public function decrypt($msgSignature, $timestamp = null, $nonce, $postData, &$msg)
{
if (strlen($this->encodingAesKey) != 43) {
return ErrorCode::$IllegalAesKey;
}
if ($timestamp == null) $timestamp = time();
$pc = new Prpcrypt($this->encodingAesKey);
$encrypt = simplexml_load_string($postData, 'SimpleXMLElement', LIBXML_NOCDATA);
$encrypt = $encrypt->Encrypt;
$sha1 = new SHA1;
$array = $sha1->getSHA1($this->token, $timestamp, $nonce, $encrypt);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
$signature = $array[1];
if ($signature != $msgSignature) {
return ErrorCode::$ValidateSignatureError;
}
$result = $pc->decrypt($encrypt, $this->appId);
if ($result[0] != 0) {
return $result[0];
}
$msg = $result[1];
return ErrorCode::$OK;
}
public function DecryptMsg($signature, $timeStamp = null, $nonce, $encrypt, &$decryptMsg)
{
if (strlen($this->m_encodingAesKey) != 43) {
return ErrorCode::$IllegalAesKey;
}
$pc = new Prpcrypt($this->m_encodingAesKey);
if ($sTimeStamp == null) {
$sTimeStamp = time();
}
$sha1 = new SHA1();
$array = $sha1->getSHA1($this->m_token, $timeStamp, $nonce, $encrypt);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
$verifySignature = $array[1];
if ($verifySignature != $signature) {
return ErrorCode::$ValidateSignatureError;
}
$result = $pc->decrypt($encrypt, $this->m_suiteKey);
if ($result[0] != 0) {
return $result[0];
}
$decryptMsg = $result[1];
return ErrorCode::$OK;
}
public function decryptMsg($msgSignature, $timestamp = NULL, $nonce, $postData, &$msg)
{
if (strlen($this->encodingAesKey) != 43) {
return ErrorCode::$IllegalAesKey;
}
$pc = new Prpcrypt($this->encodingAesKey);
$xmlparse = new XMLParse();
$array = $xmlparse->extract($postData);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
if ($timestamp == NULL) {
$timestamp = time();
}
$encrypt = $array[1];
$touser_name = $array[2];
$sha1 = new SHA1();
$array = $sha1->getSHA1($this->token, $timestamp, $nonce, $encrypt);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
$signature = $array[1];
if ($signature != $msgSignature) {
return ErrorCode::$ValidateSignatureError;
}
$result = $pc->decrypt($encrypt, $this->appId);
if ($result[0] != 0) {
return $result[0];
}
$msg = $result[1];
return ErrorCode::$OK;
}
/**
* 检验消息的真实性,并且获取解密后的明文.
* <ol>
* <li>利用收到的密文生成安全签名,进行签名验证</li>
* <li>若验证通过,则提取xml中的加密消息</li>
* <li>对消息进行解密</li>
* </ol>
*
* @param $msgSignature string 签名串,对应URL参数的msg_signature
* @param $timestamp string 时间戳 对应URL参数的timestamp
* @param $nonce string 随机串,对应URL参数的nonce
* @param $postData string 密文,对应POST请求的数据
* @param &$msg string 解密后的原文,当return返回0时有效
*
* @return int 成功0,失败返回对应的错误码
*/
public function DecryptMsg($sMsgSignature, $sTimeStamp = null, $sNonce, $sPostData, &$data)
{
if (strlen($this->m_sEncodingAesKey) != 43) {
return ErrorCode::$IllegalAesKey;
}
$pc = new Prpcrypt($this->m_sEncodingAesKey);
//提取密文
$xmlparse = new XMLParse();
$array = $xmlparse->extract($sPostData);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
if ($sTimeStamp == null) {
$sTimeStamp = time();
}
$encrypt = $array[1];
$touser_name = $array[2];
//验证安全签名
$sha1 = new SHA1();
$array = $sha1->getSHA1($this->m_sToken, $sTimeStamp, $sNonce, $encrypt);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
$signature = $array[1];
if ($signature != $sMsgSignature) {
return ErrorCode::$ValidateSignatureError;
}
$result = $pc->decrypt($encrypt, $this->m_sCorpid);
if ($result[0] != 0) {
return $result[0];
}
$sMsg = $result[1];
$data = array();
$xml = simplexml_load_string($sMsg, 'SimpleXMLElement', LIBXML_NOCDATA);
$data = api_json_decode(api_json_encode($xml), TRUE);
// if($xml){
// foreach ($xml as $key => $value) {
// $data[$key] = mb_convert_encoding(strval($value),"GBK","UTF-8");;
// }
// }
return ErrorCode::$OK;
}
/**
* 检验消息的真实性,并且获取解密后的明文.
* <ol>
* <li>利用收到的密文生成安全签名,进行签名验证</li>
* <li>若验证通过,则提取xml中的加密消息</li>
* <li>对消息进行解密</li>
* </ol>
*
* @param $msgSignature string 签名串,对应URL参数的msg_signature
* @param $timestamp string 时间戳 对应URL参数的timestamp
* @param $nonce string 随机串,对应URL参数的nonce
* @param $postData string 密文,对应POST请求的数据
* @param &$msg string 解密后的原文,当return返回0时有效
*
* @return int 成功0,失败返回对应的错误码
*/
public function DecryptMsg($sMsgSignature, $sTimeStamp = null, $sNonce, $sPostData, &$sMsg)
{
if (strlen($this->m_sEncodingAesKey) != 43) {
return ErrorCode::$IllegalAesKey;
}
$pc = new Prpcrypt($this->m_sEncodingAesKey);
//提取密文
$xmlparse = new XMLParse();
$array = $xmlparse->extract($sPostData);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
if ($sTimeStamp == null) {
$sTimeStamp = time();
}
$encrypt = $array[1];
$touser_name = $array[2];
//验证安全签名
$sha1 = new SHA1();
$array = $sha1->getSHA1($this->m_sToken, $sTimeStamp, $sNonce, $encrypt);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
$signature = $array[1];
if ($signature != $sMsgSignature) {
return ErrorCode::$ValidateSignatureError;
}
$result = $pc->decrypt($encrypt, $this->m_sCorpid);
if ($result[0] != 0) {
return $result[0];
}
$sMsg = $result[1];
return ErrorCode::$OK;
}
* 这时消息中$APPID既是appid,可以用它区分是那个公众号
*/
chdir(dirname(__FILE__));
//把工作目录切换到文件所在目录
include_once dirname(__FILE__) . '/__config__.php';
//Token 验证,微信验证主体身份。如果是第三方平台,则不存在token验证
if (!$GLOBALS["HTTP_RAW_POST_DATA"]) {
if (YDWX_WEIXIN_ACCOUNT_TYPE == YDWX_WEIXIN_ACCOUNT_TYPE_CROP) {
//企业号的url验证
$signature = $_GET["msg_signature"];
$timestamp = $_GET["timestamp"];
$nonce = $_GET["nonce"];
$echostr = $_GET["echostr"];
$pc = new Prpcrypt(YDWX_WEIXIN_ENCODING_AES_KEY);
$sha1 = new SHA1();
$array = $sha1->getSHA1(YDWX_WEIXIN_TOKEN, $timestamp, $nonce, $echostr);
$ret = $array[0];
if ($ret != 0) {
die;
}
$signature = $array[1];
if ($signature != $signature) {
die;
}
$result = $pc->decrypt($echostr, YDWX_WEIXIN_CROP_ID);
if ($result[0] != 0) {
die;
}
echo $result[1];
} else {
//其它公众号的验证
