From bd17e8a71381fd34e80ccb7ef1d2a82283a0962f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mr=C2=B7x?= Date: Wed, 11 Aug 2021 14:06:42 +0800 Subject: [PATCH] =?UTF-8?q?=E6=94=B9=E5=90=8D?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- System/Jwt/ASE.php | 31 +++++++++++++++++++++++++++++++ System/Jwt/Jwt.php | 34 +++++++++++++++++++++++++++------- System/Jwt/JwtHelper.php | 29 ++++++++++++++++++++++++++--- 3 files changed, 84 insertions(+), 10 deletions(-) create mode 100644 System/Jwt/ASE.php diff --git a/System/Jwt/ASE.php b/System/Jwt/ASE.php new file mode 100644 index 00000000..1c2d5188 --- /dev/null +++ b/System/Jwt/ASE.php @@ -0,0 +1,31 @@ + [ + * 'scene' => 'application', + * 'timeout' => 7200, + * 'encrypt' => '', + * 'iv' => '', + * 'key' => '', + * ] */ public function init() { $this->request = di(Request::class); - if (!Config::has('ssl.public') || !Config::has('ssl.private')) { - return; - } + $this->public = Config::get('ssl.public', $this->public); $this->private = Config::get('ssl.private', $this->private); $this->timeout = Config::get('ssl.timeout', 7200); + + $jwt = Config::get('jwt', []); + if ($jwt) { + $this->setScene($jwt['scene'] ?? 'application'); + $this->setEncrypt($jwt['encrypt'] ?? ASE::AES_128_ECB); + $this->setKey($jwt['key'] ?? get_called_class()); + + $defaultIv = openssl_random_pseudo_bytes(openssl_cipher_iv_length($this->encrypt)); + $this->setIv($jwt['iv'] ?? $defaultIv); + } } /** @@ -62,9 +77,14 @@ class Jwt extends Component */ private function jwtHeader(): string { - $string = openssl_encrypt(json_encode(['type' => 'openssl', 'encrypt' => $this->encrypt]), - "seed-ecb", $this->key); - return urlencode(str_replace('=', '', $string)); + $string = openssl_encrypt( + json_encode(['type' => 'openssl', 'encrypt' => $this->encrypt]), + $this->encrypt, + $this->key, + 0, + $this->iv + ); + return str_replace('=', '', $string); } @@ -91,7 +111,7 @@ class Jwt extends Component $params[] = $this->jwtHeader(); $params[] = $this->jwtBody($unionId); - $params[] = hash($this->encrypt, $params[0] . $params[1]); + $params[] = hash('ripemd128', $params[0] . $params[1]); return implode('.', $params); } diff --git a/System/Jwt/JwtHelper.php b/System/Jwt/JwtHelper.php index f6ef08e3..e11fa07d 100644 --- a/System/Jwt/JwtHelper.php +++ b/System/Jwt/JwtHelper.php @@ -29,6 +29,9 @@ trait JwtHelper private string $encrypt = 'sha256'; + private string $iv = ''; + + private ?string $public = '-----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6BuML3gtLGde7QKNuNST UCB9gdHC7XIpOc7Wx2I64Esj3UxWHTgp3URj0ge8zpy7A3FfBdppR7d1nwoD6Xad @@ -68,6 +71,8 @@ mlAZUEjsoaT9vjvjGTxl3uCm0TX5KTgtSJIt2kA1tYVjQef+/iZTHxY= -----END RSA PRIVATE KEY-----'; + + /** * @param string $publicKey */ @@ -86,9 +91,9 @@ mlAZUEjsoaT9vjvjGTxl3uCm0TX5KTgtSJIt2kA1tYVjQef+/iZTHxY= public function setScene(string $scene) - { - $this->scene = $scene; - } + { + $this->scene = $scene; + } /** @@ -108,4 +113,22 @@ mlAZUEjsoaT9vjvjGTxl3uCm0TX5KTgtSJIt2kA1tYVjQef+/iZTHxY= } + /** + * @param string $privateKey + */ + public function setIv(string $privateKey) + { + $this->iv = $privateKey; + } + + + /** + * @param string $privateKey + */ + public function setEncrypt(string $privateKey) + { + $this->encrypt = $privateKey; + } + + }