Thinkphp WeChat development: secure mode message encryption and decryption

: This article mainly introduces thinkphp development: secure mode message encryption and decryption. if you are interested in PHP tutorials, refer to it. Using the official thinkphp WeChat package can be successful in different modes, but the security mode does not work. now we will record the analysis solution results.

TRight

Analyze the problem:

The server message cannot be decrypted. download the decryption file officially provided by the public platform and compare it with WechatCrypt. class. php. Use the file_put_contents function to save the decrypted file for analysis. The xml decrypted by the official package is not in the standard xml format, so the simplexml_load_string function cannot process it.

/*** Decrypt the ciphertext * @ param string $ encrypt ciphertext * @ return string plaintext */publicfunction decrypt ($ encrypt) {// BASE64 decoding $ encrypt = base64_decode ($ encrypt); // open the encryption algorithm module $ td = mcrypt_module_open (MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC ,''); // initialize the encryption algorithm module mcrypt_generic_init ($ td, $ this-> cyptKey, substr ($ this-> cyptKey, 0, 16 )); // execute decryption $ decrypt = mdecrypt_generic ($ td, $ encrypt); // remove the PKCS7 padding $ decrypt = self: PKCS7Decode ($ decrypt, mcrypt_enc_get_key_size ($ td )); // disable the encryption algorithm module mcrypt_generic_deinit ($ td); mcrypt_module_close ($ td); if (strlen ($ decrypt) <16) {thrownew \Exception("Invalid ciphertext string! ");} // Remove the random string $ decrypt = substr ($ decrypt, 16); // Obtain the network byte order $ size = unpack (" N ", substr ($ decrypt, 0, 4); $ size = $ size [1]; // APP_ID $ appid = substr ($ decrypt, $ size + 4); // verify APP_IDif ($ appid! ==$ This-> appId) {thrownew \Exception("Invalid APP_ID! ");} // Plaintext content $ text = substr ($ decrypt, 4, $ size); return $ text ;} /*** PKCS7 fill character * @ param string $ text filled character * @ param integer $ size Block length */privatestaticfunction PKCS7Encode ($ text, $ size) {// string length $ str_size = strlen ($ text); // fill length $ pad_size = $ size-($ str_size % $ size); $ pad_size = $ pad_size? : $ Size; // The filled Character $ pad_chr = chr ($ pad_size); // execute filling $ text = str_pad ($ text, $ str_size + $ pad_size, $ pad_chr, STR_PAD_RIGHT); return $ text ;} /*** delete the characters filled in PKCS7 * @ param string $ text filled in * @ param integer $ size Block length */privatestaticfunction PKCS7Decode ($ text, $ size) {// Get the complement character $ pad_str = ord (substr ($ text,-1); if ($ pad_str <1 | $ pad_str> $ size) {$ pad_str = 0;} returnsubstr ($ text, 0, strlen ($ text)-$ pad_str );}

Solution:

The output xml file is like this.

1
 
  2
  gh_249aeb986d99<\/ToUserName>\n3
   oopVmxHZaeQkDPsRcbpwXKkH-J2Q<\/FromUserName>\n4
    
     1448944621<\/CreateTime>\n5
     text<\/MsgType>\n6
      \u7ecf\u7406<\/Content>\n7
       
        6223169761311044588<\/MsgId>\n8<\/xml>
       
      
     
    
   
  
 

Therefore, simplexml_load_string must be processed.

After the output plain text content, add

1 // plaintext content 2 $ text = substr ($ decrypt, 4, $ size); 3 // remove excess content 4 $ text = str_replace ('<\/','
 \ N', '>', $ text); 6 return $ text;

The security mode can be used normally.

The above introduces thinkphp development: security mode message encryption and decryption, including Exception content, hope to be helpful to friends interested in PHP tutorials.