Thinkphp: an unsuccessful solution to message encryption and decryption in Security Mode Based on WeChat _ php instance

Source: Internet
Author: User
Tags pkcs7
Using the official thinkphp WeChat package can be successful in different modes, but the security mode does not work. Now we will record the analysis solution results, if you are interested in thinkphp encryption and decryption, refer to the ThinkPHP framework, which is one of the popular PHP frameworks in China. Although it cannot be compared with those in other countries, the advantage is: Well, the Chinese manual is comprehensive and I will not talk about it here.

Using the official thinkphp WeChat package can be successful in different modes, but the security mode does not work. Now we will record the analysis solution results.

Analyze the problem:

The server message cannot be decrypted. Download the decryption file officially provided by the public platform and compare it with WechatCrypt. class. php. Use the file_put_contents function to save the decrypted file for analysis. The xml decrypted by the official package is not in the standard xml format, so the simplexml_load_string function cannot process it.

/*** Decrypt the ciphertext * @ param string $ encrypt ciphertext * @ return string plaintext */public function decrypt ($ encrypt) {// BASE64 decoding $ encrypt = base64_decode ($ encrypt); // open the Encryption Algorithm Module $ td = mcrypt_module_open (MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC ,''); // initialize the Encryption Algorithm Module mcrypt_generic_init ($ td, $ this-> cyptKey, substr ($ this-> cyptKey, 0, 16 )); // execute decryption $ decrypt = mdecrypt_generic ($ td, $ encrypt); // remove the PKCS7 padding $ decrypt = self: PKCS7D Ecode ($ decrypt, encrypt ($ td); // disable the Encryption Algorithm Module mcrypt_generic_deinit ($ td); mcrypt_module_close ($ td); if (strlen ($ decrypt) <16) {throw new \ Exception ("invalid ciphertext string! ");} // Remove the random string $ decrypt = substr ($ decrypt, 16); // obtain the network byte order $ size = unpack (" N ", substr ($ decrypt, 0, 4); $ size = $ size [1]; // APP_ID $ appid = substr ($ decrypt, $ size + 4 ); // verify APP_ID if ($ appid! ==$ This-> appId) {throw new \ Exception ("invalid APP_ID! ");} // Plaintext content $ text = substr ($ decrypt, 4, $ size); return $ text ;} /*** PKCS7 fill character * @ param string $ text filled character * @ param integer $ size Block length */private static function PKCS7Encode ($ text, $ size) {// String Length $ str_size = strlen ($ text); // fill length $ pad_size = $ size-($ str_size % $ size); $ pad_size = $ pad_size?: $ Size; // The filled character $ pad_chr = chr ($ pad_size); // execute filling $ text = str_pad ($ text, $ str_size + $ pad_size, $ pad_chr, STR_PAD_RIGHT); return $ text ;} /*** Delete the characters filled in PKCS7 * @ param string $ text filled in * @ param integer $ size Block length */private static function PKCS7Decode ($ text, $ size) {// get the complement character $ pad_str = ord (substr ($ text,-1); if ($ pad_str <1 | $ pad_str> $ size) {$ pad_str = 0;} return substr ($ text, 0, strlen ($ text)-$ pad_str );}

Solution:

The output xml file is like this.

 
  
  gh_aebd<\/ToUserName>\n 
   oopVmxHZaeQkDPsRcbpwXKkH-JQ<\/FromUserName>\n 
    
     <\/CreateTime>\n 
     text<\/MsgType>\n 
      \uecf\u<\/Content>\n 
       
        <\/MsgId>\n <\/xml>
       
      
     
    
   
  
 

Therefore, simplexml_load_string must be processed.

After the output plain text content, add

// Plaintext content $ text = substr ($ decrypt, $ size); // remove unnecessary content $ text = str_replace ('<\/','
 \ N', '>', $ text); return $ text;

The security mode can be used normally.

The above content is a small Editor to introduce to you about thinkphp security mode message encryption and decryption failed solution, I hope you like it.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.