Thinkphp Framework is one of the most popular PHP frameworks in China, although it is not comparable with those of foreign countries, but the advantage is that, well, the Chinese manual is very comprehensive, this is not much to say.
Using the thinkphp official WeChat package, the use of different modes can be successful, but the safe mode is not, now the analysis of the results are recorded.
Analyze the problem:
Decrypt the micro-trust Server message is always unsuccessful, download the micro-trust public platform for the official WechatCrypt.class.php of the decryption file and the discovery is not a problem. The File_put_contents function is used to save the decrypted file for analysis. The simplexml_load_string function cannot be processed because the XML that the official package decrypts is not a standard XML format.
/** * Decryption of ciphertext * @param string $encrypt ciphertext * @return string plaintext/Public function decrypt ($encrypt) {
BASE64 decoding $encrypt = Base64_decode ($encrypt);
Open encryption Algorithm Module $TD = Mcrypt_module_open (mcrypt_rijndael_128, ', MCRYPT_MODE_CBC, ');
Initialization encryption Algorithm module Mcrypt_generic_init ($TD, $this->cyptkey, substr ($this->cyptkey, 0, 16));
Perform decryption $decrypt = Mdecrypt_generic ($TD, $encrypt);
Remove PKCS7 Complement $decrypt = self::P kcs7decode ($decrypt, Mcrypt_enc_get_key_size ($TD));
Turn off encryption algorithm module mcrypt_generic_deinit ($TD);
Mcrypt_module_close ($TD); if (strlen ($decrypt) <) {throw new \exception ("Illegal ciphertext string!
");
}//Remove random string $decrypt = substr ($decrypt, 16);
Gets the network byte order $size = Unpack ("N", substr ($decrypt, 0, 4));
$size = $size [1];
app_id $appid = substr ($decrypt, $size + 4); Verify that the app_id if ($appid!== $this->appid) {throw new \exception ("Illegal app_id!
"); }//plaintext content $text = substr ($decrypt, 4, $size);
return $text; /** * PKCS7 Fill character * @param string $text filled characters * @param integer $size block length * * private static function PK
Cs7encode ($text, $size) {//String length $str _size = strlen ($text);
Filling length $pad _size = $size-($str _size% $size); $pad _size = $pad _size?
: $size;
The populated character $pad _CHR = Chr ($pad _size);
Perform fill $text = Str_pad ($text, $str _size + $pad _size, $pad _chr, str_pad_right);
return $text; /** * Delete PKCS7 populated character * @param string $text populated characters * @param integer $size block length/private static Functio
N Pkcs7decode ($text, $size) {//Get the complement character $pad _str = Ord (substr ($text,-1));
if ($pad _str < 1 | | $pad _str > $size) {$pad _str= 0;
Return substr ($text, 0, strlen ($text)-$pad _str); }
Workaround:
The output of the XML file is like this
<xml> <tousername><![ cdata[gh_aebd]]><\/tousername>\n <fromusername><![ cdata[oopvmxhzaeqkdpsrcbpwxkkh-jq]]><\/fromusername>\n <createtime><\/createtime>\n <msgtype><! [Cdata[text]]><\/msgtype>\n <content><![ cdata[\uecf\u]]><\/content>\n <msgid><\/msgid>\n <\/xml>
So it needs to be processed for simplexml_load_string to handle.
After the clear text content of the output, add
PlainText content
$text = substr ($decrypt, $size);
Remove excess content
$text =str_replace (' <\/', ' </', $text);
$text =str_replace (' >\n ', ' > ', $text);
return $text;
Safe mode can be used normally.
The above content is small to introduce to you about the thinkphp micro-letter Security mode message Encryption decryption unsuccessful solution, I hope you like.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
