Quellcode durchsuchen

Add hepu pwd encryption

qiuyang vor 2 Monaten
Ursprung
Commit
417f8b6f4e

+ 71 - 0
framework/request/include/HepuGetSalt.h

@@ -0,0 +1,71 @@
+#pragma once
+
+#include <iostream>
+
+#include <rapidjson/document.h>
+#include <rapidjson/rapidjson.h>
+#include <rapidjson/stringbuffer.h>
+#include <rapidjson/writer.h>
+using namespace std;
+
+class HepuGetSalt
+{
+    private:
+    public:
+        const string cmd = "userSaltGet";
+        string username;
+
+        HepuGetSalt(){};
+        ~HepuGetSalt(){};
+        void objectToJson(string& str){
+            rapidjson::StringBuffer strBuf;
+            rapidjson::Writer<rapidjson::StringBuffer> writer(strBuf);
+            this->objectToJson(writer);
+            str = strBuf.GetString();
+        }
+
+        void objectToJson(rapidjson::Writer<rapidjson::StringBuffer>& writer){
+            writer.StartObject();
+
+            writer.Key("cmd");
+            writer.String(cmd.c_str());
+
+            writer.Key("param");
+            writer.StartObject();
+
+            writer.Key("username");
+            writer.String(username.c_str());
+            writer.EndObject();
+
+            writer.EndObject();
+        }
+
+        bool jsonToObject(std::string& json){
+            rapidjson::Document doc;
+            doc.Parse(json.c_str());
+            if(!doc.IsObject()){
+                return false;
+            }
+
+            const auto end = doc.MemberEnd();
+
+            if(end == doc.FindMember("cmd") || !doc["cmd"].IsString()){
+                return false;
+            }else{
+                if(cmd != doc["cmd"].GetString())
+                    return false;
+            }
+
+            if(end == doc.FindMember("param") || !doc["param"].IsObject()) {
+                return false;
+            }else{
+                if(end == doc.FindMember("username") || !doc["username"].IsString()){
+                    return false;
+                }else{
+                    username = doc["username"].GetString();
+                }
+            }
+
+            return true;
+        }
+};

+ 60 - 0
framework/request/include/HepuGetSaltRe.h

@@ -0,0 +1,60 @@
+#pragma once
+
+#include <iostream>
+
+#include <rapidjson/document.h>
+#include <rapidjson/rapidjson.h>
+#include <rapidjson/stringbuffer.h>
+#include <rapidjson/writer.h>
+using namespace std;
+
+class HepuGetSaltRe
+{
+    private:
+    public:
+        const string cmd = "userSaltGet";
+        int ackvalue ;
+        string salt;
+        int loginEnc;
+
+        HepuGetSaltRe(){};
+        ~HepuGetSaltRe(){};
+
+        bool jsonToObject(string& json){
+            rapidjson::Document doc;
+            doc.Parse(json.c_str());
+            if(!doc.IsObject()){
+                return false;
+            }
+
+            const auto end = doc.MemberEnd();
+
+            if(end == doc.FindMember("cmd") || !doc["cmd"].IsString()){
+                return false;
+            }else{
+                if(cmd != doc["cmd"].GetString())
+                    return false;
+            }
+            
+            if(end == doc.FindMember("param") || !doc["param"].IsObject()) {
+                return false;
+            }else{
+                if(end == doc.FindMember("ackvalue") || !doc["ackvalue"].IsInt()) {
+                    return false;
+                }else{
+                    ackvalue = doc["ackvalue"].GetInt();
+                }
+                if(end == doc.FindMember("salt") || !doc["salt"].IsString()) {
+                    return false;
+                }else{
+                    salt = doc["salt"].GetString();
+                }
+                if(end == doc.FindMember("loginEnc") || !doc["loginEnc"].IsInt()) {
+                    return false;
+                }else{
+                    loginEnc = doc["loginEnc"].GetInt();
+                }
+            }
+            return true;
+        }
+};

+ 1 - 1
framework/request/include/HepuHB.h

@@ -59,7 +59,7 @@ class HepuHB
             if(end == doc.FindMember("param") || !doc["param"].IsObject()) {
                 return false;
             }else{
-                if(end == doc.FindMember("token") || !doc["token"].IsInt()){
+                if(end == doc.FindMember("token") || !doc["token"].IsString()){
                     return false;
                 }else{
                     token = doc["token"].GetString();

BIN
lib/libgsd_modules.so


BIN
lib/libgsd_plugins.so


+ 10 - 2
modules/Hepu/include/Hepu.hpp

@@ -15,6 +15,7 @@
 //#include "TCPClient.hpp"
 #include <httplib.h>
 #include "Notices.h"
+#include "md5.h"
 
 #include "UtilBase.hpp"
 
@@ -24,6 +25,8 @@
 #include "HepuLoginRe.h"
 #include "HepuTarget.h"
 #include "HepuTargetRe.h"
+#include "HepuGetSalt.h"
+#include "HepuGetSaltRe.h"
 
 using namespace std;
 using namespace toolkit;
@@ -38,6 +41,7 @@ namespace gsd{
             string password_;
             string token_;
             string url_;
+            string salt_;
             int port_;
 
         public:
@@ -62,11 +66,15 @@ namespace gsd{
 
             bool alive();
 
-            int32_t sendHepuHB(HepuHB& HepuHBMsg);
+            int32_t getSalt(HepuGetSalt& hepuGetSaltMsg);
+
+            int32_t getSalt();
+
+            int32_t sendHepuHB(HepuHB& hepuHBMsg);
 
             int32_t sendHepuHB();
 
-            int32_t sendHepuTarget(HepuTarget& HepuTargetMsg);
+            int32_t sendHepuTarget(HepuTarget& hepuTargetMsg);
 
             void setUsr(string usr);
 

+ 69 - 1
modules/Hepu/src/Hepu.cpp

@@ -20,6 +20,9 @@ namespace gsd{
             ErrorL << "Hepu http client initialization failed.";
             return ERR;
         }
+
+
+
         if(this->LoginHepu() != OK){
             ErrorL << "Failed to login to Hepu IPC.";
             return ERR;
@@ -47,7 +50,7 @@ namespace gsd{
         std::string msg;
         hepuloginMsg.token = "";
         hepuloginMsg.username = this->username_;
-        hepuloginMsg.password = this->password_;
+        hepuloginMsg.password = md5(this->password_ + this->salt_);
         hepuloginMsg.objectToJson(msg);
         msg += "\r\n";
 
@@ -87,6 +90,71 @@ namespace gsd{
         return this->token_ == "" ? false : true;
     }
 
+    int32_t Hepu::getSalt(HepuGetSalt& hepuGetSaltMsg){
+        if(m_hepu == nullptr) return ERR;
+
+        std::string msg;
+        hepuGetSaltMsg.username = this->username_;
+        hepuGetSaltMsg.objectToJson(msg);
+        msg+="\r\n";
+
+        cout<<"get salt json msg: "<<endl;
+        cout<<msg<<endl;
+
+        if(auto res = m_hepu->Post("/cgi-bin/proc.cgi", msg,"application/json")){
+            cout<<res->body<<endl;
+            if(res->status != 100){
+                HepuGetSaltRe hepuGetSaltReMsg;
+                if(!hepuGetSaltReMsg.jsonToObject(res->body)){
+                    cout<<"get salt res json2object fail."<<endl;
+                    return ERR;
+                }
+                this->salt_ = hepuGetSaltReMsg.salt;
+                return OK;
+            }
+            return ERR;
+        }else{
+            auto err = res.error();
+            cout<<"hepu getsalt failed,"<<err<<endl;
+            ErrorL <<"Hepu getsalt failed,"<<err<<endl;
+            return ERR;
+        }
+        return ERR;
+    }
+
+    int32_t Hepu::getSalt(){
+        if(m_hepu == nullptr) return ERR;
+
+        HepuGetSalt hepuGetSaltMsg;
+        std::string msg;
+        hepuGetSaltMsg.username = this->username_;
+        hepuGetSaltMsg.objectToJson(msg);
+        msg+="\r\n";
+
+        cout<<"get salt json msg: "<<endl;
+        cout<<msg<<endl;
+
+        if(auto res = m_hepu->Post("/cgi-bin/proc.cgi", msg,"application/json")){
+            cout<<res->body<<endl;
+            if(res->status != 100){
+                HepuGetSaltRe hepuGetSaltReMsg;
+                if(!hepuGetSaltReMsg.jsonToObject(res->body)){
+                    cout<<"get salt res json2object fail."<<endl;
+                    return ERR;
+                }
+                this->salt_ = hepuGetSaltReMsg.salt;
+                return OK;
+            }
+            return ERR;
+        }else{
+            auto err = res.error();
+            cout<<"hepu getsalt failed,"<<err<<endl;
+            ErrorL <<"Hepu getsalt failed,"<<err<<endl;
+            return ERR;
+        }
+        return ERR;    
+    }
+
     int32_t Hepu::sendHepuHB(HepuHB& hepuHBMsg){
         if(m_hepu == nullptr) return ERR;
 

+ 61 - 0
plugins/HepuPlugin/include/md5.h

@@ -0,0 +1,61 @@
+#ifndef BZF_MD5_H
+#define BZF_MD5_H
+ 
+#include <cstring>
+#include <iostream>
+ 
+ 
+// a small class for calculating MD5 hashes of strings or byte arrays
+// it is not meant to be fast or secure
+//
+// usage: 1) feed it blocks of uchars with update()
+//      2) finalize()
+//      3) get hexdigest() string
+//      or
+//      MD5(std::string).hexdigest()
+//
+// assumes that char is 8 bit and int is 32 bit
+class MD5
+{
+public:
+  typedef unsigned int size_type; // must be 32bit
+ 
+  MD5();
+  MD5(const std::string& text);
+  void update(const unsigned char *buf, size_type length);
+  void update(const char *buf, size_type length);
+  MD5& finalize();
+  std::string hexdigest() const;
+  friend std::ostream& operator<<(std::ostream&, MD5 md5);
+ 
+private:
+  void init();
+  typedef unsigned char uint1; //  8bit
+  typedef unsigned int uint4;  // 32bit
+  enum {blocksize = 64}; // VC6 won't eat a const static int here
+ 
+  void transform(const uint1 block[blocksize]);
+  static void decode(uint4 output[], const uint1 input[], size_type len);
+  static void encode(uint1 output[], const uint4 input[], size_type len);
+ 
+  bool finalized;
+  uint1 buffer[blocksize]; // bytes that didn't fit in last 64 byte chunk
+  uint4 count[2];   // 64bit counter for number of bits (lo, hi)
+  uint4 state[4];   // digest so far
+  uint1 digest[16]; // the result
+ 
+  // low level logic operations
+  static inline uint4 F(uint4 x, uint4 y, uint4 z);
+  static inline uint4 G(uint4 x, uint4 y, uint4 z);
+  static inline uint4 H(uint4 x, uint4 y, uint4 z);
+  static inline uint4 I(uint4 x, uint4 y, uint4 z);
+  static inline uint4 rotate_left(uint4 x, int n);
+  static inline void FF(uint4 &a, uint4 b, uint4 c, uint4 d, uint4 x, uint4 s, uint4 ac);
+  static inline void GG(uint4 &a, uint4 b, uint4 c, uint4 d, uint4 x, uint4 s, uint4 ac);
+  static inline void HH(uint4 &a, uint4 b, uint4 c, uint4 d, uint4 x, uint4 s, uint4 ac);
+  static inline void II(uint4 &a, uint4 b, uint4 c, uint4 d, uint4 x, uint4 s, uint4 ac);
+};
+ 
+std::string md5(const std::string str);
+ 
+#endif

BIN
source/bin/gsd


BIN
test/bin/hepu_test