Laravel/php 7实现微信开放平台消息加解密
Song •
1647 次浏览 •
0个评论 •
2021年08月16日
PHP5.6升级到PHP7以后,析构函数(构造函数)语法规则改变,由以前的与class同名,在WXBizMsgCrypt.php更改WXBizMsgCrypt方法为__construct();参考消息加解密说明
基础配置
申请第三方平台,这个很简单直接按照提示填写,下面的授权事件接收URL中获取的component_verify_ticket是会过期的,所以不要只获取一次,缓存起来每10分钟会发送一次,每1小时会更新一次。
获取参数
获取配置变量参数。获取component_verify_ticket
$timeStamp =$request->timestamp;
$nonce =$request->nonce;
$encrypt_type =$request->encrypt_type;
$msg_sign =$request->msg_signature;
$encryptMsg =file_get_contents('php://input');
$token = "公众平台上,开发者设置的token";
$encodingAesKey = "公众平台上,开发者设置的EncodingAESKey";
$appId = "公众平台的appId";
$pc = new WXBizMsgCrypt($token, $encodingAesKey, $appId);
$xml_tree = new \DOMDocument();
$xml_tree->loadXML($encryptMsg);
$array_e = $xml_tree->getElementsByTagName('Encrypt');
$encrypt = $array_e->item(0)->nodeValue;
$format = "<xml><ToUserName><![CDATA[toUser]]></ToUserName><Encrypt><![CDATA[%s]]></Encrypt></xml>";
$from_xml = sprintf($format, $encrypt);
$msg = '';
$errCode = $pc->decryptMsg($msg_sign, $timeStamp, $nonce, $from_xml, $msg);
if ($errCode == 0) {
$xml = new \DOMDocument();
$xml->loadXML($msg);
$array_e = $xml->getElementsByTagName('ComponentVerifyTicket');
$component_verify_ticket = $array_e->item(0)->nodeValue;
$wechat_verifyticket = array(
'component_verify_ticket' => $component_verify_ticket,
'uptime' => time());
Redis::set('wechat_verifyticket',$wechat_verifyticket);
return true;
}else{
$wechat_verifyticket = array(
'component_verify_ticket' => $component_verify_ticket,
'uptime' => time());
Redis::set('wechat_verifyticket',$wechat_verifyticket);
return false;
}修改PKCS7Encoder.php文件
<?php
include_once "errorCode.php";
/**
* PKCS7Encoder class
*
* 提供基于PKCS7算法的加解密接口.
*/
class PKCS7Encoder
{
public static $block_size = 32;
/**
* 对需要加密的明文进行填充补位
* @param $text 需要进行填充补位操作的明文
* @return 补齐明文字符串
*/
function encode($text)
{
$block_size = PKCS7Encoder::$block_size;
$text_length = strlen($text);
//计算需要填充的位数
$amount_to_pad = PKCS7Encoder::$block_size - ($text_length % PKCS7Encoder::$block_size);
if ($amount_to_pad == 0) {
$amount_to_pad = PKCS7Encoder::block_size;
}
//获得补位所用的字符
$pad_chr = chr($amount_to_pad);
$tmp = "";
for ($index = 0; $index < $amount_to_pad; $index++) {
$tmp .= $pad_chr;
}
return $text . $tmp;
}
/**
* 对解密后的明文进行补位删除
* @param decrypted 解密后的明文
* @return 删除填充补位后的明文
*/
function decode($text)
{
$pad = ord(substr($text, -1));
if ($pad < 1 || $pad > 32) {
$pad = 0;
}
return substr($text, 0, (strlen($text) - $pad));
}
}
/**
* Prpcrypt class
*
* 提供接收和推送给公众平台消息的加解密接口.
*/
class Prpcrypt
{
public $key;
function Prpcrypt($k)
{
$this->key = base64_decode($k . "=");
}
/**
* 对明文进行加密
* @param string $text 需要加密的明文
* @return string 加密后的密文
*/
public function encrypt($text, $appid)
{
try {
$random = $this->getRandomStr();
$text = $random . pack("N", strlen($text)) . $text . $appid;
$iv = substr($this->key, 0, 16);
$pkc_encoder = new PKCS7Encoder;
$text = $pkc_encoder->encode($text);
$encrypted = openssl_encrypt($text, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING, $iv);
//使用BASE64对加密后的字符串进行编码
return array(ErrorCode::$OK, base64_encode($encrypted));
} catch (\Exception $e) {
return array(ErrorCode::$EncryptAESError, null);
}
}
/**
* 对密文进行解密
* @param string $encrypted 需要解密的密文
* @return string 解密得到的明文
*/
public function decrypt($encrypted, $appid)
{
try {
$ciphertext_dec = base64_decode($encrypted);
$iv = substr($this->key, 0, 16);
$decrypted = openssl_decrypt($ciphertext_dec, 'AES-256-CBC', $this->key, OPENSSL_RAW_DATA|OPENSSL_ZERO_PADDING, $iv);
} catch (\Exception $e) {
return array(ErrorCode::$DecryptAESError, null);
}
try {
//去除补位字符
$pkc_encoder = new PKCS7Encoder;
$result = $pkc_encoder->decode($decrypted);
//去除16位随机字符串,网络字节序和AppId
if (strlen($result) < 16)
return "";
$content = substr($result, 16, strlen($result));
$len_list = unpack("N", substr($content, 0, 4));
$xml_len = $len_list[1];
$xml_content = substr($content, 4, $xml_len);
$from_appid = substr($content, $xml_len + 4);
} catch (\Exception $e) {
//print $e;
return array(ErrorCode::$IllegalBuffer, null);
}
if ($from_appid != $appid)
return array(ErrorCode::$ValidateAppidError, null);
return array(0, $xml_content);
}
/**
* 随机生成16位字符串
* @return string 生成的字符串
*/
function getRandomStr()
{
$str = "";
$str_pol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
$max = strlen($str_pol) - 1;
for ($i = 0; $i < 16; $i++) {
$str .= $str_pol[mt_rand(0, $max)];
}
return $str;
}
}
?>-
laravel中distinct()的使用方法与去重 2017-09-11 -
Laravel将view缓存为静态html,laravel页面静态缓存 2021-10-09 -
![[ laravel爬虫实战--基础篇 ] guzzle描述与安装](https://wsonh.oss-cn-beijing.aliyuncs.com/uploads/20220321/202203210231261689.png)
[ laravel爬虫实战--基础篇 ] guzzle描述与安装 2017-11-01 -
![[ 配置教程 ] 在ubuntu16.04中部署LNMP环境(php7+maridb且开启maridb远程以及nginx多域名访问 )并配置laravel环境](https://wsonh.oss-cn-beijing.aliyuncs.com/uploads/20220124/202201240414577225.jpeg)
[ 配置教程 ] 在ubuntu16.04中部署LNMP环境(php7+maridb且开启maridb远程以及nginx多域名访问 )并配置laravel环境 2017-07-18 -
laravel11如何启用routes/api.php无状态路由 2025-03-06
热门文章
-
laravel11如何启用routes/api.php无状态路由 2025-03-06
-
oppo手机默认浏览器urlscheme 2025-02-13 -
mysql如何给运营人员添加只有查询权限的账号 2024-12-02
-
Mac 安装mysql并且配置密码 2024-11-20
-
阿里云不同账号(跨账号)ECS服务器同地域如何实现免费内网互通? 2024-11-12
栏目最新文章
公告提示
-
扫码加入QQ群
更多相关好文