使用thinkphp官方的WeChat包,使用不同模式可以成功,但是安全模式就是不行,现将分析解决结果做下记录。
TRight
分析问题:
解密微信服务器消息老是不成功,下载下微信公众平台官方给出的解密文件和WechatCrypt.class.php进行比对发现也没有问题。用file_put_contents函数保存下解密后的文件进行分析。发现官方包解密的xml不是标准的xml格式,所以simplexml_load_string函数无法处理。
<span>/*</span><span>* * 对密文进行解密 * @param string $encrypt 密文 * @return string 明文 </span><span>*/</span><span>public</span><span>function</span> decrypt(<span>$encrypt</span><span>){ </span><span>//</span><span>BASE64解码</span><span>$encrypt</span> = <span>base64_decode</span>(<span>$encrypt</span><span>); </span><span>//</span><span>打开加密算法模块</span><span>$td</span> = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, ''<span>); </span><span>//</span><span>初始化加密算法模块</span> mcrypt_generic_init(<span>$td</span>, <span>$this</span>->cyptKey, <span>substr</span>(<span>$this</span>->cyptKey, 0, 16<span>)); </span><span>//</span><span>执行解密</span><span>$decrypt</span> = mdecrypt_generic(<span>$td</span>, <span>$encrypt</span><span>); </span><span>//</span><span>去除PKCS7补位</span><span>$decrypt</span> = self::PKCS7Decode(<span>$decrypt</span>, mcrypt_enc_get_key_size(<span>$td</span><span>)); </span><span>//</span><span>关闭加密算法模块</span> mcrypt_generic_deinit(<span>$td</span><span>); mcrypt_module_close(</span><span>$td</span><span>); </span><span>if</span>(<span>strlen</span>(<span>$decrypt</span>) < 16<span>){ </span><span>throw</span><span>new</span> \<span><strong>Exception</strong></span>("非法密文字符串!"<span>); } </span><span>//</span><span>去除随机字符串</span><span>$decrypt</span> = <span>substr</span>(<span>$decrypt</span>, 16<span>); </span><span>//</span><span>获取网络字节序</span><span>$size</span> = <span>unpack</span>("N", <span>substr</span>(<span>$decrypt</span>, 0, 4<span>)); </span><span>$size</span> = <span>$size</span>[1<span>]; </span><span>//</span><span>APP_ID</span><span>$appid</span> = <span>substr</span>(<span>$decrypt</span>, <span>$size</span> + 4<span>); </span><span>//</span><span>验证APP_ID</span><span>if</span>(<span>$appid</span> !== <span>$this</span>-><span>appId){ </span><span>throw</span><span>new</span> \<span><strong>Exception</strong></span>("非法APP_ID!"<span>); } </span><span>//</span><span>明文内容</span><span>$text</span> = <span>substr</span>(<span>$decrypt</span>, 4, <span>$size</span><span>); </span><span>return</span><span>$text</span><span>; } </span><span>/*</span><span>* * PKCS7填充字符 * @param string $text 被填充字符 * @param integer $size Block长度 </span><span>*/</span><span>private</span><span>static</span><span>function</span> PKCS7Encode(<span>$text</span>, <span>$size</span><span>){ </span><span>//</span><span>字符串长度</span><span>$str_size</span> = <span>strlen</span>(<span>$text</span><span>); </span><span>//</span><span>填充长度</span><span>$pad_size</span> = <span>$size</span> - (<span>$str_size</span> % <span>$size</span><span>); </span><span>$pad_size</span> = <span>$pad_size</span> ? : <span>$size</span><span>; </span><span>//</span><span>填充的字符</span><span>$pad_chr</span> = <span>chr</span>(<span>$pad_size</span><span>); </span><span>//</span><span>执行填充</span><span>$text</span> = <span>str_pad</span>(<span>$text</span>, <span>$str_size</span> + <span>$pad_size</span>, <span>$pad_chr</span>,<span> STR_PAD_RIGHT); </span><span>return</span><span>$text</span><span>; } </span><span>/*</span><span>* * 删除PKCS7填充的字符 * @param string $text 已填充的字符 * @param integer $size Block长度 </span><span>*/</span><span>private</span><span>static</span><span>function</span> PKCS7Decode(<span>$text</span>, <span>$size</span><span>){ </span><span>//</span><span>获取补位字符</span><span>$pad_str</span> = <span>ord</span>(<span>substr</span>(<span>$text</span>, -1<span>)); </span><span>if</span> (<span>$pad_str</span> < 1 || <span>$pad_str</span> > <span>$size</span><span>) { </span><span>$pad_str</span>= 0<span>; } </span><span>return</span><span>substr</span>(<span>$text</span>, 0, <span>strlen</span>(<span>$text</span>) - <span>$pad_str</span><span>); }</span>
解决方法:
输出的xml文件是这样的
<span>1</span><span><</span><span>xml</span><span>></span><span>2</span><span><</span><span>ToUserName</span><span>></span><span><![CDATA[</span><span>gh_249aeb986d99</span><span>]]></span><span><</span><span>\/ToUserName</span><span>></span><span>\n</span><span>3</span><span><</span><span>FromUserName</span><span>></span><span><![CDATA[</span><span>oopVmxHZaeQkDPsRcbpwXKkH-J2Q</span><span>]]></span><span><</span><span>\/FromUserName</span><span>></span><span>\n</span><span>4</span><span><</span><span>CreateTime</span><span>></span>1448944621<span><</span><span>\/CreateTime</span><span>></span><span>\n</span><span>5</span><span><</span><span>MsgType</span><span>></span><span><![CDATA[</span><span>text</span><span>]]></span><span><</span><span>\/MsgType</span><span>></span><span>\n</span><span>6</span><span><</span><span>Content</span><span>></span><span><![CDATA[</span><span>\u7ecf\u7406</span><span>]]></span><span><</span><span>\/Content</span><span>></span><span>\n</span><span>7</span><span><</span><span>MsgId</span><span>></span>6223169761311044588<span><</span><span>\/MsgId</span><span>></span><span>\n</span><span>8</span><span><</span><span>\/xml</span><span>></span>
所以需要进行处理才能让simplexml_load_string处理
在输出的明文内容后面加上
<span>1</span><span>//明文内容</span><span>2</span><span> $text = substr($d<strong style="color:transparent">本文来源gaodai#ma#com搞@@代~&码*网/</strong><strong>搞gaodaima代码</strong>ecrypt, 4, $size);</span><span>3</span><span>//去掉多余的内容</span><span>4</span> $text=str_replace('<span><</span><span>\/','</', $text</span><span>); </span><span>5</span><span> $text</span><span>=str_replace('>\n','>', </span><span>$text);</span><span>6</span><span> return $text;</span>
安全模式就能正常使用了。
以上就介绍了thinkphp微信开发:安全模式消息加解密,包括了Exception方面的内容,希望对PHP教程有兴趣的朋友有所帮助。
搞代码网(gaodaima.com)提供的所有资源部分来自互联网,如果有侵犯您的版权或其他权益,请说明详细缘由并提供版权或权益证明然后发送到邮箱[email protected],我们会在看到邮件的第一时间内为您处理,或直接联系QQ:872152909。本网站采用BY-NC-SA协议进行授权
转载请注明原文链接:thinkphp微信开发:安全模式消息加解密
转载请注明原文链接:thinkphp微信开发:安全模式消息加解密
