change encrypt method

This commit is contained in:
spirit 2019-12-05 23:07:28 +08:00
parent d7e5af113f
commit e8e5630907
6 changed files with 26 additions and 98 deletions

View File

@ -1616,7 +1616,7 @@ function output_comments_qq_columns( $column_name, $comment_id ){
*/ */
add_filter( 'get_avatar', 'change_avatar', 10, 3 ); add_filter( 'get_avatar', 'change_avatar', 10, 3 );
function change_avatar($avatar){ function change_avatar($avatar){
global $comment,$sakura_pubkey; global $comment,$sakura_privkey;
if ($comment) { if ($comment) {
if( get_comment_meta( $comment->comment_ID, 'new_field_qq', true )){ if( get_comment_meta( $comment->comment_ID, 'new_field_qq', true )){
$qq_number = get_comment_meta( $comment->comment_ID, 'new_field_qq', true ); $qq_number = get_comment_meta( $comment->comment_ID, 'new_field_qq', true );
@ -1627,9 +1627,9 @@ function change_avatar($avatar){
preg_match('/:\"([^\"]*)\"/i',$qqavatar,$matches); preg_match('/:\"([^\"]*)\"/i',$qqavatar,$matches);
return '<img src="'.$matches[1].'" data-src="'.stripslashes($m[1]).'" class="lazyload avatar avatar-24 photo" alt="😀" width="24" height="24" onerror="imgError(this,1)">'; return '<img src="'.$matches[1].'" data-src="'.stripslashes($m[1]).'" class="lazyload avatar avatar-24 photo" alt="😀" width="24" height="24" onerror="imgError(this,1)">';
}else{ }else{
openssl_public_encrypt($qq_number, $encrypted, openssl_pkey_get_public($sakura_pubkey)); $encrypted = openssl_encrypt($qq_number, 'aes-128-cbc', $sakura_privkey, 0);
$qq_number = urlencode(base64_encode($encrypted)); $encrypted = urlencode(base64_encode($encrypted));
return '<img src="'.rest_url("sakura/v1/qqinfo/avatar").'?qq='.$qq_number.'"class="lazyload avatar avatar-24 photo" alt="😀" width="24" height="24" onerror="imgError(this,1)">'; return '<img src="'.rest_url("sakura/v1/qqinfo/avatar").'?qq='.$encrypted.'"class="lazyload avatar avatar-24 photo" alt="😀" width="24" height="24" onerror="imgError(this,1)">';
} }
}else{ }else{
return $avatar ; return $avatar ;
@ -1729,7 +1729,7 @@ add_action('pre_comment_on_post', 'allow_more_tag_in_comment');
* 随机图 * 随机图
*/ */
function create_sakura_table(){ function create_sakura_table(){
global $wpdb; global $wpdb,$sakura_image_array,$sakura_privkey;
$sakura_table_name = $wpdb->base_prefix.'sakura'; $sakura_table_name = $wpdb->base_prefix.'sakura';
require_once(ABSPATH . "wp-admin/includes/upgrade.php"); require_once(ABSPATH . "wp-admin/includes/upgrade.php");
dbDelta("CREATE TABLE IF NOT EXISTS `" . $sakura_table_name . "` ( dbDelta("CREATE TABLE IF NOT EXISTS `" . $sakura_table_name . "` (
@ -1755,22 +1755,13 @@ function create_sakura_table(){
if ( !$wpdb->get_var("SELECT COUNT(*) FROM $sakura_table_name WHERE mate_key = 'privkey'") ){ if ( !$wpdb->get_var("SELECT COUNT(*) FROM $sakura_table_name WHERE mate_key = 'privkey'") ){
$privkey = array( $privkey = array(
"mate_key" => "privkey", "mate_key" => "privkey",
"mate_value" => file_get_contents(get_template_directory()."/manifest/private.key") "mate_value" => wp_generate_password(8)
); );
$wpdb->insert($sakura_table_name,$privkey); $wpdb->insert($sakura_table_name,$privkey);
} }
if ( !$wpdb->get_var("SELECT COUNT(*) FROM $sakura_table_name WHERE mate_key = 'pubkey'") ){
$pubkey = array(
"mate_key" => "pubkey",
"mate_value" => file_get_contents(get_template_directory()."/manifest/public.key")
);
$wpdb->insert($sakura_table_name,$pubkey);
}
//reduce sql query //reduce sql query
global $sakura_image_array,$sakura_privkey,$sakura_pubkey;
$sakura_image_array = $wpdb->get_var("SELECT `mate_value` FROM `wp_sakura` WHERE `mate_key`='manifest_json'"); $sakura_image_array = $wpdb->get_var("SELECT `mate_value` FROM `wp_sakura` WHERE `mate_key`='manifest_json'");
$sakura_privkey = $wpdb->get_var("SELECT `mate_value` FROM `wp_sakura` WHERE `mate_key`='privkey'"); $sakura_privkey = $wpdb->get_var("SELECT `mate_value` FROM `wp_sakura` WHERE `mate_key`='privkey'");
$sakura_pubkey = $wpdb->get_var("SELECT `mate_value` FROM `wp_sakura` WHERE `mate_key`='pubkey'");
} }
add_action( 'after_setup_theme', 'create_sakura_table' ); add_action( 'after_setup_theme', 'create_sakura_table' );

View File

@ -407,25 +407,6 @@ function update_database() {
$wpdb->insert($sakura_table_name,$time); $wpdb->insert($sakura_table_name,$time);
$message = "manifest.json has been stored into database."; $message = "manifest.json has been stored into database.";
} }
if(isset($_FILES["rsa"])){
if($_FILES["rsa"]["name"]=="public.key"){
$pubkey = array(
"mate_key" => "pubkey",
"mate_value" => file_get_contents($_FILES["rsa"]["tmp_name"])
);
$wpdb->query("DELETE FROM `wp_sakura` WHERE `mate_key` ='pubkey'");
$wpdb->insert($sakura_table_name,$pubkey);
}
if($_FILES["rsa"]["name"]=="private.key"){
$privkey = array(
"mate_key" => "privkey",
"mate_value" => file_get_contents($_FILES["rsa"]["tmp_name"])
);
$wpdb->query("DELETE FROM `wp_sakura` WHERE `mate_key` ='privkey'");
$wpdb->insert($sakura_table_name,$privkey);
}
$message = "key pairs has been stored into database.";
}
$output = array( $output = array(
'status' => 200, 'status' => 200,
'success' => true, 'success' => true,
@ -453,20 +434,21 @@ function update_database() {
*/ */
function get_qq_avatar(){ function get_qq_avatar(){
global $sakura_privkey; global $sakura_privkey;
$qq_number=$_GET["qq"]; $encrypted=$_GET["qq"];
$encrypted = urldecode(base64_decode($qq_number)); if(isset($encrypted)){
openssl_private_decrypt($encrypted, $qq_number, openssl_pkey_get_private($sakura_privkey)); $encrypted = urldecode(base64_decode($encrypted));
preg_match('/^\d{3,}$/', $qq_number, $matches); $qq_number = openssl_decrypt($encrypted, 'aes-128-cbc', $sakura_privkey, 0);
$imgurl='https://q2.qlogo.cn/headimg_dl?dst_uin='.$matches[0].'&spec=100'; preg_match('/^\d{3,}$/', $qq_number, $matches);
if(akina_option('qq_avatar_link')=='off'){ $imgurl='https://q2.qlogo.cn/headimg_dl?dst_uin='.$matches[0].'&spec=100';
$imgdata = file_get_contents($imgurl); if(akina_option('qq_avatar_link')=='type_1'){
header("Content-type: image/jpeg"); $imgdata = file_get_contents($imgurl);
echo $imgdata; header("Content-type: image/jpeg");
}else{ echo $imgdata;
$response = new WP_REST_Response(); }else{
$response->set_status(302); $response = new WP_REST_Response();
$response->header('Location', $imgurl); $response->set_status(302);
return $response; $response->header('Location', $imgurl);
} return $response;
}
}
} }

View File

@ -24,7 +24,7 @@ pip3 install Pillow
pip install Pillow --user pip install Pillow --user
``` ```
用同样的方法安装`requests`、`pycryptodome` 用同样的方法安装`requests`
### 运行 ### 运行
把图片文件放到 `gallary` 目录Windows 可直接双击 manifest.py或者和其他操作系统一样在 Terminal、Powershell、CMD 中运行: 把图片文件放到 `gallary` 目录Windows 可直接双击 manifest.py或者和其他操作系统一样在 Terminal、Powershell、CMD 中运行:

View File

@ -10,7 +10,6 @@ import json
import requests import requests
import base64 import base64
import hashlib import hashlib
from Crypto.PublicKey import RSA
from PIL import Image from PIL import Image
class Single(object): class Single(object):
@ -52,7 +51,7 @@ class Single(object):
return self.mani return self.mani
class Upload2Wordpress: class Upload2Wordpress(object):
def __init__(self, username, password, url): def __init__(self, username, password, url):
self.username = username self.username = username
self.password = password self.password = password
@ -69,20 +68,10 @@ class Upload2Wordpress:
reply = requests.post(self.url, headers=headers, files=files) reply = requests.post(self.url, headers=headers, files=files)
print(json.loads(reply.content)['message']) print(json.loads(reply.content)['message'])
def upload_manifest(self): def main(self):
print('start uploading `manifest.json`...') print('start uploading `manifest.json`...')
self.upload('manifest.json', 'manifest') self.upload('manifest.json', 'manifest')
def upload_key(self):
print('start uploading `private.key`...')
self.upload('private.key', 'rsa')
print('start uploading `public.key`...')
self.upload('public.key', 'rsa')
def main(self):
self.upload_manifest()
self.upload_key()
def gen_manifest_json(): def gen_manifest_json():
onlyfiles = [f for f in os.listdir('gallary') if os.path.isfile(os.path.join('gallary', f))] onlyfiles = [f for f in os.listdir('gallary') if os.path.isfile(os.path.join('gallary', f))]
@ -97,21 +86,8 @@ def gen_manifest_json():
json.dump(Manifest, json_file) json.dump(Manifest, json_file)
def gen_key_pairs():
key = RSA.generate(1024)
pv_key_string = key.exportKey()
with open("private.key", "w+") as prv_file:
print("{}".format(pv_key_string.decode()), file=prv_file)
pb_key_string = key.publickey().exportKey()
with open("public.key", "w+") as pub_file:
print("{}".format(pb_key_string.decode()), file=pub_file)
def main(): def main():
gen_manifest_json() gen_manifest_json()
if not os.path.exists("public.key") or not os.path.exists("private.key"):
print("start generating key pairs...")
gen_key_pairs()
username = input('Enter your username: ') username = input('Enter your username: ')
password = input('Enter your password: ') password = input('Enter your password: ')
url = input('Enter your rest api url: ') url = input('Enter your rest api url: ')

View File

@ -1,15 +0,0 @@
-----BEGIN RSA PRIVATE KEY-----
MIICXgIBAAKBgQDC2aXWaqi3rnlmHm97aEPtgvfW6brUztfev88GxdizNLCItEfy
qrNEovewoXXNOVlEfzgWpGyMbcdno5S0Q4H+nc9WPIzKIrx3AeSyzGAuammcZ/m9
5fPlS9oVCcH9kakgpkvut6VCx2DMNz+UeHJ7E0qyIIbZH2o3t0ZXuJ+fEQIDAQAB
AoGAI3ucEhhZQh3ROLH5Ljl2CUYM2QO2RLOoJwW57ytPQ48oSLS/12aTf7/HqFA2
0hkL8wfR0Hm/1LDXG73zwgH7JW9ByYGNFbnjEIAcY6DZc0zFuV++yUqNiYVggkVa
ae0e0Z0aoLC1S5494Oa5XEYb9kCCezb6n5GMyqlmlcPr5ksCQQDC9BYYuTilSOVC
AnwOXaIE88Yr006WXQFYBeEeNB17eDSpNKsc/1z+K+NOZacCRP5rTViIsiNWcodM
3EWhPljfAkEA/91IXqF8gxutvRN1eAa6YZlFEeZtDSPDtB7bmds4NEqgCMwxKQaG
VLAmbVsJpevXRiu10ewOz688XWN+GBLWDwJBAJal7YlPX/GBYf9fUiP7wN6YzdNB
52GUHxy49lvTo9Csc+0pEO1Ie8DBg1YqgSLk08FxNG/1UA9WUy1WrcvLFPsCQQCW
agDEWMy4yom9cHYLJHFnNNJM7phHNDI1bjqM3TnSS9h+s4Nm6cYIfTFp8i3e06FP
SBzwFoSyhQLIp9eV0WTzAkEAo8ByUQGurZnv7PeLoEt2P2pBPYYEU6iA1qUNq7oY
cnVtlsQiDWiecc+aqhX3LQ3VVNdDvg0BSywB0nixDeD0CQ==
-----END RSA PRIVATE KEY-----

View File

@ -1,6 +0,0 @@
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC2aXWaqi3rnlmHm97aEPtgvfW
6brUztfev88GxdizNLCItEfyqrNEovewoXXNOVlEfzgWpGyMbcdno5S0Q4H+nc9W
PIzKIrx3AeSyzGAuammcZ/m95fPlS9oVCcH9kakgpkvut6VCx2DMNz+UeHJ7E0qy
IIbZH2o3t0ZXuJ+fEQIDAQAB
-----END PUBLIC KEY-----