? ? ? ?使用thinkphp官方的wechat包,使用不同模式可以成功���,但是安全模式就是不行�,現(xiàn)將分析解決結(jié)果做下記錄��。
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? TRight
分析問題:
????????? 解密微信服務(wù)器消息老是不成功�����,下載下微信公眾平臺官方給出的解密文件和WechatCrypt.class.php進行比對發(fā)現(xiàn)也沒有問題�����。用file_put_contents函數(shù)保存下解密后的文件進行分析�。發(fā)現(xiàn)官方包解密的xml不是標準的xml格式,所以simplexml_load_string函數(shù)無法處理���。
<span>/*</span><span>*
* 對密文進行解密
* @param string $encrypt 密文
* @return string 明文
</span><span>*/</span><span>public</span><span>function</span> decrypt(<span>$encrypt</span><span>){
</span><span>//</span><span>BASE64解碼</span><span>$encrypt</span> = <span>base64_decode</span>(<span>$encrypt</span><span>);
</span><span>//</span><span>打開加密算法模塊</span><span>$td</span> = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, ''<span>);
</span><span>//</span><span>初始化加密算法模塊</span> mcrypt_generic_init(<span>$td</span>, <span>$this</span>->cyptKey, <span>substr</span>(<span>$this</span>->cyptKey, 0, 16<span>));
</span><span>//</span><span>執(zhí)行解密</span><span>$decrypt</span> = mdecrypt_generic(<span>$td</span>, <span>$encrypt</span><span>);
</span><span>//</span><span>去除PKCS7補位</span><span>$decrypt</span> = self::PKCS7Decode(<span>$decrypt</span>, mcrypt_enc_get_key_size(<span>$td</span><span>));
</span><span>//</span><span>關(guān)閉加密算法模塊</span> mcrypt_generic_deinit(<span>$td</span><span>);
mcrypt_module_close(</span><span>$td</span><span>);
</span><span>if</span>(<span>strlen</span>(<span>$decrypt</span>) < 16<span>){
</span><span>throw</span><span>new</span> \<span><strong>Exception</strong></span>("非法密文字符串��!"<span>);
}
</span><span>//</span><span>去除隨機字符串</span><span>$decrypt</span> = <span>substr</span>(<span>$decrypt</span>, 16<span>);
</span><span>//</span><span>獲取網(wǎng)絡(luò)字節(jié)序</span><span>$size</span> = <span>unpack</span>("N", <span>substr</span>(<span>$decrypt</span>, 0, 4<span>));
</span><span>$size</span> = <span>$size</span>[1<span>];
</span><span>//</span><span>APP_ID</span><span>$appid</span> = <span>substr</span>(<span>$decrypt</span>, <span>$size</span> + 4<span>);
</span><span>//</span><span>驗證APP_ID</span><span>if</span>(<span>$appid</span> !== <span>$this</span>-><span>appId){
</span><span>throw</span><span>new</span> \<span><strong>Exception</strong></span>("非法APP_ID����!"<span>);
}
</span><span>//</span><span>明文內(nèi)容</span><span>$text</span> = <span>substr</span>(<span>$decrypt</span>, 4, <span>$size</span><span>);
</span><span>return</span><span>$text</span><span>;
}
</span><span>/*</span><span>*
* PKCS7填充字符
* @param string $text 被填充字符
* @param integer $size Block長度
</span><span>*/</span><span>private</span><span>static</span><span>function</span> PKCS7Encode(<span>$text</span>, <span>$size</span><span>){
</span><span>//</span><span>字符串長度</span><span>$str_size</span> = <span>strlen</span>(<span>$text</span><span>);
</span><span>//</span><span>填充長度</span><span>$pad_size</span> = <span>$size</span> - (<span>$str_size</span> % <span>$size</span><span>);
</span><span>$pad_size</span> = <span>$pad_size</span> ? : <span>$size</span><span>;
</span><span>//</span><span>填充的字符</span><span>$pad_chr</span> = <span>chr</span>(<span>$pad_size</span><span>);
</span><span>//</span><span>執(zhí)行填充</span><span>$text</span> = <span>str_pad</span>(<span>$text</span>, <span>$str_size</span> + <span>$pad_size</span>, <span>$pad_chr</span>,<span> STR_PAD_RIGHT);
</span><span>return</span><span>$text</span><span>;
}
</span><span>/*</span><span>*
* 刪除PKCS7填充的字符
* @param string $text 已填充的字符
* @param integer $size Block長度
</span><span>*/</span><span>private</span><span>static</span><span>function</span> PKCS7Decode(<span>$text</span>, <span>$size</span><span>){
</span><span>//</span><span>獲取補位字符</span><span>$pad_str</span> = <span>ord</span>(<span>substr</span>(<span>$text</span>, -1<span>));
</span><span>if</span> (<span>$pad_str</span> < 1 || <span>$pad_str</span> > <span>$size</span><span>) {
</span><span>$pad_str</span>= 0<span>;
}
</span><span>return</span><span>substr</span>(<span>$text</span>, 0, <span>strlen</span>(<span>$text</span>) - <span>$pad_str</span><span>);
}</span>登錄后復(fù)制
解決方法:
立即學習“PHP免費學習筆記(深入)”;
? ? ? ? ? ?輸出的xml文件是這樣的
<span>1</span><span><</span><span>xml</span><span>></span><span>2</span><span><</span><span>ToUserName</span><span>></span><span><![CDATA[</span><span>gh_249aeb986d99</span><span>]]></span><span><</span><span>\/ToUserName</span><span>></span><span>\n
</span><span>3</span><span><</span><span>FromUserName</span><span>></span><span><![CDATA[</span><span>oopVmxHZaeQkDPsRcbpwXKkH-J2Q</span><span>]]></span><span><</span><span>\/FromUserName</span><span>></span><span>\n
</span><span>4</span><span><</span><span>CreateTime</span><span>></span>1448944621<span><</span><span>\/CreateTime</span><span>></span><span>\n
</span><span>5</span><span><</span><span>MsgType</span><span>></span><span><![CDATA[</span><span>text</span><span>]]></span><span><</span><span>\/MsgType</span><span>></span><span>\n
</span><span>6</span><span><</span><span>Content</span><span>></span><span><![CDATA[</span><span>\u7ecf\u7406</span><span>]]></span><span><</span><span>\/Content</span><span>></span><span>\n
</span><span>7</span><span><</span><span>MsgId</span><span>></span>6223169761311044588<span><</span><span>\/MsgId</span><span>></span><span>\n
</span><span>8</span><span><</span><span>\/xml</span><span>></span>
登錄后復(fù)制
? ? ? ?所以需要進行處理才能讓simplexml_load_string處理
在輸出的明文內(nèi)容后面加上
<span>1</span><span>//明文內(nèi)容
</span><span>2</span><span> $text = substr($decrypt, 4, $size);
</span><span>3</span><span>//去掉多余的內(nèi)容
</span><span>4</span> $text=str_replace('<span><</span><span>\/','</', $text</span><span>);
</span><span>5</span><span> $text</span><span>=str_replace('>\n','>', </span><span>$text);
</span><span>6</span><span> return $text;</span>登錄后復(fù)制
安全模式就能正常使用了�����。
以上就介紹了thinkphp微信開發(fā):安全模式消息加解密��,包括了Exception方面的內(nèi)容�,希望對PHP教程有興趣的朋友有所幫助。
995
收藏![ThinkPHP5快速開發(fā)企業(yè)站點[全程實錄]](https://img.php.cn/upload/course/000/000/068/6253d918a3ce7278.png)
