From 73791b204e0784d81fe3fdff3af81f910592e1e3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=A4=8F=E7=88=BD?= <996190264@qq.com> Date: Mon, 4 Mar 2019 10:20:03 +0800 Subject: [PATCH 1/3] Add `AopClient::decrypt()` to deal with Alipay encrypted data. Improve `AopClient::decrypt()` method. See: https://docs.alipay.com/mini/introduce/aes https://docs.alipay.com/mini/api/getphonenumber --- aop/AopClient.php | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) diff --git a/aop/AopClient.php b/aop/AopClient.php index 9ea0ff3e..6dd88e3c 100755 --- a/aop/AopClient.php +++ b/aop/AopClient.php @@ -3,6 +3,7 @@ namespace Alipay; use Alipay\Exception\AlipayInvalidSignException; +use Alipay\Exception\AlipayOpenSslException; use Alipay\Key\AlipayKeyPair; use Alipay\Request\AbstractAlipayRequest; use Alipay\Signer\AlipayRSA2Signer; @@ -256,6 +257,39 @@ public function verify($params = null) return true; } + /** + * 解密被支付宝加密的敏感数据 + * + * @param string $encryptedData Base64 格式的已加密的数据,如手机号 + * @param string $encodedKey Base64 编码后的密钥 + * @param string $cipher 解密算法,保持默认值即可 + * + * @throws AlipayOpenSslException + * + * @return string + * + * @see https://docs.alipay.com/mini/introduce/aes + * @see https://docs.alipay.com/mini/introduce/getphonenumber + */ + public static function decrypt($encryptedData, $encodedKey, $cipher = 'aes-128-cbc') + { + $key = base64_decode($encodedKey); + if ($key === false) { + throw new AlipayBase64Exception($encodedKey); + } + + if (!in_array($cipher, openssl_get_cipher_methods(), true)) { + throw new AlipayOpenSslException("Cipher algorithm {$cipher} not available"); + } + + $result = openssl_decrypt($encryptedData, $cipher, $key); + if ($result === false) { + throw new AlipayOpenSslException(); + } + + return $result; + } + /** * 获取应用 ID * From fd2e9161e280f67507701760d1e4933ab99b69b9 Mon Sep 17 00:00:00 2001 From: Weizhe Sun Date: Mon, 4 Mar 2019 04:51:31 +0000 Subject: [PATCH 2/3] Complete unit tests of decrypting. --- tests/client/ClientTest.php | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/tests/client/ClientTest.php b/tests/client/ClientTest.php index a41018cf..cf8e0442 100644 --- a/tests/client/ClientTest.php +++ b/tests/client/ClientTest.php @@ -64,6 +64,33 @@ public function testVerify(AopClient $client, $sign) $this->assertFalse($result); } + /** + * @depends testCreate + */ + public function testDecrypt(AopClient $client) + { + $result = $client->decrypt( + 'h6qnRCccN8vR/IPtKYuTMIZUoDE9ZKp6pB2rrh4BMu8C7rS51ZZFn3aTlPl4i/RxvdS7SkJ+i49uDYfV+u5CKA==', + 'ZXdCNW9ta1FsRGlVbzQ0TVdXbzJKN001dA==' + ); + + $this->assertEquals('{"code":"1000","msg":"success","mobile":"12777207727"}', $result); + } + + /** + * @depends testCreate + */ + public function testDecryptException(AopClient $client) + { + $this->expectException('Alipay\Exception\AlipayOpenSslException'); + + $client->decrypt( + 'h6qnRCccN8vR/IPtKYuTMIZUoDE9ZKp6pB2rrh4BMu8C7rS51ZZFn3aTlPl4i/RxvdS7SkJ+i49uDYfV+u5CKA==', + 'ZXdCNW9ta1FsRGlVbzQ0TVdXbzJKN001dA==', + 'non-existed-cipher' + ); + } + /** * @depends testCreate */ From af8af649c64700cb575f9079ac356e3bfd14eed7 Mon Sep 17 00:00:00 2001 From: wi1dcard Date: Mon, 4 Mar 2019 04:52:06 +0000 Subject: [PATCH 3/3] Apply fixes from StyleCI [ci skip] [skip ci] --- aop/AopClient.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/aop/AopClient.php b/aop/AopClient.php index 6dd88e3c..3b3dc5ee 100755 --- a/aop/AopClient.php +++ b/aop/AopClient.php @@ -260,9 +260,9 @@ public function verify($params = null) /** * 解密被支付宝加密的敏感数据 * - * @param string $encryptedData Base64 格式的已加密的数据,如手机号 - * @param string $encodedKey Base64 编码后的密钥 - * @param string $cipher 解密算法,保持默认值即可 + * @param string $encryptedData Base64 格式的已加密的数据,如手机号 + * @param string $encodedKey Base64 编码后的密钥 + * @param string $cipher 解密算法,保持默认值即可 * * @throws AlipayOpenSslException *