shuizhi
/
admin
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
admin/business/asset/weworkapi/callback_json/WXBizMsgCrypt.php

185 lines
4.9 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
/**
* 企业微信回调消息加解密示例代码.
*
* @copyright Copyright (c) 1998-2014 Tencent Inc.
*/
include_once "sha1.php";
include_once "jsonparse.php";
include_once "pkcs7Encoder.php";
include_once "errorCode.php";
class WXBizMsgCrypt
{
private $m_sToken;
private $m_sEncodingAesKey;
private $m_sReceiveId;
/**
* 构造函数
* @param $token string 开发者设置的token
* @param $encodingAesKey string 开发者设置的EncodingAESKey
* @param $receiveId string, 不同应用场景传不同的id
*/
public function __construct($token, $encodingAesKey, $receiveId)
{
$this->m_sToken = $token;
$this->m_sEncodingAesKey = $encodingAesKey;
$this->m_sReceiveId = $receiveId;
}
/*
*验证URL
*@param sMsgSignature: 签名串对应URL参数的msg_signature
*@param sTimeStamp: 时间戳对应URL参数的timestamp
*@param sNonce: 随机串对应URL参数的nonce
*@param sEchoStr: 随机串对应URL参数的echostr
*@param sReplyEchoStr: 解密之后的echostr当return返回0时有效
*@return成功0失败返回对应的错误码
*/
public function VerifyURL($sMsgSignature, $sTimeStamp, $sNonce, $sEchoStr, &$sReplyEchoStr)
{
if (strlen($this->m_sEncodingAesKey) != 43) {
return ErrorCode::$IllegalAesKey;
}
$pc = new Prpcrypt($this->m_sEncodingAesKey);
//verify msg_signature
$sha1 = new SHA1;
$array = $sha1->getSHA1($this->m_sToken, $sTimeStamp, $sNonce, $sEchoStr);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
$signature = $array[1];
if ($signature != $sMsgSignature) {
return ErrorCode::$ValidateSignatureError;
}
$result = $pc->decrypt($sEchoStr, $this->m_sReceiveId);
if ($result[0] != 0) {
return $result[0];
}
$sReplyEchoStr = $result[1];
return ErrorCode::$OK;
}
/**
* 将公众平台回复用户的消息加密打包.
* <ol>
* <li>对要发送的消息进行AES-CBC加密</li>
* <li>生成安全签名</li>
* <li>将消息密文和安全签名打包成json格式</li>
* </ol>
*
* @param $replyMsg string 公众平台待回复用户的消息json格式的字符串
* @param $timeStamp string 时间戳可以自己生成也可以用URL参数的timestamp
* @param $nonce string 随机串可以自己生成也可以用URL参数的nonce
* @param &$encryptMsg string 加密后的可以直接回复用户的密文包括msg_signature, timestamp, nonce, encrypt的json格式的字符串,
* 当return返回0时有效
*
* @return int 成功0失败返回对应的错误码
*/
public function EncryptMsg($sReplyMsg, $sTimeStamp, $sNonce, &$sEncryptMsg)
{
$pc = new Prpcrypt($this->m_sEncodingAesKey);
//加密
$array = $pc->encrypt($sReplyMsg, $this->m_sReceiveId);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
if ($sTimeStamp == null) {
$sTimeStamp = time();
}
$encrypt = $array[1];
//生成安全签名
$sha1 = new SHA1;
$array = $sha1->getSHA1($this->m_sToken, $sTimeStamp, $sNonce, $encrypt);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
$signature = $array[1];
//生成发送的json
$jsonParse = new JsonParse;
$sEncryptMsg = $jsonParse->generate($encrypt, $signature, $sTimeStamp, $sNonce);
return ErrorCode::$OK;
}
/**
* 检验消息的真实性,并且获取解密后的明文.
* <ol>
* <li>利用收到的密文生成安全签名,进行签名验证</li>
* <li>若验证通过则提取json中的加密消息</li>
* <li>对消息进行解密</li>
* </ol>
*
* @param $msgSignature string 签名串对应URL参数的msg_signature
* @param $timestamp string 时间戳 对应URL参数的timestamp
* @param $nonce string 随机串对应URL参数的nonce
* @param $postData string 密文对应POST请求的数据
* @param &$msg string 解密后的原文当return返回0时有效
*
* @return int 成功0失败返回对应的错误码
*/
public function DecryptMsg($sMsgSignature, $sTimeStamp = null, $sNonce, $sPostData, &$sMsg)
{
if (strlen($this->m_sEncodingAesKey) != 43) {
return ErrorCode::$IllegalAesKey;
}
$pc = new Prpcrypt($this->m_sEncodingAesKey);
//提取密文
$jsonParse = new JsonParse;
$array = $jsonParse->extract($sPostData);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
if ($sTimeStamp == null) {
$sTimeStamp = time();
}
$encrypt = $array[1];
//验证安全签名
$sha1 = new SHA1;
$array = $sha1->getSHA1($this->m_sToken, $sTimeStamp, $sNonce, $encrypt);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
$signature = $array[1];
if ($signature != $sMsgSignature) {
print("signature not match, signature ".$signature.", sMsgSignature ".$sMsgSignature."\n");
return ErrorCode::$ValidateSignatureError;
}
$result = $pc->decrypt($encrypt, $this->m_sReceiveId);
if ($result[0] != 0) {
return $result[0];
}
$sMsg = $result[1];
return ErrorCode::$OK;
}
}
Reference in New Issue View Git Blame Copy Permalink