php sm2 国密算法与 CURL SSL 双向认证(转)
大佬博文:https://blog.phpha.com/archives/149/
国密PHP扩展包: http://gmssl.org/
大佬博文:https://blog.phpha.com/archives/149/
国密PHP扩展包: http://gmssl.org/
1、https://github.com/lizhichao/sm
2、https://github.com/lpilp/phpsm2sm3sm4
// 工具函数
function formatHex($dec) {
$hex = gmp_strval(gmp_init($dec, 10), 16);
$len = strlen($hex);
if ($len == 64) {
return $hex;
}
if ($len < 64) {
$hex = str_pad($hex, 64, "0", STR_PAD_LEFT);
} else {
$hex = substr($hex, $len - 64, 64);
}
return $hex;
}
############################数据加密开始################################
// 公钥
$publicKey = 'BNsIe9U0x8IeSe4h/dxUzVEz9pie0hDSfMRINRXc7s1UIXfkExnYECF4QqJ2SnHxLv3z/99gsfDQrQ6dzN5lZj0=';
// 私钥
$privateKey = 'NBtl7WnuUtA2v5FaebEkU0/Jj1IodLGT6lQqwkzmd2E=';
// base64私钥转二进制
$privateKey = base64_decode($privateKey);
// 二进制转十六进制字符串
$privateKey = unpack("H*", $privateKey)[1];
// 待加密的数据
$data = '{"request":{"body":{"ntbusmody":[{"busmod":"00001"}],"ntdumaddx1":[{"bbknbr":"75","dyanam":"招商测试","dyanbr":"11111111111","eftdat":"20220602","inbacc":"755936020410404","ovrctl":"N","yurref":"596620626253316098"}]},"head":{"funcode":"NTDUMADD","reqid":"202206021511010000001","userid":"B000001631"}},"signature":{"sigdat":"__signature_sigdat__","sigtim":"20220602161503"}}';
// 生成签名开始
$sm2 = new RtSm2("base64");
// 将用户id填充到16个字节
$userId = sprintf('%-016s', "B000001631");
// 使用rsa的私钥生成签名(注意这里是私钥!私钥!私钥!)
$sign = $sm2->doSign($data, $privateKey, $userId);
// 将base64的签名还原为二进制
$sign = base64_decode($sign);
// 处理二进制数据
$point = \FG\ASN1\ASNObject::fromBinary($sign)->getChildren();
$pointX = formatHex($point[0]->getContent());
$pointY = formatHex($point[1]->getContent());
$sign = $pointX . $pointY;
$sign = base64_encode(hex2bin($sign));
// 替换签名字段
$data = str_replace('__signature_sigdat__', $sign, $data);
// 对数据进行对称加密(换成你自己的key)
$sm4 = new RtSm4('VuAzSWQhsoNqzn0K');
// 这里使用的具名参数的写法,低版本的php改成顺序传入参数就行
$encryptData = $sm4->encrypt($data, 'sm4-cbc', $iv = $userId, "base64");
var_dump($encryptData);die;
############################数据加密结束################################
############################返回数据验证开始################################
$decryptData = "LkQOOa0kJr7xWxyhr1kj4mf31f1lZOv5bURemjcALkmQXGeKBIVnR6f+BIN8g6UvhHy08LKrmyYTq9LBXQBI95i7Ht/4OWTRFoFG/lCYT39cr50a426UgreuF4NUrUdCGoItHiwTmCcfJStqjdGXY0O0lr9YR2GJZEOtpllnRThoIWEIdPUvQMtUyzfQKuOZ6s7r6V3jirKUFuaeuFtuZ96RliOCqQa/BdCY/qHnjVaMEoZNTYeHeUIcZs43nCxaMcvaBFTZ9wbBjNf3jwmi/TZKHIcXLQpIxtWdYoOC12dgKkeBL83xaHCGYpvkOO0IFML8XbJR1oQJdvvF49WCN6HmrcikG0fPjX+AzTxT1odHsAwHk78m9galKfkslUDrT+bq4qplw3ByOQA+5WfzmNPsSgGYLfE6va+5EbXieaMW6pPs7yiWUyOhpVOpBV+6q4cwXWeGgDgUhXQ1dTKFqqJQBMKX8iRvXgYFTmwSzZHvH7VZmtuf7gZMMtycSUFb";
// 返回结果解密,这里使用的具名参数的写法,低版本的php改成顺序传入参数就行
$json = $sm4->decrypt($decryptData, $type = 'sm4-cbc', $iv = $userId, $formatInput = 'base64');
$data = json_decode($json, true);
var_dump($data);die;
// 验证签名是否正确
$sign = $data["signature"]["sigdat"];
// 将数据中的签名重置
$data["signature"]["sigdat"] = "__signature_sigdat__";
$json = json_encode($data, 256);
$signHex = bin2hex(base64_decode($sign));
$r = substr($signHex, 0, 64);
$s = substr($signHex, 64, 64);
$r = gmp_init($r, 16);
$s = gmp_init($s, 16);
$signature = new \Mdanter\Ecc\Crypto\Signature\Signature($r, $s);
$serializer = new DerSignatureSerializer();
$serializedSig = $serializer->serialize($signature);
$sign = base64_encode($serializedSig);
$publicKey = unpack("H*", base64_decode($publicKey))[1];
$b = $sm2->verifySign($json, $sign, $publicKey, $userId);
var_dump($b);
############################返回数据验证结束################################
<?php
class SM4
{
const SM4_CK = [
0x00070e15, 0x1c232a31, 0x383f464d, 0x545b6269,
0x70777e85, 0x8c939aa1, 0xa8afb6bd, 0xc4cbd2d9,
0xe0e7eef5, 0xfc030a11, 0x181f262d, 0x343b4249,
0x50575e65, 0x6c737a81, 0x888f969d, 0xa4abb2b9,
0xc0c7ced5, 0xdce3eaf1, 0xf8ff060d, 0x141b2229,
0x30373e45, 0x4c535a61, 0x686f767d, 0x848b9299,
0xa0a7aeb5, 0xbcc3cad1, 0xd8dfe6ed, 0xf4fb0209,
0x10171e25, 0x2c333a41, 0x484f565d, 0x646b7279
];
const SM4_SBOX = [
0xd6,0x90,0xe9,0xfe,0xcc,0xe1,0x3d,0xb7,0x16,0xb6,0x14,0xc2,0x28,0xfb,0x2c,0x05,
0x2b,0x67,0x9a,0x76,0x2a,0xbe,0x04,0xc3,0xaa,0x44,0x13,0x26,0x49,0x86,0x06,0x99,
0x9c,0x42,0x50,0xf4,0x91,0xef,0x98,0x7a,0x33,0x54,0x0b,0x43,0xed,0xcf,0xac,0x62,
0xe4,0xb3,0x1c,0xa9,0xc9,0x08,0xe8,0x95,0x80,0xdf,0x94,0xfa,0x75,0x8f,0x3f,0xa6,
0x47,0x07,0xa7,0xfc,0xf3,0x73,0x17,0xba,0x83,0x59,0x3c,0x19,0xe6,0x85,0x4f,0xa8,
0x68,0x6b,0x81,0xb2,0x71,0x64,0xda,0x8b,0xf8,0xeb,0x0f,0x4b,0x70,0x56,0x9d,0x35,
0x1e,0x24,0x0e,0x5e,0x63,0x58,0xd1,0xa2,0x25,0x22,0x7c,0x3b,0x01,0x21,0x78,0x87,
0xd4,0x00,0x46,0x57,0x9f,0xd3,0x27,0x52,0x4c,0x36,0x02,0xe7,0xa0,0xc4,0xc8,0x9e,
0xea,0xbf,0x8a,0xd2,0x40,0xc7,0x38,0xb5,0xa3,0xf7,0xf2,0xce,0xf9,0x61,0x15,0xa1,
0xe0,0xae,0x5d,0xa4,0x9b,0x34,0x1a,0x55,0xad,0x93,0x32,0x30,0xf5,0x8c,0xb1,0xe3,
0x1d,0xf6,0xe2,0x2e,0x82,0x66,0xca,0x60,0xc0,0x29,0x23,0xab,0x0d,0x53,0x4e,0x6f,
0xd5,0xdb,0x37,0x45,0xde,0xfd,0x8e,0x2f,0x03,0xff,0x6a,0x72,0x6d,0x6c,0x5b,0x51,
0x8d,0x1b,0xaf,0x92,0xbb,0xdd,0xbc,0x7f,0x11,0xd9,0x5c,0x41,0x1f,0x10,0x5a,0xd8,
0x0a,0xc1,0x31,0x88,0xa5,0xcd,0x7b,0xbd,0x2d,0x74,0xd0,0x12,0xb8,0xe5,0xb4,0xb0,
0x89,0x69,0x97,0x4a,0x0c,0x96,0x77,0x7e,0x65,0xb9,0xf1,0x09,0xc5,0x6e,0xc6,0x84,
0x18,0xf0,0x7d,0xec,0x3a,0xdc,0x4d,0x20,0x79,0xee,0x5f,0x3e,0xd7,0xcb,0x39,0x48
];
const SM4_FK = [0xA3B1BAC6, 0x56AA3350, 0x677D9197, 0xB27022DC];
public $_rk = [];
public $_block_size = 16;
public function __construct()
{
}
public function encrypt($key, $data)
{
$this->sM4KeySchedule($key);
$bytes = $this->pad($data, $this->_block_size);
$chunks = array_chunk($bytes, $this->_block_size);
$ciphertext = "";
foreach ($chunks as $chunk) {
$ciphertext .= $this->sM4Encrypt($chunk);
}
return base64_encode($ciphertext);
}
public function decrypt($key, $data)
{
$data = base64_decode($data);
if (strlen($data) < 0 || strlen($data) % $this->_block_size != 0) {
return false;
}
$this->sM4KeySchedule($key);
$bytes = unpack("C*", $data);
$chunks = array_chunk($bytes, $this->_block_size);
$plaintext = "";
foreach ($chunks as $chunk) {
$plaintext .= substr($this->sM4Decrypt($chunk), 0, 16);
}
$plaintext = $this->un_pad($plaintext);
return $plaintext;
}
private function sM4Decrypt($cipherText)
{
$x = [];
for ($j=0; $j<4; $j++) {
$x[$j]=($cipherText[$j*4]<<24) |($cipherText[$j*4+1]<<16)| ($cipherText[$j*4+2]<<8)|($cipherText[$j*4+3]);
}
for ($i=0; $i<32; $i++) {
$tmp = $x[$i+1]^$x[$i+2]^$x[$i+3]^$this->_rk[31-$i];
$buf= (self::SM4_SBOX[($tmp >> 24) & 0xFF]) << 24 |(self::SM4_SBOX[($tmp >> 16) & 0xFF]) << 16 |(self::SM4_SBOX[($tmp >> 8) & 0xFF]) << 8 |(self::SM4_SBOX[$tmp & 0xFF]);
$x[$i+4]=$x[$i]^($buf^$this->sm4Rotl32(($buf), 2)^ $this->sm4Rotl32(($buf), 10) ^ $this->sm4Rotl32(($buf), 18)^ $this->sm4Rotl32(($buf), 24));
}
$plainText = [];
for ($k=0; $k<4; $k++) {
$plainText[4*$k]=($x[35-$k]>> 24)& 0xFF;
$plainText[4*$k+1]=($x[35-$k]>> 16)& 0xFF;
$plainText[4*$k+2]=($x[35-$k]>> 8)& 0xFF;
$plainText[4*$k+3]=($x[35-$k])& 0xFF;
}
return $this->bytesToString($plainText);
}
private function sM4Encrypt($plainText)
{
$x = [];
for ($j=0; $j<4; $j++) {
$x[$j]=($plainText[$j*4]<<24) |($plainText[$j*4+1]<<16)| ($plainText[$j*4+2]<<8)|($plainText[$j*4+3]);
}
for ($i=0; $i<32; $i++) {
$tmp = $x[$i+1]^$x[$i+2]^$x[$i+3]^$this->_rk[$i];
$buf= (self::SM4_SBOX[($tmp >> 24) & 0xFF]) << 24 |(self::SM4_SBOX[($tmp >> 16) & 0xFF]) << 16 |(self::SM4_SBOX[($tmp >> 8) & 0xFF]) << 8 |(self::SM4_SBOX[$tmp & 0xFF]);
$x[$i+4]=$x[$i]^($buf^$this->sm4Rotl32(($buf), 2)^ $this->sm4Rotl32(($buf), 10) ^ $this->sm4Rotl32(($buf), 18)^ $this->sm4Rotl32(($buf), 24));
}
$cipherText = [];
for ($k=0; $k<4; $k++) {
$cipherText[4*$k]=($x[35-$k]>> 24)& 0xFF;
$cipherText[4*$k+1]=($x[35-$k]>> 16)& 0xFF;
$cipherText[4*$k+2]=($x[35-$k]>> 8)& 0xFF;
$cipherText[4*$k+3]=($x[35-$k])& 0xFF;
}
return $this->bytesToString($cipherText);
}
private function stringToBytes($string)
{
return unpack('C*', $string);
}
private function bytesToString($bytes)
{
return vsprintf(str_repeat('%c', count($bytes)), $bytes);
}
private function pad($data)
{
$bytes = $this->stringToBytes($data);
$rem = $this->_block_size - count($bytes) % $this->_block_size;
for ($i = 0; $i < $rem; $i++) {
array_push($bytes, $rem);
}
return $bytes;
}
private function un_pad($data)
{
$bytes = $this->stringToBytes($data);
$rem = $bytes[count($bytes)];
$bytes = array_slice($bytes, 0, count($bytes) - $rem);
return $this->bytesToString($bytes);
}
private function sm4Rotl32($buf, $n)
{
return (($buf << $n) & 0xffffffff) | ($buf >> (32-$n));
}
private function sM4KeySchedule($key)
{
$this->_rk = [];
$key = array_values(unpack("C*", $key));
$k = [];
for ($i=0; $i<4; $i++) {
$k[$i] = self::SM4_FK[$i]^(($key[4*$i]<<24) | ($key[4*$i+1]<<16) |($key[4*$i+2]<<8) | ($key[4*$i+3]));
}
for ($j=0; $j<32; $j++) {
$tmp = $k[$j+1]^$k[$j+2]^$k[$j+3]^ self::SM4_CK[$j];
$buf = (self::SM4_SBOX[($tmp >> 24) & 0xFF]) << 24 |(self::SM4_SBOX[($tmp >> 16) & 0xFF]) << 16 |(self::SM4_SBOX[($tmp >> 8) & 0xFF]) << 8 |(self::SM4_SBOX[$tmp & 0xFF]);
$k[$j+4]=$k[$j]^(($buf)^($this->sm4Rotl32(($buf), 13))^($this->sm4Rotl32(($buf), 23)));
$this->_rk[$j]=$k[$j+4];
}
}
}
$key = '1234567890123456';
$data = '1234567890abcdefghijklmnopqrstuvwxyz!@#$%^&*(),./;我是一个好人,你不要怀疑。';
$sm4 = new SM4();
echo "加密key:" . $key . "\n";
echo "明文:" . $data . "\n";
$a = $sm4->encrypt($key, $data);
echo "加密结果:" . $a . "\n";
$b = $sm4->decrypt($key, $a);
echo "解密结果:" . $b . "\n";
list($t1, $t2) = explode(' ', microtime());
$st = (float)sprintf('%.0f', (floatval($t1) + floatval($t2)) * 1000);
for ($i = 0; $i< 1000; $i++) {
$sm4 = new SM4();
$a = $sm4->encrypt($key, $data);
}
list($t1, $t2) = explode(' ', microtime());
$et = (float)sprintf('%.0f', (floatval($t1) + floatval($t2)) * 1000);
$endtime = $et-$st;
echo "time:" . $endtime . "\n";
方便查询,转载:
https://www.cnblogs.com/richerdyoung/p/12469189.html
$url = "https://api.weixin.qq.com/sns/jscode2session?appid={$appid}&secret={$secret}&js_code={$code}&grant_type=authorization_code";
$url = "https://api.weixin.qq.com/sns/jscode2session?appid=".$appid."&secret=".$secret."&js_code=".$code."&grant_type=authorization_code";
$url = "https://api.weixin.qq.com/sns/jscode2session?appid=%s&secret=%s&js_code=%s&grant_type=authorization_code";
$url = sprintf($url,$appid,$secret,$code);
<?php
namespace App\Services;
use GuzzleHttp\Client;
use GuzzleHttp\Exception\ClientException;
class Guzzle
{
/**
* GET请求
* @param $url
* @param array $options
* @return mixed|void
*/
public static function get($url, $options = [])
{
return self::sendRequest($url, 'GET', $options);
}
/** POST请求
* @param $url
* @param array $options
* @return mixed|void
*/
public static function post($url, $options = [], $is_json = 1)
{
if ($options['query']) {
if ($is_json) {
$options['json'] = $options['query'];
} else{
$options['form_params'] = $options['query'];
}
unset($options['query']);
}
return self::sendRequest($url, 'POST', $options);
}
/**
* PUT请求
* @param $url
* @param array $options
* @return mixed|void
*/
public static function put($url, $options = [])
{
return self::sendRequest($url, 'PUT', $options);
}
/**
* Delete请求
* @param $url
* @param array $options
* @return mixed
*/
public static function delete($url, $options = [])
{
return self::delete($url, $options);
}
public static function getOptions($params)
{
$baseOptions = [
'connect_timeout' => 10,
'timeout' => 10,
'verify' => false,
'debug' => false,
];
$options = array_merge($baseOptions, $params);
return $options;
}
/**
* 发起HTTP请求
* @param $url
* @param string $method
* @param array $options
* @return mixed|void
* @throws \GuzzleHttp\Exception\GuzzleException
*/
public static function sendRequest($url, string $method, array $options = [])
{
$options = self::getOptions($options);
$client = new Client();
try {
$request = $client->request($method, $url, $options);
$body = $request->getBody();
$contents = $body->getContents();
$response = json_decode($contents, true);
return $response;
} catch (ClientException $e) {
// write log
$response = [
'code'=>$e->getCode(),
'message'=> $e->getMessage(),
];
echo json_encode($response);exit;
}
}
}
<?php
namespace App\Http\Controllers;
use App\Services\Guzzle;
class TestController extends Controller
{
public function send()
{
$baseUrl = 'https://xxxx.com';
$apiName = '/api/generateimage';
$url = $baseUrl.$apiName;
$options = [
'query' => [
'id' => '1',
'lang' => 'cn'
]
];
$result = Guzzle::get($url, $options);
dd($result);
}
}
{"errcode":47001,"errmsg":"data format error hint: [6kMDxSDNRa-hAwqia] rid: 6308d1b5-69935bc9-1d99d19f"}
protected function getPhoneNo($code): string
{
try {
$accessToken = $this->getAccessToken();
if($accessToken) {
//POST https://api.weixin.qq.com/wxa/business/getuserphonenumber?access_token=ACCESS_TOKEN
$client = new Client();
$url = config('mini.get_phone_number');
$req = $client->post("$url?access_token={$accessToken}", [
'json' => [
'code' => $code
]
]);
var_export($req->getBody()->getContents());
}
} catch (\Throwable | \Exception $e) {
return $e->getMessage();
}
}
'json' => [
'code' => $code
]
'form_params' => [
'code' => $code
]
1.StdClass 对象 => 基础的对象
2.Eloquent 模型对象 (Model 对象) => 和模型相关的类对象
3.Eloquent 集合 => 可以简单理解为对象数组,里面的每一个元素都是一个 Model 对象
1.$users = DB::table('users')->get();
返回值:数组结果,其中每一个结果都是 StdClass
2.$user = DB::table('users')->first();
返回值:单个 StdClass 实例
1.$user = User::first();
返回值:Eloquent 对象 `
2.$user = User::find();
返回值:Eloquent 对象 `
3.$users = User::get();
返回值:Eloquent 集合
4.$users = User::all();
返回值:Eloquent 集合
5.$user = User::create($data);
返回值:Eloquent 对象
6.$user = new User(); $user->name = "admin" $user->save();
返回值:Eloquent 对象
7.$result = User::insert($data);
返回值:bool
8.$result = $user->delete();
返回值:bool
9.$count = User::destroy([1, 2]);
返回值:删除记录数
10.$count = User::where('id', '>', 1)->delete();
返回值:删除记录数
11.$count = User::where('id', '>', 10)->update(['status' => 1]);
返回值:更新记录数
12.$count = User::where('id', '>', 10)->increment('age', 1);
返回值:更新记录数
纯粹为了查阅方便,作者辛苦了!本文转自:
https://learnku.com/articles/15654/laravel-return-value
/**
* 调班记录和导出
* @param $params
* @return string
*/
public static function getEmployeeShiftRecord($params)
{
set_time_limit(0);
$pageSize = $params['per_page'] ?? 10;
$where = [
'r.company_id' => $params['company_id'],
'r.del' => 0
];
$records = DB::table('attendance_employee_shift_record as r')
->select('r.*','t.name as team_name','e.deptid','e.company_branch_id as sub_id','e.fullName','e.uuid')
->leftJoin('attendance_team as t','t.id','=','r.team_id')
->leftJoin('employees as e','e.id','=','r.eid')
->where($where)
->where(function($query) use($params) {
//判断是否有关键词
if (!empty($params['keyword'])) {
$keyEid = Employee::where('fullName', 'like', '%'.$params['keyword'].'%')->value('id');
$query->where('e.fullName', 'like', '%'.$params['keyword'].'%')->orWhere('r.eid',$keyEid)->orWhere('r.target_eid',$keyEid);
}
//判断考勤组
if(!empty($params['group_id'])){
$query->where('r.group_id',$params['group_id']);
}
//权限判断
if(!empty($params['permission_range'])){
$uuids = self::getEmployeeUuidByPermissionRange($params['permission_range'],$params['company_id']);
if(count($uuids)){
$query->whereIn('e.uuid', $uuids);
}
}
if(!empty($params['start_time']) && !empty($params['end_time'])){
$date = [date('Y-m-d',strtotime($params['start_time'])),date('Y-m-d',strtotime($params['end_time']))];
$query->whereBetween('day',$date)->orWhereBetween('target_day',$date);
}
})
->orderBy('created_at','desc')
->paginate($pageSize);
## 导出处理
if(!empty($params['export'])){
//获取调班记录数据
$data = array();
//组装表头内容
$title = [
'fullName'=> '调班员工',
'subName' => '公司/中心',
'deptName' => //'部门',
'group_name' => '考勤组',
'team_name' => '班组',
'day' => '调班日期',
'class_name' => '调班班次',
'target_employee_name' => '目标员工',
'target_day' => '目标日期',
'target_class_name' => '目标班次',
];
##yield引入
$records = self::yieldData($records);
foreach ($records as $key => &$record ){
foreach ($title as $k => $value){
$data[$key][$k] = $record->$k;
}
}
array_unshift($data, $title);
$remark = trans('attendance.1048'); //调班记录表
$extension = 'xlsx';
\Excel::create($remark, function($excel) use($data) {//调班
$excel->sheet('store', function ($sheet) use ($data) {
//超时处理
$cacheMethod = \PHPExcel_CachedObjectStorageFactory::cache_in_memory;
\PHPExcel_Settings::setCacheStorageMethod($cacheMethod);
$sheet->setWidth(array(
'A' => 10,
'B' => 30,
'C' => 20,
'D' => 20,
'E' => 20,
));
$sheet->cells('A:Z', function ($cells) {
$cells->setAlignment('center');
$cells->setValignment('center');
});
$sheet->fromArray($data, null, 'A1', true, false);
});
})->export($extension);
return true;
}
return $records;
}
public static function yieldData($data)
{
foreach ($data as $datum){
yield $datum;
}
}
1、当没引入yield时,如果使用数组,那么你就是把所有excel表格数据先存入数组,而数组是占服务器的内存,当数据量达到一定量时,服务器就会瘫痪。
2、当引入yield时,那么excel表数据就相当于一个函数(如:yieldData),你不调用它,它就不会占用内存。假如,你调用它(yieldData),那么yield生成器就会把excel数据一行一行的读取并且同时清理掉你调用的那一行的内存(即是读一行清理一行内存)。
3、因此,它在使用时,就几乎不占用内存,这样效率将会大大提高。
/**
* 下划线转驼峰
* @param $str
* @return null|string|string[]
*/
public static function lineToHump($str)
{
$str = preg_replace_callback('/([-_]+([a-z]{1}))/i', function ($matches) {
return strtoupper($matches[2]);
}, $str);
return $str;
}
/**
* 驼峰转下划线
* @param $str
* @return null|string|string[]
*/
public static function humpToLine($str)
{
$str = preg_replace_callback('/([A-Z]{1})/', function ($matches) {
return '_' . strtolower($matches[0]);
}, $str);
return $str;
}