Encryptor - Code Metrics - Inspection of "Merge Develop" - overtrue/wechat - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Pull Request — master (#292)

by Carlos

created 2016-02-19 15:38 UTC

Encryptor A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	284
Duplicated Lines	0 %

Coupling/Cohesion

Components	1
Dependencies	4

Importance

Changes	2
Bugs	0	Features	0

Metric	Value
wmc	27
c	2
b	0
f	0
lcom	1
cbo	4
dl	0
loc	284
rs	10

10 Methods

Rating	Name	Size	Complexity
A	getRandomStr()	4	1
A	__construct()	11	2
A	encryptMsg()	20	3
A	decryptMsg()	18	3
A	getSHA1()	11	2
A	encode()	16	3
A	decode()	10	3
A	getAESKey()	8	3
B	encrypt()	24	2
B	decrypt()	39	5

<?php

/*
 * This file is part of the overtrue/wechat.
 *
 * (c) overtrue <[email protected]>
 *
 * This source file is subject to the MIT license that is bundled
 * with this source code in the file LICENSE.
 */

/**
 * Encryptor.php.
 *
 * @author    overtrue <[email protected]>
 * @copyright 2015 overtrue <[email protected]>
 *
 * @link      https://github.com/overtrue
 * @link      http://overtrue.me
 */
namespace EasyWeChat\Encryption;

use EasyWeChat\Core\Exceptions\InvalidConfigException;
use EasyWeChat\Core\Exceptions\RuntimeException;
use EasyWeChat\Support\XML;
use Exception as BaseException;

/**
 * Class Encryptor.
 */
class Encryptor
{
    /**
     * App id.
     *
     * @var string
     */
    protected $appId;

    /**
     * App token.
     *
     * @var string
     */
    protected $token;

    /**
     * AES key.
     *
     * @var string
     */
    protected $AESKey;

    /**
     * Block size.
     *
     * @var int
     */
    protected $blockSize;

    /**
     * Constructor.
     *
     * @param string $appId
     * @param string $token
     * @param string $AESKey
     *
     * @throws RuntimeException
     */
    public function __construct($appId, $token, $AESKey)
    {
        if (!extension_loaded('mcrypt')) {
            throw new RuntimeException("The ext 'mcrypt' is required.");
        }

        $this->appId = $appId;
        $this->token = $token;
        $this->AESKey = $AESKey;
        $this->blockSize = 32; // mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
    }

    /**
     * Encrypt the message and return XML.
     *
     * @param string $xml
     * @param string $nonce
     * @param int    $timestamp
     *
     * @return string
     */
    public function encryptMsg($xml, $nonce = null, $timestamp = null)
    {
        $encrypt = $this->encrypt($xml, $this->appId);

        !is_null($nonce) || $nonce = substr($this->appId, 0, 10);
        !is_null($timestamp) || $timestamp = time();

        //生成安全签名
        $signature = $this->getSHA1($this->token, $timestamp, $nonce, $encrypt);

        $response = [
            'Encrypt' => $encrypt,
            'MsgSignature' => $signature,
            'TimeStamp' => $timestamp,
            'Nonce' => $nonce,
        ];

        //生成响应xml
        return XML::build($response);
    }

    /**
     * Decrypt message.
     *
     * @param string $msgSignature
     * @param string $nonce
     * @param string $timestamp
     * @param string $postXML
     *
     * @return array
     *
     * @throws EncryptionException
     */
    public function decryptMsg($msgSignature, $nonce, $timestamp, $postXML)
    {
        try {
            $array = XML::parse($postXML);
        } catch (BaseException $e) {
            throw new EncryptionException('Invalid xml.', EncryptionException::ERROR_PARSE_XML);
        }

        $encrypted = $array['Encrypt'];

        $signature = $this->getSHA1($this->token, $timestamp, $nonce, $encrypted);

        if ($signature !== $msgSignature) {
            throw new EncryptionException('Invalid Signature.', EncryptionException::ERROR_INVALID_SIGNATURE);
        }

        return XML::parse($this->decrypt($encrypted, $this->appId));
    }

    /**
     * Get SHA1.
     *
     * @return string
     *
     * @throws EncryptionException
     */
    public function getSHA1()
    {
        try {
            $array = func_get_args();
            sort($array, SORT_STRING);

            return sha1(implode($array));
        } catch (BaseException $e) {
            throw new EncryptionException($e->getMessage(), EncryptionException::ERROR_CALC_SIGNATURE);
        }
    }

    /**
     * Encode string.
     *
     * @param string $text
     *
     * @return string
     */
    public function encode($text)
    {
        $padAmount = $this->blockSize - (strlen($text) % $this->blockSize);

        $padAmount = $padAmount !== 0 ? $padAmount : $this->blockSize;

        $padChr = chr($padAmount);

        $tmp = '';

        for ($index = 0; $index < $padAmount; ++$index) {
            $tmp .= $padChr;
        }

        return $text.$tmp;
    }

    /**
     * Decode string.
     *
     * @param string $decrypted
     *
     * @return string
     */
    public function decode($decrypted)
    {
        $pad = ord(substr($decrypted, -1));

        if ($pad < 1 || $pad > $this->blockSize) {
            $pad = 0;
        }

        return substr($decrypted, 0, (strlen($decrypted) - $pad));
    }

    /**
     * Return AESKey.
     *
     * @return string
     *
     * @throws InvalidConfigException
     */
    protected function getAESKey()
    {
        if (empty($this->AESKey) || strlen($this->AESKey) !== 43) {
            throw new InvalidConfigException("Configuration mission, 'aes_key' is required.");
        }

        return base64_decode($this->AESKey.'=', true);
    }

    /**
     * Encrypt string.
     *
     * @param string $text
     * @param string $appId
     *
     * @return string
     *
     * @throws EncryptionException
     */
    private function encrypt($text, $appId)
    {
        try {
            $key = $this->getAESKey();
            $random = $this->getRandomStr();
            $text = $random.pack('N', strlen($text)).$text.$appId;

            // $size   = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
            $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
            $iv = substr($key, 0, 16);

            $text = $this->encode($text);

            mcrypt_generic_init($module, $key, $iv);

            $encrypted = mcrypt_generic($module, $text);
            mcrypt_generic_deinit($module);
            mcrypt_module_close($module);

            return base64_encode($encrypted);
        } catch (BaseException $e) {
            throw new EncryptionException($e->getMessage(), EncryptionException::ERROR_ENCRYPT_AES);
        }
    }

    /**
     * Decrypt message.
     *
     * @param string $encrypted
     * @param string $appId
     *
     * @return string
     *
     * @throws EncryptionException
     */
    private function decrypt($encrypted, $appId)
    {
        try {
            $key = $this->getAESKey();
            $ciphertext = base64_decode($encrypted, true);
            $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
            $iv = substr($key, 0, 16);

            mcrypt_generic_init($module, $key, $iv);

            $decrypted = mdecrypt_generic($module, $ciphertext);
            mcrypt_generic_deinit($module);
            mcrypt_module_close($module);
        } catch (BaseException $e) {
            throw new EncryptionException($e->getMessage(), EncryptionException::ERROR_DECRYPT_AES);
        }

        try {
            $result = $this->decode($decrypted);

            if (strlen($result) < 16) {
                return '';
            }

            $content = substr($result, 16, strlen($result));
            $listLen = unpack('N', substr($content, 0, 4));
            $xmlLen = $listLen[1];
            $xml = substr($content, 4, $xmlLen);
            $fromAppId = trim(substr($content, $xmlLen + 4));
        } catch (BaseException $e) {
            throw new EncryptionException($e->getMessage(), EncryptionException::ERROR_INVALID_XML);
        }

        if ($fromAppId !== $appId) {
            throw new EncryptionException('Invalid appId.', EncryptionException::ERROR_INVALID_APPID);
        }

        return $xml;
    }

    /**
     * Generate random string.
     *
     * @return string
     */
    private function getRandomStr()
    {
        return substr(str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz'), 0, 16);
    }
}


1			<?php
2
3			/*
4			* This file is part of the overtrue/wechat.
5			*
6			* (c) overtrue <[email protected]>
7			*
8			* This source file is subject to the MIT license that is bundled
9			* with this source code in the file LICENSE.
10			*/
11
12			/**
13			* Encryptor.php.
14			*
15			* @author overtrue <[email protected]>
16			* @copyright 2015 overtrue <[email protected]>
17			*
18			* @link https://github.com/overtrue
19			* @link http://overtrue.me
20			*/
21			namespace EasyWeChat\Encryption;
22
23			use EasyWeChat\Core\Exceptions\InvalidConfigException;
24			use EasyWeChat\Core\Exceptions\RuntimeException;
25			use EasyWeChat\Support\XML;
26			use Exception as BaseException;
27
28			/**
29			* Class Encryptor.
30			*/
31			class Encryptor
32			{
33			/**
34			* App id.
35			*
36			* @var string
37			*/
38			protected $appId;
39
40			/**
41			* App token.
42			*
43			* @var string
44			*/
45			protected $token;
46
47			/**
48			* AES key.
49			*
50			* @var string
51			*/
52			protected $AESKey;
53
54			/**
55			* Block size.
56			*
57			* @var int
58			*/
59			protected $blockSize;
60
61			/**
62			* Constructor.
63			*
64			* @param string $appId
65			* @param string $token
66			* @param string $AESKey
67			*
68			* @throws RuntimeException
69			*/
70			public function __construct($appId, $token, $AESKey)
71			{
72			if (!extension_loaded('mcrypt')) {
73			throw new RuntimeException("The ext 'mcrypt' is required.");
74			}
75
76			$this->appId = $appId;
77			$this->token = $token;
78			$this->AESKey = $AESKey;
79			$this->blockSize = 32; // mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
80			}
81
82			/**
83			* Encrypt the message and return XML.
84			*
85			* @param string $xml
86			* @param string $nonce
87			* @param int $timestamp
88			*
89			* @return string
90			*/
91			public function encryptMsg($xml, $nonce = null, $timestamp = null)
92			{
93			$encrypt = $this->encrypt($xml, $this->appId);
94
95			!is_null($nonce) \|\| $nonce = substr($this->appId, 0, 10);
96			!is_null($timestamp) \|\| $timestamp = time();
97
98			//生成安全签名
99			$signature = $this->getSHA1($this->token, $timestamp, $nonce, $encrypt);
100
101			$response = [
102			'Encrypt' => $encrypt,
103			'MsgSignature' => $signature,
104			'TimeStamp' => $timestamp,
105			'Nonce' => $nonce,
106			];
107
108			//生成响应xml
109			return XML::build($response);
110			}
111
112			/**
113			* Decrypt message.
114			*
115			* @param string $msgSignature
116			* @param string $nonce
117			* @param string $timestamp
118			* @param string $postXML
119			*
120			* @return array
121			*
122			* @throws EncryptionException
123			*/
124			public function decryptMsg($msgSignature, $nonce, $timestamp, $postXML)
125			{
126			try {
127			$array = XML::parse($postXML);
128			} catch (BaseException $e) {
129			throw new EncryptionException('Invalid xml.', EncryptionException::ERROR_PARSE_XML);
130			}
131
132			$encrypted = $array['Encrypt'];
133
134			$signature = $this->getSHA1($this->token, $timestamp, $nonce, $encrypted);
135
136			if ($signature !== $msgSignature) {
137			throw new EncryptionException('Invalid Signature.', EncryptionException::ERROR_INVALID_SIGNATURE);
138			}
139
140			return XML::parse($this->decrypt($encrypted, $this->appId));
141			}
142
143			/**
144			* Get SHA1.
145			*
146			* @return string
147			*
148			* @throws EncryptionException
149			*/
150			public function getSHA1()
151			{
152			try {
153			$array = func_get_args();
154			sort($array, SORT_STRING);
155
156			return sha1(implode($array));
157			} catch (BaseException $e) {
158			throw new EncryptionException($e->getMessage(), EncryptionException::ERROR_CALC_SIGNATURE);
159			}
160			}
161
162			/**
163			* Encode string.
164			*
165			* @param string $text
166			*
167			* @return string
168			*/
169			public function encode($text)
170			{
171			$padAmount = $this->blockSize - (strlen($text) % $this->blockSize);
172
173			$padAmount = $padAmount !== 0 ? $padAmount : $this->blockSize;
174
175			$padChr = chr($padAmount);
176
177			$tmp = '';
178
179			for ($index = 0; $index < $padAmount; ++$index) {
180			$tmp .= $padChr;
181			}
182
183			return $text.$tmp;
184			}
185
186			/**
187			* Decode string.
188			*
189			* @param string $decrypted
190			*
191			* @return string
192			*/
193			public function decode($decrypted)
194			{
195			$pad = ord(substr($decrypted, -1));
196
197			if ($pad < 1 \|\| $pad > $this->blockSize) {
198			$pad = 0;
199			}
200
201			return substr($decrypted, 0, (strlen($decrypted) - $pad));
202			}
203
204			/**
205			* Return AESKey.
206			*
207			* @return string
208			*
209			* @throws InvalidConfigException
210			*/
211			protected function getAESKey()
212			{
213			if (empty($this->AESKey) \|\| strlen($this->AESKey) !== 43) {
214			throw new InvalidConfigException("Configuration mission, 'aes_key' is required.");
215			}
216
217			return base64_decode($this->AESKey.'=', true);
218			}
219
220			/**
221			* Encrypt string.
222			*
223			* @param string $text
224			* @param string $appId
225			*
226			* @return string
227			*
228			* @throws EncryptionException
229			*/
230			private function encrypt($text, $appId)
231			{
232			try {
233			$key = $this->getAESKey();
234			$random = $this->getRandomStr();
235			$text = $random.pack('N', strlen($text)).$text.$appId;
236
237			// $size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
238			$module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
239			$iv = substr($key, 0, 16);
240
241			$text = $this->encode($text);
242
243			mcrypt_generic_init($module, $key, $iv);
244
245			$encrypted = mcrypt_generic($module, $text);
246			mcrypt_generic_deinit($module);
247			mcrypt_module_close($module);
248
249			return base64_encode($encrypted);
250			} catch (BaseException $e) {
251			throw new EncryptionException($e->getMessage(), EncryptionException::ERROR_ENCRYPT_AES);
252			}
253			}
254
255			/**
256			* Decrypt message.
257			*
258			* @param string $encrypted
259			* @param string $appId
260			*
261			* @return string
262			*
263			* @throws EncryptionException
264			*/
265			private function decrypt($encrypted, $appId)
266			{
267			try {
268			$key = $this->getAESKey();
269			$ciphertext = base64_decode($encrypted, true);
270			$module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
271			$iv = substr($key, 0, 16);
272
273			mcrypt_generic_init($module, $key, $iv);
274
275			$decrypted = mdecrypt_generic($module, $ciphertext);
276			mcrypt_generic_deinit($module);
277			mcrypt_module_close($module);
278			} catch (BaseException $e) {
279			throw new EncryptionException($e->getMessage(), EncryptionException::ERROR_DECRYPT_AES);
280			}
281
282			try {
283			$result = $this->decode($decrypted);
284
285			if (strlen($result) < 16) {
286			return '';
287			}
288
289			$content = substr($result, 16, strlen($result));
290			$listLen = unpack('N', substr($content, 0, 4));
291			$xmlLen = $listLen[1];
292			$xml = substr($content, 4, $xmlLen);
293			$fromAppId = trim(substr($content, $xmlLen + 4));
294			} catch (BaseException $e) {
295			throw new EncryptionException($e->getMessage(), EncryptionException::ERROR_INVALID_XML);
296			}
297
298			if ($fromAppId !== $appId) {
299			throw new EncryptionException('Invalid appId.', EncryptionException::ERROR_INVALID_APPID);
300			}
301
302			return $xml;
303			}
304
305			/**
306			* Generate random string.
307			*
308			* @return string
309			*/
310			private function getRandomStr()
311			{
312			return substr(str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz'), 0, 16);
313			}
314			}
315

overtrue / wechat

Pull Request — master (#292)

Encryptor A

Complexity

Size/Duplication

Coupling/Cohesion

Importance

10 Methods

Duplication Side-by-Side

Filter issues like