Files
kiri-wchat/officialaccount/NewsManager.php
T
as2252258@163.com 7f138ef255 add clear
2019-11-11 18:14:47 +08:00

179 lines
4.8 KiB
PHP

<?php
namespace officialaccount;
use officialaccount\dcaler\Prpcrypt;
use officialaccount\dcaler\XMLParse;
class NewsManager extends AfficialAccount
{
const OK = 0;
const ValidateSignatureError = -40001;
const ParseXmlError = -40002;
const ComputeSignatureError = -40003;
const IllegalAesKey = -40004;
const ValidateAppidError = -40005;
const EncryptAESError = -40006;
const DecryptAESError = -40007;
const IllegalBuffer = -40008;
const EncodeBase64Error = -40009;
const DecodeBase64Error = -40010;
const GenReturnXmlError = -40011;
/**
* @param $code
* @return mixed|string
*/
public function toError($code)
{
$messages = [
self::ValidateSignatureError => '签名验证错误',
self::ParseXmlError => 'xml解析失败',
self::ComputeSignatureError => 'sha加密生成签名失败',
self::IllegalAesKey => 'encodingAesKey 非法',
self::ValidateAppidError => 'appid 校验错误',
self::EncryptAESError => 'aes 加密失败',
self::DecryptAESError => 'aes 解密失败',
self::IllegalBuffer => '解密后得到的buffer非法',
self::EncodeBase64Error => 'base64加密失败',
self::DecodeBase64Error => 'base64解密失败',
self::GenReturnXmlError => '生成xml失败',
];
return $messages[$code] ?? 'OK';
}
/**
* 将公众平台回复用户的消息加密打包.
* <ol>
* <li>对要发送的消息进行AES-CBC加密</li>
* <li>生成安全签名</li>
* <li>将消息密文和安全签名打包成xml格式</li>
* </ol>
*
* @param $replyMsg string 公众平台待回复用户的消息,xml格式的字符串
* @param $timeStamp string 时间戳,可以自己生成,也可以用URL参数的timestamp
* @param $nonce string 随机串,可以自己生成,也可以用URL参数的nonce
* @param &$encryptMsg string 加密后的可以直接回复用户的密文,包括msg_signature, timestamp, nonce, encrypt的xml格式的字符串,
* 当return返回0时有效
*
* @return int 成功0,失败返回对应的错误码
*/
public function encryptMsg($replyMsg, $timeStamp, $nonce, &$encryptMsg)
{
$pc = new Prpcrypt($this->config->getEncodingAesKey());
//加密
$array = $pc->encrypt($replyMsg, $this->config->getAppid());
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
if ($timeStamp == null) {
$timeStamp = time();
}
$encrypt = $array[1];
//生成安全签名
$array = $this->getSHA1($this->config->getToken(), $timeStamp, $nonce, $encrypt);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
$signature = $array[1];
//生成发送的xml
$xmlparse = new XMLParse;
$encryptMsg = $xmlparse->generate($encrypt, $signature, $timeStamp, $nonce);
return self::OK;
}
/**
* 检验消息的真实性,并且获取解密后的明文.
* <ol>
* <li>利用收到的密文生成安全签名,进行签名验证</li>
* <li>若验证通过,则提取xml中的加密消息</li>
* <li>对消息进行解密</li>
* </ol>
*
* @param $msgSignature string 签名串,对应URL参数的msg_signature
* @param $timestamp string 时间戳 对应URL参数的timestamp
* @param $nonce string 随机串,对应URL参数的nonce
* @param $postData string 密文,对应POST请求的数据
* @param &$msg string 解密后的原文,当return返回0时有效
*
* @return int 成功0,失败返回对应的错误码
*/
public function decryptMsg($msgSignature, $timestamp, $nonce, $postData, &$msg)
{
if (strlen($this->config->getEncodingAesKey()) != 43) {
return self::IllegalAesKey;
}
$pc = new Prpcrypt($this->config->getEncodingAesKey());
//提取密文
$xmlparse = new XMLParse();
$array = $xmlparse->extract($postData);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
if ($timestamp == null) {
$timestamp = time();
}
$encrypt = $array[1];
$touser_name = $array[2];
//验证安全签名
$array = $this->getSHA1($this->config->getToken(), $timestamp, $nonce, $encrypt);
$ret = $array[0];
if ($ret != 0) {
return $ret;
}
$signature = $array[1];
if ($signature != $msgSignature) {
return self::ValidateSignatureError;
}
$result = $pc->decrypt($encrypt, $this->config->getAppid());
if ($result[0] != 0) {
return $result[0];
}
$msg = $result[1];
return self::OK;
}
/**
* @param $token
* @param $timestamp
* @param $nonce
* @param $encrypt_msg
* @return array
*/
private function getSHA1($token, $timestamp, $nonce, $encrypt_msg)
{
//排序
try {
$array = array($encrypt_msg, $token, $timestamp, $nonce);
sort($array, SORT_STRING);
$str = implode($array);
return array(self::OK, sha1($str));
} catch (\Exception $e) {
//print $e . "\n";
return array(self::ComputeSignatureError, null);
}
}
}