thinkphp Micro-Credit development (message encryption and decryption) _php skills

Using the thinkphp official WeChat package, the use of different modes can be successful, but the safe mode is not, now the analysis of the results are recorded.

Analyze the problem:

Decrypt the micro-trust Server message is always unsuccessful, download the micro-trust public platform for the official WechatCrypt.class.php of the decryption file and the discovery is not a problem. The File_put_contents function is used to save the decrypted file for analysis. The simplexml_load_string function cannot be processed because the XML that the official package decrypts is not a standard XML format.

/** * Decryption of ciphertext * @param string $encrypt ciphertext * @return String Clear */Public function decrypt ($encrypt) {//base64

  Decoding $encrypt = Base64_decode ($encrypt);

  Open encryption Algorithm Module $TD = Mcrypt_module_open (mcrypt_rijndael_128, ', MCRYPT_MODE_CBC, ');

  Initialization encryption Algorithm module Mcrypt_generic_init ($TD, $this->cyptkey, substr ($this->cyptkey, 0, 16));
  
  Perform decryption $decrypt = Mdecrypt_generic ($TD, $encrypt);

  Remove PKCS7 Complement $decrypt = self::P kcs7decode ($decrypt, Mcrypt_enc_get_key_size ($TD));
  Turn off encryption algorithm module mcrypt_generic_deinit ($TD);

  Mcrypt_module_close ($TD); if (strlen ($decrypt) <) {throw new \exception ("Illegal ciphertext string!
  ");

  }//Remove random string $decrypt = substr ($decrypt, 16);
  Gets the network byte order $size = Unpack ("N", substr ($decrypt, 0, 4));

  $size = $size [1];

  app_id $appid = substr ($decrypt, $size + 4); Verify that the app_id if ($appid!== $this->appid) {throw new \exception ("Illegal app_id!
  ");
  }//Clear text content $text = substr ($decrypt, 4, $size);
 return $text; }/** * PKCS7 fill character * @param string $text populated characters * @param integer $size block length * * private static function Pkcs7encode ($text, $size) {//Word

  String length $str _size = strlen ($text);
  Filling length $pad _size = $size-($str _size% $size); $pad _size = $pad _size?
  
  : $size;

  The populated character $pad _CHR = Chr ($pad _size);

  Perform fill $text = Str_pad ($text, $str _size + $pad _size, $pad _chr, str_pad_right);
 return $text; /** * Delete PKCS7 populated character * @param string $text filled character * @param integer $size block length/private static function PKC

  S7decode ($text, $size) {//Get the complement character $pad _str = Ord (substr ($text,-1));
  if ($pad _str < 1 | | $pad _str > $size) {$pad _str= 0;
  
 Return substr ($text, 0, strlen ($text)-$pad _str);

 }

Workaround:
The output of the XML file is like this

<xml>
<tousername><![ cdata[gh_249aeb986d99]]><\/tousername>\n
<fromusername><![ cdata[oopvmxhzaeqkdpsrcbpwxkkh-j2q]]><\/fromusername>\n
<createtime>1448944621<\/ createtime>\n
<msgtype><![ cdata[text]]><\/msgtype>\n
<content><![ cdata[\u7ecf\u7406]]><\/content>\n
<msgid>6223169761311044588<\/msgid>\n
<\/ Xml>

So it needs to be processed for simplexml_load_string to handle.

After the clear text content of the output, add

PlainText content
$text = substr ($decrypt, 4, $size);
 Remove excess content
$text =str_replace (' <\/', ' </', $text);  
 $text =str_replace (' >\n ', ' > ', $text);
 return $text;

The above is in the safe mode of the message encryption and decryption method, I hope to help you learn.