Thinkphp WeChat security mode solution for unsuccessful message encryption and decryption

Using the official thinkphp WeChat package can be successful in different modes, but the security mode does not work. now we will record the analysis solution results, if you are interested in thinkphp encryption and decryption, refer to ThinkPHP.

The ThinkPHP framework is one of the popular PHP frameworks in China. although it cannot be compared with those in other countries, the advantage is that, well, the Chinese manual is comprehensive and I will not talk about it here.

Using the official thinkphp WeChat package can be successful in different modes, but the security mode does not work. now we will record the analysis solution results.

Analyze the problem:

The server message cannot be decrypted. download the decryption file officially provided by the public platform and compare it with WechatCrypt. class. php. Use the file_put_contents function to save the decrypted file for analysis. The xml decrypted by the official package is not in the standard xml format, so the simplexml_load_string function cannot process it.

/*** Decrypt the ciphertext * @ param string $ encrypt ciphertext * @ return string plaintext */public function decrypt ($ encrypt) {// BASE64 decoding $ encrypt = base64_decode ($ encrypt); // open the encryption algorithm module $ td = mcrypt_module_open (MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC ,''); // initialize the encryption algorithm module mcrypt_generic_init ($ td, $ this-> cyptKey, substr ($ this-> cyptKey, 0, 16 )); // execute decryption $ decrypt = mdecrypt_generic ($ td, $ encrypt); // remove the PKCS7 padding $ decrypt = self: PKCS7D Ecode ($ decrypt, encrypt ($ td); // disable the encryption algorithm module mcrypt_generic_deinit ($ td); mcrypt_module_close ($ td); if (strlen ($ decrypt) <16) {throw new \ Exception ("invalid ciphertext string! ");} // Remove the random string $ decrypt = substr ($ decrypt, 16); // Obtain the network byte order $ size = unpack (" N ", substr ($ decrypt, 0, 4); $ size = $ size [1]; // APP_ID $ appid = substr ($ decrypt, $ size + 4 ); // verify APP_ID if ($ appid! ==$ This-> appId) {throw new \ Exception ("invalid APP_ID! ");} // Plaintext content $ text = substr ($ decrypt, 4, $ size); return $ text ;} /*** PKCS7 fill character * @ param string $ text filled character * @ param integer $ size Block length */private static function PKCS7Encode ($ text, $ size) {// string length $ str_size = strlen ($ text); // fill length $ pad_size = $ size-($ str_size % $ size); $ pad_size = $ pad_size?: $ Size; // The filled Character $ pad_chr = chr ($ pad_size); // execute filling $ text = str_pad ($ text, $ str_size + $ pad_size, $ pad_chr, STR_PAD_RIGHT); return $ text ;} /*** delete the characters filled in PKCS7 * @ param string $ text filled in * @ param integer $ size Block length */private static function PKCS7Decode ($ text, $ size) {// Get the complement character $ pad_str = ord (substr ($ text,-1); if ($ pad_str <1 | $ pad_str> $ size) {$ pad_str = 0;} return substr ($ text, 0, strlen ($ text)-$ pad_str );}

Solution:

The output xml file is like this.

 
  
  gh_aebd<\/ToUserName>\n 
   oopVmxHZaeQkDPsRcbpwXKkH-JQ<\/FromUserName>\n 
    
     <\/CreateTime>\n 
     text<\/MsgType>\n 
      \uecf\u<\/Content>\n 
       
        <\/MsgId>\n <\/xml>
       
      
     
    
   
  
 

Therefore, simplexml_load_string must be processed.

After the output plain text content, add

// Plaintext content $ text = substr ($ decrypt, $ size); // remove unnecessary content $ text = str_replace ('<\/','
 \ N', '>', $ text); return $ text;

The security mode can be used normally.

The above content is a small Editor to introduce to you about thinkphp security mode message encryption and decryption failed solution, I hope you like it.