thinkphp Secure Mode message Encryption decryption unsuccessful solution _php instance

Source: Internet
Author: User
Tags cdata decrypt pkcs7 strlen

Thinkphp Framework is one of the most popular PHP frameworks in China, although it is not comparable with those of foreign countries, but the advantage is that, well, the Chinese manual is very comprehensive, this is not much to say.

Using the thinkphp official WeChat package, the use of different modes can be successful, but the safe mode is not, now the analysis of the results are recorded.

Analyze the problem:

Decrypt the micro-trust Server message is always unsuccessful, download the micro-trust public platform for the official WechatCrypt.class.php of the decryption file and the discovery is not a problem. The File_put_contents function is used to save the decrypted file for analysis. The simplexml_load_string function cannot be processed because the XML that the official package decrypts is not a standard XML format.

/** * Decryption of ciphertext * @param string $encrypt ciphertext * @return string plaintext/Public function decrypt ($encrypt) {
    BASE64 decoding $encrypt = Base64_decode ($encrypt);
    Open encryption Algorithm Module $TD = Mcrypt_module_open (mcrypt_rijndael_128, ', MCRYPT_MODE_CBC, ');
    Initialization encryption Algorithm module Mcrypt_generic_init ($TD, $this->cyptkey, substr ($this->cyptkey, 0, 16));
    Perform decryption $decrypt = Mdecrypt_generic ($TD, $encrypt);
    Remove PKCS7 Complement $decrypt = self::P kcs7decode ($decrypt, Mcrypt_enc_get_key_size ($TD));
    Turn off encryption algorithm module mcrypt_generic_deinit ($TD);
    Mcrypt_module_close ($TD); if (strlen ($decrypt) <) {throw new \exception ("Illegal ciphertext string!
    ");
    }//Remove random string $decrypt = substr ($decrypt, 16);
    Gets the network byte order $size = Unpack ("N", substr ($decrypt, 0, 4));
    $size = $size [1];
    app_id $appid = substr ($decrypt, $size + 4); Verify that the app_id if ($appid!== $this->appid) {throw new \exception ("Illegal app_id!
    "); }//plaintext content $text = substr ($decrypt, 4, $size);
  return $text; /** * PKCS7 Fill character * @param string $text filled characters * @param integer $size block length * * private static function PK
    Cs7encode ($text, $size) {//String length $str _size = strlen ($text);
    Filling length $pad _size = $size-($str _size% $size); $pad _size = $pad _size?
    : $size;
    The populated character $pad _CHR = Chr ($pad _size);
    Perform fill $text = Str_pad ($text, $str _size + $pad _size, $pad _chr, str_pad_right);
  return $text; /** * Delete PKCS7 populated character * @param string $text populated characters * @param integer $size block length/private static Functio
    N Pkcs7decode ($text, $size) {//Get the complement character $pad _str = Ord (substr ($text,-1));
    if ($pad _str < 1 | | $pad _str > $size) {$pad _str= 0;
  Return substr ($text, 0, strlen ($text)-$pad _str); }

Workaround:

The output of the XML file is like this

 <xml>
 <tousername><![ cdata[gh_aebd]]><\/tousername>\n
 <fromusername><![ cdata[oopvmxhzaeqkdpsrcbpwxkkh-jq]]><\/fromusername>\n
 <createtime><\/createtime>\n
 <msgtype><! [Cdata[text]]><\/msgtype>\n
 <content><![ cdata[\uecf\u]]><\/content>\n
 <msgid><\/msgid>\n
 <\/xml>

So it needs to be processed for simplexml_load_string to handle.

After the clear text content of the output, add

 PlainText content
     $text = substr ($decrypt, $size);
 Remove excess content
     $text =str_replace (' <\/', ' </', $text);   
     $text =str_replace (' >\n ', ' > ', $text);
     return $text;

Safe mode can be used normally.

The above content is small to introduce to you about the thinkphp micro-letter Security mode message Encryption decryption unsuccessful solution, I hope you like.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.