提供基于PKCS7算法的加解密接口.
public function decrypt($encrypted, $appid)
{
try {
$ciphertext_dec = base64_decode($encrypted);
$module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
$iv = substr($this->key, 0, 16);
mcrypt_generic_init($module, $this->key, $iv);
$decrypted = mdecrypt_generic($module, $ciphertext_dec);
mcrypt_generic_deinit($module);
mcrypt_module_close($module);
} catch (Exception $e) {
return array(ErrorCode::$DecryptAESError, NULL);
}
try {
$pkc_encoder = new PKCS7Encoder();
$result = $pkc_encoder->decode($decrypted);
if (strlen($result) < 16) {
return '';
}
$content = substr($result, 16, strlen($result));
$len_list = unpack('N', substr($content, 0, 4));
$xml_len = $len_list[1];
$xml_content = substr($content, 4, $xml_len);
$from_appid = substr($content, $xml_len + 4);
} catch (Exception $e) {
print $e;
return array(ErrorCode::$IllegalBuffer, NULL);
}
if ($from_appid != $appid) {
return array(ErrorCode::$ValidateAppidError, NULL);
}
return array(0, $xml_content);
}
public function decrypt($encrypted, $corpid)
{
try {
$ciphertext_dec = base64_decode($encrypted);
$module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
$iv = substr($this->key, 0, 16);
mcrypt_generic_init($module, $this->key, $iv);
$decrypted = mdecrypt_generic($module, $ciphertext_dec);
mcrypt_generic_deinit($module);
mcrypt_module_close($module);
} catch (Exception $e) {
return array(ErrorCode::$DecryptAESError, null);
}
try {
//去除补位字符
$pkc_encoder = new PKCS7Encoder();
$result = $pkc_encoder->decode($decrypted);
//去除16位随机字符串,网络字节序和AppId
if (strlen($result) < 16) {
return "";
}
$content = substr($result, 16, strlen($result));
$len_list = unpack("N", substr($content, 0, 4));
$xml_len = $len_list[1];
$xml_content = substr($content, 4, $xml_len);
$from_corpid = substr($content, $xml_len + 4);
} catch (Exception $e) {
print $e;
return array(ErrorCode::$DecryptAESError, null);
}
if ($from_corpid != $corpid) {
return array(ErrorCode::$ValidateSuiteKeyError, null);
}
return array(0, $xml_content);
}
/**
* 对密文进行解密
*
* @param string $encrypted 需要解密的密文
* @param string $corp_id
* @return string 解密得到的明文
*/
public function decrypt($encrypted, $corp_id)
{
try {
//使用BASE64对需要解密的字符串进行解码
$cipherText = base64_decode($encrypted);
$iv = substr($this->_key, 0, self::INIT_VECTOR_SIZE);
$decrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $this->_key, $cipherText, MCRYPT_MODE_CBC, $iv);
} catch (\Exception $e) {
return false;
}
try {
//去除补位字符
$result = PKCS7Encoder::decode($decrypted);
//去除16位随机字符串,网络字节序和AppId
if (strlen($result) < self::RANDOM_STRING_LEN) {
return '';
}
$content = substr($result, self::RANDOM_STRING_LEN);
list(, $xmlContentLen) = unpack('N', substr($content, 0, 4));
$xmlContent = substr($content, 4, $xmlContentLen);
$fromCorpID = substr($content, $xmlContentLen + 4);
} catch (\Exception $e) {
return false;
}
if ($fromCorpID != $corp_id) {
return false;
}
return $xmlContent;
}
/**
* 对密文进行解密
* @param string $encrypted 需要解密的密文
* @return string 解密得到的明文
*/
public function decrypt($encrypted, $appid)
{
try {
//使用BASE64对需要解密的字符串进行解码
$ciphertext_dec = base64_decode($encrypted);
$module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
$iv = substr($this->key, 0, 16);
mcrypt_generic_init($module, $this->key, $iv);
//解密
$decrypted = mdecrypt_generic($module, $ciphertext_dec);
mcrypt_generic_deinit($module);
mcrypt_module_close($module);
} catch (Exception $e) {
return array(ErrorCode::$DecryptAESError, null);
}
try {
//去除补位字符
$pkc_encoder = new PKCS7Encoder();
$result = $pkc_encoder->decode($decrypted);
//去除16位随机字符串,网络字节序和AppId
if (strlen($result) < 16) {
return "";
}
$content = substr($result, 16, strlen($result));
$len_list = unpack("N", substr($content, 0, 4));
$xml_len = $len_list[1];
$xml_content = substr($content, 4, $xml_len);
$from_appid = substr($content, $xml_len + 4);
if (!$appid) {
$appid = $from_appid;
}
//如果传入的appid是空的,则认为是订阅号,使用数据中提取出来的appid
} catch (Exception $e) {
//print $e;
return array(ErrorCode::$IllegalBuffer, null);
}
if ($from_appid != $appid) {
return array(ErrorCode::$ValidateAppidError, null);
}
//不注释上边两行,避免传入appid是错误的情况
return array(0, $xml_content, $from_appid);
//增加appid,为了解决后面加密回复消息的时候没有appid的订阅号会无法回复
}
/**
* 对密文进行解密
* @param string $encrypted 需要解密的密文
* @return string 解密得到的明文
*/
public function decrypt($encrypted)
{
try {
//使用BASE64对需要解密的字符串进行解码
$ciphertext_dec = base64_decode($encrypted);
$module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
$iv = substr($this->key, 0, 16);
mcrypt_generic_init($module, $this->key, $iv);
//解密
$decrypted = mdecrypt_generic($module, $ciphertext_dec);
mcrypt_generic_deinit($module);
mcrypt_module_close($module);
} catch (Exception $e) {
return null;
}
try {
//去除补位字符
$pkc_encoder = new PKCS7Encoder();
$result = $pkc_encoder->decode($decrypted);
//去除16位随机字符串,网络字节序和机身编号
if (strlen($result) < 16) {
return "";
}
$content = substr($result, 16, strlen($result));
$len_list = unpack("N", substr($content, 0, 4));
$command_len = $len_list[1];
$command_content = substr($content, 4, $command_len);
} catch (Exception $e) {
//print $e;
return null;
}
return $command_content;
}
/**
* @param string $encrypted 密文
* @param string $corpid
* @param boolean $validCorpid 是否验证corpid,默认验证
* @return NULL|string
*/
public function decrypt($encrypted, $corpid, $validCorpid = true)
{
try {
//使用BASE64对需要解密的字符串进行解码
$ciphertext_dec = base64_decode($encrypted);
$module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
$iv = substr($this->key, 0, 16);
mcrypt_generic_init($module, $this->key, $iv);
//解密
$decrypted = mdecrypt_generic($module, $ciphertext_dec);
mcrypt_generic_deinit($module);
mcrypt_module_close($module);
} catch (Exception $e) {
$this->err = new PrpcryptError($e->getCode(), $e->getMessage(), $e->getLine(), $e->getFile(), $e->getTrace());
return null;
}
try {
//去除补位字符
$pkc_encoder = new PKCS7Encoder();
$result = $pkc_encoder->decode($decrypted);
//去除16位随机字符串,网络字节序和AppId
if (strlen($result) < 16) {
$this->err = new PrpcryptError(PrpcryptError::RESULT_LENGHT_LESS_THAN_16, 'result length is less than 16', __LINE__, __FILE__, debug_backtrace());
return null;
}
$content = substr($result, 16, strlen($result));
$len_list = unpack("N", substr($content, 0, 4));
$xml_len = $len_list[1];
$xml_content = substr($content, 4, $xml_len);
$from_corpid = substr($content, $xml_len + 4);
} catch (Exception $e) {
$this->err = new PrpcryptError($e->getCode(), $e->getMessage(), $e->getLine(), $e->getFile(), $e->getTrace());
return null;
}
if ($validCorpid && $from_corpid != $corpid) {
$this->err = new PrpcryptError(PrpcryptError::CORPID_IS_NOT_VALID, "coprid given is :{$corpid}, but the from corpid is : {$from_corpid}", __LINE__, __FILE__, debug_backtrace());
return null;
} else {
return $xml_content;
}
}
/**
* 对密文进行解密
* @param string $encrypted 需要解密的密文
* @return string 解密得到的明文
*/
public function decrypt($encrypted, $corpid)
{
try {
//使用BASE64对需要解密的字符串进行解码
$ciphertext_dec = base64_decode($encrypted);
$module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
$iv = trim(substr($this->key, 0, 16));
mcrypt_generic_init($module, $this->key, $iv);
//解密
$decrypted = mdecrypt_generic($module, $ciphertext_dec);
mcrypt_generic_deinit($module);
mcrypt_module_close($module);
} catch (Exception $e) {
return array(ErrorCode::$DecryptAESError, null);
}
try {
//去除补位字符
\Log::info('tt');
$pkc_encoder = new PKCS7Encoder();
$result = $pkc_encoder->decode($decrypted);
//去除16位随机字符串,网络字节序和AppId
if (strlen($result) < 16) {
return "";
}
$content = substr($result, 16, strlen($result));
$len_list = unpack("N", substr($content, 0, 4));
$xml_len = $len_list[1];
$xml_content = trim(substr($content, 4, $xml_len));
$from_corpid = trim(substr($content, $xml_len + 4));
} catch (Exception $e) {
print $e;
return array(ErrorCode::$IllegalBuffer, null);
}
\Log::info("from:" . $xml_content);
\Log::info("corp:" . $corpid);
//TODO 检查不通过 注释掉
// if ($from_corpid != $corpid)
// return array(ErrorCode::$ValidateCorpidError, null);
\Log::info("corpID:" . $corpid);
\Log::info("fromCorpId" . $from_corpid);
return array(0, $xml_content);
}
