From ef99d79f1ab03325bd94af6e9a2bcc608d119549 Mon Sep 17 00:00:00 2001 From: flucout Date: Wed, 6 Dec 2023 21:28:51 +0800 Subject: [PATCH] update --- app/common.php | 40 +++++++++++++++++++++++++ app/controller/Api.php | 81 ++++++++++++++++++++++++++++++++++++++++++-------- route/app.php | 5 ++++ 3 files changed, 113 insertions(+), 13 deletions(-) diff --git a/app/common.php b/app/common.php index 65d4024..c4fe7a3 100644 --- a/app/common.php +++ b/app/common.php @@ -184,4 +184,44 @@ function errorlog($msg){ $handle = fopen(app()->getRootPath()."record.txt", 'a'); fwrite($handle, date('Y-m-d H:i:s')."\t".$msg."\r\n"); fclose($handle); +} + +function licenseEncrypt($data, $key){ + $iv = substr($key, 0, 16); + return openssl_encrypt($data, 'AES-256-CBC', $key, 0, $iv); +} + +function licenseDecrypt($data, $key){ + $iv = substr($key, 0, 16); + return openssl_decrypt($data, 'AES-256-CBC', $key, 0, $iv); +} + +function generateKeyPairs(){ + $pkey_dir = app()->getRootPath().'data/config/'; + $public_key_path = $pkey_dir.'public_key.pem'; + $private_key_path = $pkey_dir.'private_key.pem'; + if(file_exists($public_key_path) && file_exists($private_key_path)){ + return [file_get_contents($public_key_path), file_get_contents($private_key_path)]; + } + $pkey_config = ['private_key_bits'=>4096]; + $pkey_res = openssl_pkey_new($pkey_config); + $private_key = ''; + openssl_pkey_export($pkey_res, $private_key, null, $pkey_config); + $pkey_details = openssl_pkey_get_details($pkey_res); + if(!$pkey_details) return false; + $public_key = $pkey_details['key']; + file_put_contents($public_key_path, $public_key); + file_put_contents($private_key_path, $private_key); + return [$public_key, $private_key]; +} + +function pemToBase64($pem){ + $lines = explode("\n", $pem); + $encoded = ''; + foreach ($lines as $line) { + if (trim($line) != '' && strpos($line, '-----BEGIN') === false && strpos($line, '-----END') === false) { + $encoded .= trim($line); + } + } + return $encoded; } \ No newline at end of file diff --git a/app/controller/Api.php b/app/controller/Api.php index d4481b8..f06ae75 100644 --- a/app/controller/Api.php +++ b/app/controller/Api.php @@ -213,6 +213,17 @@ class Api extends BaseController return json($data); } + //宝塔云WAF最新版本 + public function btwaf_latest_version(){ + $data = [ + 'version' => '2.5', + 'description' => '暂无更新日志', + 'create_time' => 1701252997, + ]; + $data = bin2hex(json_encode($data)); + return json(['status'=>true,'err_no'=>0,'msg'=>'获取成功','data'=>$data]); + } + //获取内测版更新日志 public function get_beta_logs(){ return json(['beta_ps'=>'当前暂无内测版', 'list'=>[]]); @@ -275,35 +286,67 @@ class Api extends BaseController //绑定账号 public function get_auth_token(){ - if(!$_POST['data']) return json(['status'=>false, 'msg'=>'参数不能为空']); - $reqData = hex2bin($_POST['data']); + if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']); + $reqData = hex2bin(input('post.data')); parse_str($reqData, $arr); $serverid = $arr['serverid']; - $userinfo = ['uid'=>1, 'username'=>'Administrator', 'address'=>'127.0.0.1', 'serverid'=>$serverid, 'access_key'=>random(32), 'secret_key'=>random(48), 'ukey'=>md5(time()), 'state'=>1]; - $data = bin2hex(urlencode(json_encode($userinfo))); + $userinfo = ['uid'=>1, 'username'=>'Administrator', 'address'=>'127.0.0.1', 'serverid'=>$serverid, 'access_key'=>random(48), 'secret_key'=>random(48), 'ukey'=>md5(time()), 'state'=>1]; + $data = bin2hex(json_encode($userinfo)); return json(['status'=>true, 'msg'=>'登录成功!', 'data'=>$data]); } //绑定账号新 public function authorization_login(){ - if(!$_POST['data']) return json(['status'=>false, 'msg'=>'参数不能为空']); - $reqData = hex2bin($_POST['data']); + if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']); + $reqData = hex2bin(input('post.data')); parse_str($reqData, $arr); $serverid = $arr['serverid']; - $userinfo = ['uid'=>1, 'username'=>'Administrator', 'ip'=>'127.0.0.1', 'server_id'=>$serverid, 'access_key'=>random(32), 'secret_key'=>random(48)]; - $data = bin2hex(urlencode(json_encode($userinfo))); - return json(['status'=>true, 'msg'=>'登录成功!', 'data'=>$data]); + $userinfo = ['uid'=>1, 'username'=>'Administrator', 'ip'=>'127.0.0.1', 'server_id'=>$serverid, 'access_key'=>random(48), 'secret_key'=>random(48)]; + $data = bin2hex(json_encode($userinfo)); + return json(['status'=>true, 'err_no'=>0, 'msg'=>'账号绑定成功', 'data'=>$data]); } //刷新授权信息 public function authorization_info(){ - if(!$_POST['data']) return json(['status'=>false, 'msg'=>'参数不能为空']); - $reqData = hex2bin($_POST['data']); + if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']); + $reqData = hex2bin(input('post.data')); parse_str($reqData, $arr); $id = isset($arr['id'])&&$arr['id']>0?$arr['id']:1; $userinfo = ['id'=>$id, 'product'=>$arr['product'], 'status'=>2, 'clients'=>9999, 'durations'=>0, 'end_time'=>strtotime('+10 year')]; - $data = bin2hex(urlencode(json_encode($userinfo))); - return json(['status'=>true, 'data'=>$data]); + $data = bin2hex(json_encode($userinfo)); + return json(['status'=>true, 'err_no'=>0, 'data'=>$data]); + } + + //刷新授权信息 + public function update_license(){ + if(!input('?post.data')) return json(['status'=>false, 'msg'=>'参数不能为空']); + $reqData = hex2bin(input('post.data')); + parse_str($reqData, $arr); + if(!isset($arr['product']) || !isset($arr['serverid'])) return json(['status'=>false, 'msg'=>'缺少参数']); + + $license_data = ['product'=>$arr['product'], 'uid'=>random(32), 'phone'=>'138****8888', 'auth_id'=>random(32), 'server_id'=>substr($arr['serverid'], 0, 32), 'auth'=>['apis'=>[], 'menu'=>[], 'extra'=>['type'=>3,'location'=>-1,'smart_cc'=>-1,'site'=>0]], 'pages'=>[], 'end_time'=>strtotime('+10 year')]; + $json = json_encode($license_data); + + [$public_key, $private_key] = generateKeyPairs(); + $public_key = pemToBase64($public_key); + + $key1 = random(32); + $key2 = substr($public_key, 0, 32); + $encrypted1 = licenseEncrypt($json, $key1); + $encrypted2 = licenseEncrypt($key1, $key2); + $sign_data = $encrypted1.'.'.$encrypted2; + openssl_sign($sign_data, $signature, $private_key, OPENSSL_ALGO_SHA256); + $signature = base64_encode($signature); + + $license = base64_encode($sign_data.'.'.$signature); + $data = bin2hex(json_encode(['public_key'=>$public_key, 'license'=>$license])); + return json(['status'=>true, 'err_no'=>0, 'msg'=>'授权获取成功', 'data'=>$data]); + } + + public function is_obtained_btw_trial(){ + $data = ['is_obtained'=>0]; + $data = bin2hex(json_encode($data)); + return json(['status'=>true, 'err_no'=>0, 'data'=>$data, 'msg'=>'检测成功']); } //一键部署列表 @@ -391,4 +434,16 @@ class Api extends BaseController fclose($handle); exit; } + + public function logerror(){ + $content = date('Y-m-d H:i:s')."\r\n"; + $content.=$_SERVER['REQUEST_METHOD'].' '.$_SERVER['REQUEST_URI']."\r\n"; + if($_SERVER['REQUEST_METHOD'] == 'POST'){ + $content.=file_get_contents('php://input')."\r\n"; + } + $handle = fopen(app()->getRootPath()."record.txt", 'a'); + fwrite($handle, $content."\r\n"); + fclose($handle); + return json(['status'=>false, 'msg'=>'不支持当前操作']); + } } \ No newline at end of file diff --git a/route/app.php b/route/app.php index 66c3e4a..2f67d5b 100644 --- a/route/app.php +++ b/route/app.php @@ -17,11 +17,16 @@ Route::post('/Auth/GetAuthToken', 'api/get_auth_token'); Route::post('/Auth/GetBindCode', 'api/return_error'); Route::any('/bt_monitor/update_history', 'api/btm_update_history'); Route::any('/bt_monitor/latest_version', 'api/btm_latest_version'); +Route::any('/bt_waf/get_malicious_ip', 'api/get_ssl_list'); +Route::any('/bt_waf/daily_count_v2', 'api/get_ssl_list'); +Route::any('/bt_waf/latest_version', 'api/btwaf_latest_version'); Route::group('authorization', function () { Route::post('/login', 'api/authorization_login'); Route::post('/info', 'api/authorization_info'); Route::post('/info_v2', 'api/authorization_info'); + Route::post('/update_license', 'api/update_license'); + Route::post('/is_obtained_btw_trial', 'api/is_obtained_btw_trial'); Route::miss('api/return_error'); });