Ei kuvausta

WXBizMsgCrypt.php 4.8KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186
  1. <?php
  2. /**
  3. * 企业微信回调消息加解密示例代码.
  4. *
  5. * @copyright Copyright (c) 1998-2014 Tencent Inc.
  6. */
  7. use App\Log;
  8. use App\RedisModel;
  9. include_once "sha1.php";
  10. include_once "xmlparse.php";
  11. include_once "pkcs7Encoder.php";
  12. include_once "errorCode.php";
  13. class WXBizMsgCrypt
  14. {
  15. private $m_sToken;
  16. private $m_sEncodingAesKey;
  17. private $m_sReceiveId;
  18. /**
  19. * 构造函数
  20. * @param $token string 开发者设置的token
  21. * @param $encodingAesKey string 开发者设置的EncodingAESKey
  22. * @param $receiveId string, 不同应用场景传不同的id
  23. */
  24. public function __construct($token, $encodingAesKey, $receiveId)
  25. {
  26. $this->m_sToken = $token;
  27. $this->m_sEncodingAesKey = $encodingAesKey;
  28. $this->m_sReceiveId = $receiveId;
  29. }
  30. /*
  31. *验证URL
  32. *@param sMsgSignature: 签名串,对应URL参数的msg_signature
  33. *@param sTimeStamp: 时间戳,对应URL参数的timestamp
  34. *@param sNonce: 随机串,对应URL参数的nonce
  35. *@param sEchoStr: 随机串,对应URL参数的echostr
  36. *@param sReplyEchoStr: 解密之后的echostr,当return返回0时有效
  37. *@return:成功0,失败返回对应的错误码
  38. */
  39. public function VerifyURL($sMsgSignature, $sTimeStamp, $sNonce, $sEchoStr, &$sReplyEchoStr)
  40. {
  41. if (strlen($this->m_sEncodingAesKey) != 43) {
  42. return ErrorCode::$IllegalAesKey;
  43. }
  44. $pc = new Prpcrypt($this->m_sEncodingAesKey);
  45. //verify msg_signature
  46. $sha1 = new SHA1;
  47. $array = $sha1->getSHA1($this->m_sToken, $sTimeStamp, $sNonce, $sEchoStr);
  48. $ret = $array[0];
  49. if ($ret != 0) {
  50. return $ret;
  51. }
  52. $signature = $array[1];
  53. if ($signature != $sMsgSignature) {
  54. return ErrorCode::$ValidateSignatureError;
  55. }
  56. $result = $pc->decrypt($sEchoStr, $this->m_sReceiveId);
  57. if ($result[0] != 0) {
  58. return $result[0];
  59. }
  60. $sReplyEchoStr = $result[1];
  61. return ErrorCode::$OK;
  62. }
  63. /**
  64. * 将公众平台回复用户的消息加密打包.
  65. * <ol>
  66. * <li>对要发送的消息进行AES-CBC加密</li>
  67. * <li>生成安全签名</li>
  68. * <li>将消息密文和安全签名打包成xml格式</li>
  69. * </ol>
  70. *
  71. * @param $replyMsg string 公众平台待回复用户的消息,xml格式的字符串
  72. * @param $timeStamp string 时间戳,可以自己生成,也可以用URL参数的timestamp
  73. * @param $nonce string 随机串,可以自己生成,也可以用URL参数的nonce
  74. * @param &$encryptMsg string 加密后的可以直接回复用户的密文,包括msg_signature, timestamp, nonce, encrypt的xml格式的字符串,
  75. * 当return返回0时有效
  76. *
  77. * @return int 成功0,失败返回对应的错误码
  78. */
  79. public function EncryptMsg($sReplyMsg, $sTimeStamp, $sNonce, &$sEncryptMsg)
  80. {
  81. $pc = new Prpcrypt($this->m_sEncodingAesKey);
  82. //加密
  83. $array = $pc->encrypt($sReplyMsg, $this->m_sReceiveId);
  84. $ret = $array[0];
  85. if ($ret != 0) {
  86. return $ret;
  87. }
  88. if ($sTimeStamp == null) {
  89. $sTimeStamp = time();
  90. }
  91. $encrypt = $array[1];
  92. //生成安全签名
  93. $sha1 = new SHA1;
  94. $array = $sha1->getSHA1($this->m_sToken, $sTimeStamp, $sNonce, $encrypt);
  95. $ret = $array[0];
  96. if ($ret != 0) {
  97. return $ret;
  98. }
  99. $signature = $array[1];
  100. //生成发送的xml
  101. $xmlparse = new XMLParse;
  102. $sEncryptMsg = $xmlparse->generate($encrypt, $signature, $sTimeStamp, $sNonce);
  103. return ErrorCode::$OK;
  104. }
  105. /**
  106. * 检验消息的真实性,并且获取解密后的明文.
  107. * <ol>
  108. * <li>利用收到的密文生成安全签名,进行签名验证</li>
  109. * <li>若验证通过,则提取xml中的加密消息</li>
  110. * <li>对消息进行解密</li>
  111. * </ol>
  112. *
  113. * @param $msgSignature string 签名串,对应URL参数的msg_signature
  114. * @param $timestamp string 时间戳 对应URL参数的timestamp
  115. * @param $nonce string 随机串,对应URL参数的nonce
  116. * @param $postData string 密文,对应POST请求的数据
  117. * @param &$msg string 解密后的原文,当return返回0时有效
  118. *
  119. * @return int 成功0,失败返回对应的错误码
  120. */
  121. public function DecryptMsg($sMsgSignature, $sTimeStamp = null, $sNonce, $sPostData, &$sMsg)
  122. {
  123. if (strlen($this->m_sEncodingAesKey) != 43) {
  124. return ErrorCode::$IllegalAesKey;
  125. }
  126. $pc = new Prpcrypt($this->m_sEncodingAesKey);
  127. //提取密文
  128. $xmlparse = new XMLParse;
  129. $array = $xmlparse->extract($sPostData);
  130. $ret = $array[0];
  131. if ($ret != 0) {
  132. return $ret;
  133. }
  134. if ($sTimeStamp == null) {
  135. $sTimeStamp = time();
  136. }
  137. $encrypt = $array[1];
  138. //验证安全签名
  139. $sha1 = new SHA1;
  140. $array = $sha1->getSHA1($this->m_sToken, $sTimeStamp, $sNonce, $encrypt);
  141. $ret = $array[0];
  142. if ($ret != 0) {
  143. return $ret;
  144. }
  145. $signature = $array[1];
  146. if ($signature != $sMsgSignature) {
  147. return ErrorCode::$ValidateSignatureError;
  148. }
  149. $result = $pc->decrypt($encrypt, $this->m_sReceiveId);
  150. if ($result[0] != 0) {
  151. return $result[0];
  152. }
  153. $sMsg = $result[1];
  154. return ErrorCode::$OK;
  155. }
  156. }