|
|
@@ -13,9 +13,63 @@ class Test extends Api
|
|
|
protected $noNeedLogin = '*';
|
|
|
protected $noNeedRight = '*';
|
|
|
|
|
|
- //验签
|
|
|
+ //验签,2048位,265截取
|
|
|
public function verifysign(){
|
|
|
|
|
|
+ //解密签名开始
|
|
|
+ $sign = $this->request->request('sign','','trim');
|
|
|
+ if(empty($sign)){
|
|
|
+ $this->error('缺少签名');
|
|
|
+ }
|
|
|
+ $sign = base64_decode($sign);
|
|
|
+
|
|
|
+ $private_key_str = config('app_rsa.private_key');
|
|
|
+ $private_key = "-----BEGIN RSA PRIVATE KEY-----" .PHP_EOL.
|
|
|
+ wordwrap($private_key_str, 64, PHP_EOL, true) .
|
|
|
+ PHP_EOL."-----END RSA PRIVATE KEY-----";
|
|
|
+
|
|
|
+ $signgetdata = []; //被解密出来的数据
|
|
|
+ $split_len = 256;
|
|
|
+ $sign_split = str_split($sign, $split_len);
|
|
|
+ foreach($sign_split as $key => $sign_val){
|
|
|
+ $signgetdata_child = null;
|
|
|
+ openssl_private_decrypt($sign_val, $signgetdata_child, $private_key); // 使用私钥解密数据
|
|
|
+ $signgetdata[] = $signgetdata_child;
|
|
|
+ }
|
|
|
+
|
|
|
+ $signgetdata = implode('',$signgetdata);
|
|
|
+
|
|
|
+ if (!$signgetdata) {
|
|
|
+ $this->error('签名错误1');
|
|
|
+ }
|
|
|
+ dump($signgetdata);
|
|
|
+ //解密签名结束
|
|
|
+
|
|
|
+
|
|
|
+ //接收到的参数,组成我自己的验签体string
|
|
|
+ $request_all = $this->request->request();
|
|
|
+ unset($request_all['s']);
|
|
|
+ unset($request_all['sign']);
|
|
|
+ ksort($request_all);
|
|
|
+
|
|
|
+ $request_str = '';
|
|
|
+ foreach($request_all as $key => $param){
|
|
|
+ $request_str .= $key.'='.$param.'&';
|
|
|
+ }
|
|
|
+ $request_str .= 'signkey=F_dC923_35270PdsIIUIUTRERYTYYU';
|
|
|
+ dump($request_str);
|
|
|
+
|
|
|
+ //作对比
|
|
|
+ if($request_str != $signgetdata){
|
|
|
+ $this->error('验签错误');
|
|
|
+ }
|
|
|
+
|
|
|
+ echo '验签正确';
|
|
|
+ }
|
|
|
+
|
|
|
+ //验签
|
|
|
+ public function verifysign_old(){
|
|
|
+
|
|
|
//解密签名
|
|
|
$sign = $this->request->request('sign','','trim');
|
|
|
if(empty($sign)){
|
|
|
@@ -33,7 +87,7 @@ class Test extends Api
|
|
|
if (!$signgetdata) {
|
|
|
$this->error('签名错误');
|
|
|
}
|
|
|
- dump($signgetdata);
|
|
|
+ //dump($signgetdata);
|
|
|
|
|
|
//接收到的参数
|
|
|
$request_all = $this->request->request();
|
|
|
@@ -42,16 +96,17 @@ class Test extends Api
|
|
|
ksort($request_all);
|
|
|
$request_all = http_build_query($request_all);
|
|
|
$request_all .= '&signkey=F_dC923_35270PdsIIUIUTRERYTYYU';
|
|
|
- dump($request_all);
|
|
|
+ //dump($request_all);
|
|
|
|
|
|
//作对比
|
|
|
if($request_all != $signgetdata){
|
|
|
$this->error('验签错误');
|
|
|
}
|
|
|
|
|
|
- echo '验签正确';
|
|
|
- }
|
|
|
+ //echo '验签正确';
|
|
|
|
|
|
+ return true;
|
|
|
+ }
|
|
|
|
|
|
//加密
|
|
|
public function jiami(){
|
|
|
@@ -65,9 +120,11 @@ class Test extends Api
|
|
|
// dump($request_all);
|
|
|
$request_all = http_build_query($request_all);
|
|
|
$request_all .= '&signkey=F_dC923_35270PdsIIUIUTRERYTYYU';
|
|
|
- echo $request_all;
|
|
|
+// echo '加密字符串';
|
|
|
+// echo $request_all;
|
|
|
|
|
|
$public_key_str = config('app_rsa.public_key');
|
|
|
+ echo strlen($public_key_str);exit;
|
|
|
$public_key = "-----BEGIN PUBLIC KEY-----" .PHP_EOL.
|
|
|
wordwrap($public_key_str, 64, PHP_EOL, true) .
|
|
|
PHP_EOL."-----END PUBLIC KEY-----";
|
|
|
@@ -76,8 +133,8 @@ class Test extends Api
|
|
|
$sign = '';
|
|
|
openssl_public_encrypt($request_all,$sign,$public_key);
|
|
|
$sign = base64_encode($sign);
|
|
|
-
|
|
|
- $this->success('获得签名',$sign);
|
|
|
+ echo '获得签名';
|
|
|
+ dump($sign);
|
|
|
}
|
|
|
|
|
|
|
lizhen_gitee