ホーム エクスプローラ ヘルプ
サインイン
ykw
/
hemall.terabimsoft.com.cn
1
0
フォーク 0
ファイル 課題 0 プルリクエスト 0 Wiki
ツリー: a57c66d3c4
ブランチ タグ
hemall.terabims...
/
app
/
common
/
services
/
wechatApiV3
/
ApiV3Encrypt.php

ApiV3Encrypt.php 2.1 KB
履歴 Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465 
  1. <?php
    2. 

  2. 

  3. namespace app\common\services\wechatApiV3;
    4. 

  4. 

  5. class ApiV3Encrypt
    6. 

  6. {
    7. 

  7.     const AUTH_TAG_LENGTH_BYTE = 16;
    8. 

  8. 

  9.     /**
    10. 

  10.      * @var ApiV3Config
    11. 

  11.      */
    12. 

  12.     private $config;
    13. 

  13. 

  14.     public function __construct(ApiV3Config $config)
    15. 

  15.     {
    16. 

  16.         $this->config = $config;
    17. 

  17.     }
    18. 

  18. 

  19.     public function decrypt($associatedData, $nonceStr, $ciphertext)
    20. 

  20.     {
    21. 

  21.         $ciphertext = \base64_decode($ciphertext);
    22. 

  22.         if (strlen($ciphertext) <= self::AUTH_TAG_LENGTH_BYTE) {
    23. 

  23.             return false;
    24. 

  24.         }
    25. 

  25. 

  26.         if (function_exists('\sodium_crypto_aead_aes256gcm_is_available') && \sodium_crypto_aead_aes256gcm_is_available()) {
    27. 

  27.             return \sodium_crypto_aead_aes256gcm_decrypt($ciphertext, $associatedData, $nonceStr, $this->config->secretV3());
    28. 

  28.         }
    29. 

  29. 

  30.         if (function_exists('\Sodium\crypto_aead_aes256gcm_is_available') && \Sodium\crypto_aead_aes256gcm_is_available()) {
    31. 

  31.             return \Sodium\crypto_aead_aes256gcm_decrypt($ciphertext, $associatedData, $nonceStr, $this->config->secretV3());
    32. 

  32.         }
    33. 

  33. 

  34.         // openssl (PHP >= 7.1 support AEAD)
    35. 

  35.         if (PHP_VERSION_ID >= 70100 && in_array('aes-256-gcm', \openssl_get_cipher_methods())) {
    36. 

  36.             $ctext = substr($ciphertext, 0, -self::AUTH_TAG_LENGTH_BYTE);
    37. 

  37.             $authTag = substr($ciphertext, -self::AUTH_TAG_LENGTH_BYTE);
    38. 

  38. 

  39.             return \openssl_decrypt($ctext, 'aes-256-gcm', $this->config->secretV3(), \OPENSSL_RAW_DATA, $nonceStr,
    40. 

  40.                 $authTag, $associatedData);
    41. 

  41.         }
    42. 

  42. 

  43.         throw new \Exception('AEAD_AES_256_GCM需要PHP 7.1以上或者安装libsodium-php');
    44. 

  44.     }
    45. 

  45. 

  46.     /**
    47. 

  47.      * 隐私数据提供加密方法
    48. 

  48.      * @param $str
    49. 

  49.      * @return string
    50. 

  50.      * @throws \Exception
    51. 

  51.      */
    52. 

  52.     public function encrypt($str)
    53. 

  53.     {
    54. 

  54.         $public_key_path = $this->config->platformCert();
    55. 

  55.         $public_key = file_get_contents($public_key_path);
    56. 

  56.         $encrypted = '';
    57. 

  57.         if (openssl_public_encrypt($str, $encrypted, $public_key, OPENSSL_PKCS1_OAEP_PADDING)) {
    58. 

  58.             //base64编码
    59. 

  59.             $sign = base64_encode($encrypted);
    60. 

  60.         } else {
    61. 

  61.             throw new \Exception('encrypt failed');
    62. 

  62.         }
    63. 

  63.         return $sign;
    64. 

  64.     }
    65. 

  65. }
    66.