diff --git a/service/app/admin/controller/OrderController.php b/service/app/admin/controller/OrderController.php index 5765abeb..cadf8e6e 100644 --- a/service/app/admin/controller/OrderController.php +++ b/service/app/admin/controller/OrderController.php @@ -166,6 +166,7 @@ class OrderController extends base } } $value['mobileInfo'] = $mobileInfo; + // $value['mobile'] = substr_replace($value['mobile'], '****', 3, 4); } $_oss = []; diff --git a/service/app/command/Test.php b/service/app/command/Test.php new file mode 100644 index 00000000..c59ab2e2 --- /dev/null +++ b/service/app/command/Test.php @@ -0,0 +1,40 @@ +addArgument('name', InputArgument::OPTIONAL, 'Name description'); + } + + /** + * @param InputInterface $input + * @param OutputInterface $output + * @return int + */ + protected function execute(InputInterface $input, OutputInterface $output): int + { + $encryptStr = (new DyApiService())->encrypt('这是一个测试', env('DY_APPSECRET')); + $output->write('加密字符串:' . $encryptStr); + + $decryptStr = (new DyApiService())->decrypt($encryptStr, env('DY_APPSECRET')); + $output->write('解密字符串:' . $decryptStr); + + return 0; + } +} diff --git a/service/app/server/DyApiService.php b/service/app/server/DyApiService.php index 09f0b731..937e987c 100644 --- a/service/app/server/DyApiService.php +++ b/service/app/server/DyApiService.php @@ -153,4 +153,107 @@ class DyApiService { return ['flag' => false, 'message' => $exception->getMessage(), 'data' => []]; } } + + /** + 1.根据ClientKev找到ClientSecret,将ClientSecret向左右使用字符补齐32位/裁剪至32位,补齐:补位字符:#,先补左侧再补右侧再补左侧………直到补满32位。 + 裁剪:先裁剪左侧再裁右侧再裁左侧………直到剩余32位。(正常不需要补齐,secret默认为32位,此举是为了 + 以防万一) + 2.将ClientSecret作为Key,右侧16位为向量IV + 3.将密文进行base64解码。 + 4.使用AES-256-CBC模式解密解码后的密文,对齐使用PKCS5Padding方式 + * @param $cipherText + * @param $clientSecret + * @return false|string + */ + public function decrypt($cipherText, $clientSecret) { + Log::info('$cipherText:' . $cipherText); + // 补齐或裁剪 ClientSecret 为 32 位 + $clientSecret = $this->padOrTruncate($clientSecret); + Log::info('$cipherText step 2:' . $clientSecret); + + // 使用 ClientSecret 作为密钥 + $key = $clientSecret; + + // 右侧16位为初始化向量IV + $iv = substr($key, 16, 16); + + // 将密文 base64 解码 + $cipherTextDecoded = base64_decode($cipherText); + + // 使用 AES-256-CBC 解密 + return openssl_decrypt($cipherTextDecoded, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv); + } + + public function encrypt($cipherText, $clientSecret) { + Log::info('$cipherText:' . $cipherText); + // 补齐或裁剪 ClientSecret 为 32 位 + $clientSecret = $this->padOrTruncate($clientSecret); + Log::info('$cipherText step 2:' . $clientSecret); + + // 使用 ClientSecret 作为密钥 + $key = $clientSecret; + + // 右侧16位为初始化向量IV + $iv = substr($key, 16, 16); + + // 使用 AES-256-CBC 解密 + return base64_encode(openssl_encrypt($cipherText, 'AES-256-CBC', $key, OPENSSL_RAW_DATA, $iv)); + } + + /** + * @param $clientSecret + * @return false|string + */ + private function padOrTruncate($clientSecret) { + // 1. 如果 clientSecret 长度为32,直接返回 + if (strlen($clientSecret) == 32) { + return $clientSecret; + } + + // 2. 如果 length < 32,补齐至32位 + if (strlen($clientSecret) < 32) { + // 补齐过程:先补左侧,再补右侧,再补左侧,直到长度为32 + $paddingChar = '#'; + $padded = $clientSecret; + + // 左侧补齐 + $left = true; + while (strlen($padded) < 32) { + if ($left) { + $padded = $paddingChar . $padded; + $left = false; + } else { + $padded = $padded . $paddingChar; + $left = true; + } + } + + return substr($padded, 0, 32); // 确保返回32位 + } + + // 3. 如果 length > 32,裁剪至32位 + if (strlen($clientSecret) > 32) { + // 裁剪过程:先裁左侧,再裁右侧,再裁左侧,直到长度为32 + $cropped = $clientSecret; + + // 左侧裁剪 + while (strlen($cropped) > 32) { + $cropped = substr($cropped, 1); + } + + // 右侧裁剪 + while (strlen($cropped) > 32) { + $cropped = substr($cropped, 0, -1); + } + + // 左侧裁剪(再一次) + while (strlen($cropped) > 32) { + $cropped = substr($cropped, 1); + } + + return substr($cropped, 0, 32); // 确保返回32位 + } + + return $clientSecret; + } }