMilli(), config.MasterVersion, loginBody)
|
||||
|
||||
ep := strings.ReplaceAll(ctx.Request.URL.String(), "/ep3071", "")
|
||||
fmt.Println(ep)
|
||||
|
||||
sign := encrypt.HMAC_SHA1_Encrypt([]byte(ep+" "+signBody), []byte(config.StartUpKey))
|
||||
fmt.Println(sign)
|
||||
|
||||
res := fmt.Sprintf("[%s,\"%s\"]", signBody, sign)
|
||||
// fmt.Println(res)
|
||||
|
||||
ctx.Header("Content-Type", "application/json")
|
||||
ctx.String(http.StatusOK, res)
|
||||
})
|
||||
s.POST("/bootstrap/fetchBootstrap", func(ctx *gin.Context) {
|
||||
body, err := io.ReadAll(ctx.Request.Body)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
defer ctx.Request.Body.Close()
|
||||
fmt.Println(string(body))
|
||||
|
||||
ep := strings.ReplaceAll(ctx.Request.URL.String(), "/ep3071", "")
|
||||
fmt.Println(ep)
|
||||
|
||||
bootstrapBody := utils.ReadAllText("data/bootstrap_body.txt")
|
||||
signBody := fmt.Sprintf("%d,\"%s\",0,%s", time.Now().UnixMilli(), config.MasterVersion, bootstrapBody)
|
||||
sign := encrypt.HMAC_SHA1_Encrypt([]byte(ep+" "+signBody), []byte(sessionKey))
|
||||
fmt.Println(sign)
|
||||
|
||||
res := fmt.Sprintf("[%s,\"%s\"]", signBody, sign)
|
||||
// fmt.Println(res)
|
||||
|
||||
ctx.Header("Content-Type", "application/json")
|
||||
ctx.String(http.StatusOK, res)
|
||||
})
|
||||
s.POST("/billing/fetchBillingHistory", func(ctx *gin.Context) {
|
||||
body, err := io.ReadAll(ctx.Request.Body)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
defer ctx.Request.Body.Close()
|
||||
fmt.Println(string(body))
|
||||
|
||||
ep := strings.ReplaceAll(ctx.Request.URL.String(), "/ep3071", "")
|
||||
fmt.Println(ep)
|
||||
|
||||
bootstrapBody := utils.ReadAllText("data/bill_body.txt")
|
||||
signBody := fmt.Sprintf("%d,\"%s\",0,%s", time.Now().UnixMilli(), config.MasterVersion, bootstrapBody)
|
||||
sign := encrypt.HMAC_SHA1_Encrypt([]byte(ep+" "+signBody), []byte(sessionKey))
|
||||
fmt.Println(sign)
|
||||
|
||||
res := fmt.Sprintf("[%s,\"%s\"]", signBody, sign)
|
||||
// fmt.Println(res)
|
||||
|
||||
ctx.Header("Content-Type", "application/json")
|
||||
ctx.String(http.StatusOK, res)
|
||||
})
|
||||
s.POST("/notice/fetchNotice", func(ctx *gin.Context) {
|
||||
body, err := io.ReadAll(ctx.Request.Body)
|
||||
if err != nil {
|
||||
panic(err)
|
||||
}
|
||||
defer ctx.Request.Body.Close()
|
||||
fmt.Println(string(body))
|
||||
|
||||
ep := strings.ReplaceAll(ctx.Request.URL.String(), "/ep3071", "")
|
||||
fmt.Println(ep)
|
||||
|
||||
bootstrapBody := utils.ReadAllText("data/notice_body.txt")
|
||||
signBody := fmt.Sprintf("%d,\"%s\",0,%s", time.Now().UnixMilli(), config.MasterVersion, bootstrapBody)
|
||||
sign := encrypt.HMAC_SHA1_Encrypt([]byte(ep+" "+signBody), []byte(sessionKey))
|
||||
fmt.Println(sign)
|
||||
|
||||
res := fmt.Sprintf("[%s,\"%s\"]", signBody, sign)
|
||||
// fmt.Println(res)
|
||||
|
||||
ctx.Header("Content-Type", "application/json")
|
||||
ctx.String(http.StatusOK, res)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user