达维营-前端网之前在接入微信公众号相关的接口,对微信消息加解密操作时,下载了官网上的php demo下来。
没想到的是,官网的php代码居然使用着php7废弃的函数Mcrypt,这就导致了使用了php7.2及以上的版本程序上报错。
然后就使用了open_ssl替代解决方案。以下是更新后的pkcs7Encoder.php文件代码
<?php
include_once "errorCode.php";
/**
* PKCS7Encoder class
* openssl_encrypt(版)
* 提供基于PKCS7算法的加解密接口.
*/
class PKCS7Encoder
{
public static $block_size = 32;
/**
* 对需要加密的明文进行填充补位
* @param $text 需要进行填充补位操作的明文
* @return 补齐明文字符串
*/
function encode($text)
{
$block_size = PKCS7Encoder::$block_size;
$text_length = strlen($text); //计算需要填充的位数
$amount_to_pad = PKCS7Encoder::$block_size - ($text_length % PKCS7Encoder::$block_size);
if ($amount_to_pad == 0) {
$amount_to_pad = PKCS7Encoder::block_size;
}
//获得补位所用的字符
$pad_chr = chr($amount_to_pad);
$tmp = "";
for ($index = 0; $index < $amount_to_pad; $index++) {
$tmp .= $pad_chr;
}
return $text.$tmp;
}
/**
* 对解密后的明文进行补位删除
* @param decrypted 解密后的明文
* @return 删除填充补位后的明文
*/
function decode($text)
{
$pad = ord(substr($text, -1));
if ($pad < 1 || $pad > 32) {
$pad = 0;
}
return substr($text, 0, (strlen($text) - $pad));
}
}
/**
* Prpcrypt class
*
* 提供接收和推送给公众平台消息的加解密接口.
*/
class Prpcrypt
{
public $key;
function __construct($k)
{
$this->key = base64_decode($k."=");
}
/**
* 对明文进行加密
* @param string $text 需要加密的明文
* @return string 加密后的密文
*/
public function encrypt($text, $appid)
{
try { //获得16位随机字符串,填充到明文之前
$random = $this->getRandomStr();
$text = $random.pack("N", strlen($text)).$text.$appid;
$iv = substr($this->key, 0, 16);
//使用自定义的填充方式对明文进行补位填充
$pkc_encoder = new PKCS7Encoder;
$text = $pkc_encoder->encode($text);
$encrypted = openssl_encrypt($text, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA, $iv);
return array(ErrorCode::$OK, base64_encode($encrypted));
} catch (Exception $e) {
//print $e;
return array(ErrorCode::$EncryptAESError, null);
}
}
/**
* 对密文进行解密
* @param string $encrypted 需要解密的密文
* @return string 解密得到的明文
*/
public function decrypt($encrypted, $appid)
{
try {
$iv = substr($this->key, 0,
16); //使用BASE64对需要解密的字符串进行解码
$decrypted = openssl_decrypt(base64_decode($encrypted), 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA,
$iv);
} catch (Exception $e) {
return array(ErrorCode::$DecryptAESError, null);
}
try { //去除补位字符
$pkc_encoder = new PKCS7Encoder;
$result = $pkc_encoder->decode($decrypted);
//去除16位随机字符串,网络字节序和AppId
if (strlen($result) < 16) {
return "";
}
$content = substr($result, 16, strlen($result));
$len_list = unpack("N", substr($content, 0, 4));
$xml_len = $len_list[1];
$xml_content = substr($content, 4, $xml_len);
$from_appid = substr($content, $xml_len + 4);
} catch (Exception $e) { //print $e; return array(ErrorCode::$IllegalBuffer, null); } if ($from_appid != $appid) return array(ErrorCode::$ValidateAppidError, null); return array(0, $xml_content);
}
/** * 随机生成16位字符串 * @return string 生成的字符串 */
function getRandomStr()
{
$str = "";
$str_pol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
$max = strlen($str_pol) - 1;
for ($i = 0; $i < 16; $i++) {
$str .= $str_pol[mt_rand(0, $max)];
}
return $str;
}
}
}方法步骤1、居然是php的加密扩展,自然是先安装openssl扩展,不过一般都有安装(命令php -m可查看)
2、查看php官网开发文档openssl,看看各个参数的含义与使用方法。当然上面是已经写好的且验证通过的代码,可拿来即用。
openssl_get_cipher_methods();该方法可以找出openssl支持的所有方法,进行替换即可。
echo '<pre>';
$a = openssl_get_cipher_methods();
print_r($a);
Array
(
[0] => AES-128-CBC
[1] => AES-128-CFB
[2] => AES-128-CFB1
[3] => AES-128-CFB8
[4] => AES-128-CTR
[5] => AES-128-ECB
[6] => AES-128-OFB
[7] => AES-128-XTS
[8] => AES-192-CBC
[9] => AES-192-CFB
[10] => AES-192-CFB1
[11] => AES-192-CFB8
[12] => AES-192-CTR
[13] => AES-192-ECB
[14] => AES-192-OFB
[15] => AES-256-CBC
[16] => AES-256-CFB
[17] => AES-256-CFB1
[18] => AES-256-CFB8
[19] => AES-256-CTR
[20] => AES-256-ECB
[21] => AES-256-OFB
[22] => AES-256-XTS
[23] => BF-CBC
[24] => BF-CFB
[25] => BF-ECB
[26] => BF-OFB
[27] => CAMELLIA-128-CBC
[28] => CAMELLIA-128-CFB
[29] => CAMELLIA-128-CFB1
[30] => CAMELLIA-128-CFB8
[31] => CAMELLIA-128-ECB
[32] => CAMELLIA-128-OFB
[33] => CAMELLIA-192-CBC
[34] => CAMELLIA-192-CFB
[35] => CAMELLIA-192-CFB1
[36] => CAMELLIA-192-CFB8
[37] => CAMELLIA-192-ECB
[38] => CAMELLIA-192-OFB
[39] => CAMELLIA-256-CBC
[40] => CAMELLIA-256-CFB
[41] => CAMELLIA-256-CFB1
[42] => CAMELLIA-256-CFB8
[43] => CAMELLIA-256-ECB
[44] => CAMELLIA-256-OFB
[45] => CAST5-CBC
[46] => CAST5-CFB
[47] => CAST5-ECB
[48] => CAST5-OFB
[49] => DES-CBC
[50] => DES-CFB
[51] => DES-CFB1
[52] => DES-CFB8
[53] => DES-ECB
[54] => DES-EDE
[55] => DES-EDE-CBC
[56] => DES-EDE-CFB
[57] => DES-EDE-OFB
[58] => DES-EDE3
[59] => DES-EDE3-CBC
[60] => DES-EDE3-CFB
[61] => DES-EDE3-CFB1
[62] => DES-EDE3-CFB8
[63] => DES-EDE3-OFB
[64] => DES-OFB
[65] => DESX-CBC
[66] => IDEA-CBC
[67] => IDEA-CFB
[68] => IDEA-ECB
[69] => IDEA-OFB
[70] => RC2-40-CBC
[71] => RC2-64-CBC
[72] => RC2-CBC
[73] => RC2-CFB
[74] => RC2-ECB
[75] => RC2-OFB
[76] => RC4
[77] => RC4-40
[78] => RC4-HMAC-MD5
[79] => SEED-CBC
[80] => SEED-CFB
[81] => SEED-ECB
[82] => SEED-OFB
[83] => aes-128-cbc
[84] => aes-128-cfb
[85] => aes-128-cfb1
[86] => aes-128-cfb8
[87] => aes-128-ctr
[88] => aes-128-ecb
[89] => aes-128-gcm
[90] => aes-128-ofb
[91] => aes-128-xts
[92] => aes-192-cbc
[93] => aes-192-cfb
[94] => aes-192-cfb1
[95] => aes-192-cfb8
[96] => aes-192-ctr
[97] => aes-192-ecb
[98] => aes-192-gcm
[99] => aes-192-ofb
[100] => aes-256-cbc
[101] => aes-256-cfb
[102] => aes-256-cfb1
[103] => aes-256-cfb8
[104] => aes-256-ctr
[105] => aes-256-ecb
[106] => aes-256-gcm
[107] => aes-256-ofb
[108] => aes-256-xts
[109] => bf-cbc
[110] => bf-cfb
[111] => bf-ecb
[112] => bf-ofb
[113] => camellia-128-cbc
[114] => camellia-128-cfb
[115] => camellia-128-cfb1
[116] => camellia-128-cfb8
[117] => camellia-128-ecb
[118] => camellia-128-ofb
[119] => camellia-192-cbc
[120] => camellia-192-cfb
[121] => camellia-192-cfb1
[122] => camellia-192-cfb8
[123] => camellia-192-ecb
[124] => camellia-192-ofb
[125] => camellia-256-cbc
[126] => camellia-256-cfb
[127] => camellia-256-cfb1
[128] => camellia-256-cfb8
[129] => camellia-256-ecb
[130] => camellia-256-ofb
[131] => cast5-cbc
[132] => cast5-cfb
[133] => cast5-ecb
[134] => cast5-ofb
[135] => des-cbc
[136] => des-cfb
[137] => des-cfb1
[138] => des-cfb8
[139] => des-ecb
[140] => des-ede
[141] => des-ede-cbc
[142] => des-ede-cfb
[143] => des-ede-ofb
[144] => des-ede3
[145] => des-ede3-cbc
[146] => des-ede3-cfb
[147] => des-ede3-cfb1
[148] => des-ede3-cfb8
[149] => des-ede3-ofb
[150] => des-ofb
[151] => desx-cbc
[152] => id-aes128-GCM
[153] => id-aes192-GCM
[154] => id-aes256-GCM
[155] => idea-cbc
[156] => idea-cfb
[157] => idea-ecb
[158] => idea-ofb
[159] => rc2-40-cbc
[160] => rc2-64-cbc
[161] => rc2-cbc
[162] => rc2-cfb
[163] => rc2-ecb
[164] => rc2-ofb
[165] => rc4
[166] => rc4-40
[167] => rc4-hmac-md5
[168] => seed-cbc
[169] => seed-cfb
[170] => seed-ecb
[171] => seed-ofb
)