• PHP API接口签名验证


    hash_hmac

    在php中hash_hmac函数就能将HMAC和一部分哈希加密算法相结合起来实现HMAC-SHA1  HMAC-SHA256 HMAC-MD5等等算法。函数介绍如下:
    string hash_hmac(string $algo, string $data, string $key, bool $raw_output = false)
    algo:要使用的哈希算法名称,可以是上述提到的md5,sha1等
    data:要进行哈希运算的消息,也就是需要加密的明文。
    key:使用HMAC生成信息摘要是所使用的密钥。
    raw_output:该参数为可选参数,默认为false,如果设为true,则返回原始二进制数据表示的信息摘要,否则返回16进制小写字符串格式表示的信息摘要(注意是16进制数,而非简单的字母加数字)。
    另外:如果algo参数指定的不是受支持的算法,将返回false
     
    <head>
        <script src="https://cdn.bootcss.com/blueimp-md5/2.10.0/js/md5.js"></script>
    
    
    </head>
    
    <?php
    header("Content-type: text/html; charset=utf-8");
    
    /**
     * 验证 哈希签名
     */
    function check_hmacSign($array, $token) {
        if (isset($array['sign'])) {
            $orig_sign = $array['sign'];
            unset($array['sign']);
        } else {
            print_r([1000, '签名错误']);
        }
        $newSign = getSign($array,$token);
    
        if ($orig_sign != $newSign) {
            print_r([1000, '签名错误.']);
        }
    }
    
    /**
     * 生成 哈希签名
     * 生成签名步骤&例子如下
     * 0.需要加密的数据:
     * array
     * (
     *    [b] => 1
     *    [B] => 2
     *    [d] => Array
     *          (
     *              [id] => 1
     *           )
     *    [a] => 3
     * )
     * 1. 对需要加密的参数进行字典排序
     * array
     * (
     *    [B] => 2
     *    [a] => 3
     *    [b] => 1
     *    [d] => Array
     *          (
     *              [id] => 1
     *           )
     * )
     * 2. 将Key和Value拼接成字符串(如果值为数组不参与拼接)
     * B=2a=3b=1
     * 3. 拼接字符串全部转为小写
     * b=2a=3b=1
     * 4. 使用hmac的md5加密算法,并且使用token对拼接字符串进行加密【token为luo生成加密数据如下:】
     * 7392a985ecd3cd183ce378cb2813fb68
     */   
    function getSign($array, $token) {
        ksort($array);
        $requestString = '';
        foreach ($array as $k => $v) {
            if(!is_array($v)){
                $requestString .= $k . '=' . $v;
            }
    
        }
    
        $requestString = strtolower($requestString);
        print_r($requestString);
        $newSign = hash_hmac('md5', $requestString, $token);
        return $newSign;
    }
    
    define('token', 'token_test');
    $time = '1!2@3#¥!@#$%^&*()?/、';        
    $DId = '12 .  + * ? [ ^ ] ( $ ) 3';
    $appid = '11✌☪✡☭✯卐✐✎✏✑✒✍✉✁✂✃✄✆✉☎☏➟➡➢➣➤➥➦➧➨➚➘➙➛➜➝➞➸♐2';
    $data = [
        'time' => $time,
        'DId' => $DId,
        'appid' => $appid,
        'info'=>[1,2,'$']
    
    ];
    
    /*    *
     * 客户端 签名
     */
    $sign = getSign($data, token);
    
    
    /**
     * 服务器验证
     */
    $sig = $data;
    $sig['sign'] = $sign;
    check_hmacSign($sig, token);
    
    
    //签名数据
    $data['sign'] = $sign;
    echo '<pre>';
    print_r($data);
    echo '<br>';
    
    ?>
    
    
    
    <script>
    
        /*var postData =<?php echo json_encode($data); ?>;*/
        var postData = {
            time:'<?php echo $time ?>',
            DId:'<?php echo $DId ?>',
            appid:'<?php echo $appid ?>',
            info:[
                1,2,'$'
            ]
        };
        var token ='<?php echo token; ?>';
        /**
         * json 排序 
         * 先排序再toLower,所以Did 在appid 之前
         */
        function jsonSort(jsonObj) {
            let arr = [];
            for (var key in jsonObj) {
                arr.push(key);
            }
            arr.sort();
            let str = '';
         let val = '';
            for (var i in arr) {
                if(typeof (jsonObj[arr[i]]) !== 'object'){
                    //不是数组,进行拼接
    
              val = (jsonObj[arr[i]]).toString();
             str += arr[i].toLowerCase() + "=" + val.toLowerCase(); // val 转换为小写
                }
    
            }
            return str;
        }
    
        strData = jsonSort(postData);
        console.log(strData);
        var sign = md5(strData, token);
        postData['sign'] = sign;
        console.log(postData);
    
    </script>

    md5.js

    /*
     * JavaScript MD5
     * https://github.com/blueimp/JavaScript-MD5
     *
     * Copyright 2011, Sebastian Tschan
     * https://blueimp.net
     *
     * Licensed under the MIT license:
     * https://opensource.org/licenses/MIT
     *
     * Based on
     * A JavaScript implementation of the RSA Data Security, Inc. MD5 Message
     * Digest Algorithm, as defined in RFC 1321.
     * Version 2.2 Copyright (C) Paul Johnston 1999 - 2009
     * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet
     * Distributed under the BSD License
     * See http://pajhome.org.uk/crypt/md5 for more info.
     */
    
    /* global define */
    
    ;(function ($) {
      'use strict'
    
      /*
      * Add integers, wrapping at 2^32. This uses 16-bit operations internally
      * to work around bugs in some JS interpreters.
      */
      function safeAdd (x, y) {
        var lsw = (x & 0xffff) + (y & 0xffff)
        var msw = (x >> 16) + (y >> 16) + (lsw >> 16)
        return (msw << 16) | (lsw & 0xffff)
      }
    
      /*
      * Bitwise rotate a 32-bit number to the left.
      */
      function bitRotateLeft (num, cnt) {
        return (num << cnt) | (num >>> (32 - cnt))
      }
    
      /*
      * These functions implement the four basic operations the algorithm uses.
      */
      function md5cmn (q, a, b, x, s, t) {
        return safeAdd(bitRotateLeft(safeAdd(safeAdd(a, q), safeAdd(x, t)), s), b)
      }
      function md5ff (a, b, c, d, x, s, t) {
        return md5cmn((b & c) | (~b & d), a, b, x, s, t)
      }
      function md5gg (a, b, c, d, x, s, t) {
        return md5cmn((b & d) | (c & ~d), a, b, x, s, t)
      }
      function md5hh (a, b, c, d, x, s, t) {
        return md5cmn(b ^ c ^ d, a, b, x, s, t)
      }
      function md5ii (a, b, c, d, x, s, t) {
        return md5cmn(c ^ (b | ~d), a, b, x, s, t)
      }
    
      /*
      * Calculate the MD5 of an array of little-endian words, and a bit length.
      */
      function binlMD5 (x, len) {
        /* append padding */
        x[len >> 5] |= 0x80 << (len % 32)
        x[((len + 64) >>> 9 << 4) + 14] = len
    
        var i
        var olda
        var oldb
        var oldc
        var oldd
        var a = 1732584193
        var b = -271733879
        var c = -1732584194
        var d = 271733878
    
        for (i = 0; i < x.length; i += 16) {
          olda = a
          oldb = b
          oldc = c
          oldd = d
    
          a = md5ff(a, b, c, d, x[i], 7, -680876936)
          d = md5ff(d, a, b, c, x[i + 1], 12, -389564586)
          c = md5ff(c, d, a, b, x[i + 2], 17, 606105819)
          b = md5ff(b, c, d, a, x[i + 3], 22, -1044525330)
          a = md5ff(a, b, c, d, x[i + 4], 7, -176418897)
          d = md5ff(d, a, b, c, x[i + 5], 12, 1200080426)
          c = md5ff(c, d, a, b, x[i + 6], 17, -1473231341)
          b = md5ff(b, c, d, a, x[i + 7], 22, -45705983)
          a = md5ff(a, b, c, d, x[i + 8], 7, 1770035416)
          d = md5ff(d, a, b, c, x[i + 9], 12, -1958414417)
          c = md5ff(c, d, a, b, x[i + 10], 17, -42063)
          b = md5ff(b, c, d, a, x[i + 11], 22, -1990404162)
          a = md5ff(a, b, c, d, x[i + 12], 7, 1804603682)
          d = md5ff(d, a, b, c, x[i + 13], 12, -40341101)
          c = md5ff(c, d, a, b, x[i + 14], 17, -1502002290)
          b = md5ff(b, c, d, a, x[i + 15], 22, 1236535329)
    
          a = md5gg(a, b, c, d, x[i + 1], 5, -165796510)
          d = md5gg(d, a, b, c, x[i + 6], 9, -1069501632)
          c = md5gg(c, d, a, b, x[i + 11], 14, 643717713)
          b = md5gg(b, c, d, a, x[i], 20, -373897302)
          a = md5gg(a, b, c, d, x[i + 5], 5, -701558691)
          d = md5gg(d, a, b, c, x[i + 10], 9, 38016083)
          c = md5gg(c, d, a, b, x[i + 15], 14, -660478335)
          b = md5gg(b, c, d, a, x[i + 4], 20, -405537848)
          a = md5gg(a, b, c, d, x[i + 9], 5, 568446438)
          d = md5gg(d, a, b, c, x[i + 14], 9, -1019803690)
          c = md5gg(c, d, a, b, x[i + 3], 14, -187363961)
          b = md5gg(b, c, d, a, x[i + 8], 20, 1163531501)
          a = md5gg(a, b, c, d, x[i + 13], 5, -1444681467)
          d = md5gg(d, a, b, c, x[i + 2], 9, -51403784)
          c = md5gg(c, d, a, b, x[i + 7], 14, 1735328473)
          b = md5gg(b, c, d, a, x[i + 12], 20, -1926607734)
    
          a = md5hh(a, b, c, d, x[i + 5], 4, -378558)
          d = md5hh(d, a, b, c, x[i + 8], 11, -2022574463)
          c = md5hh(c, d, a, b, x[i + 11], 16, 1839030562)
          b = md5hh(b, c, d, a, x[i + 14], 23, -35309556)
          a = md5hh(a, b, c, d, x[i + 1], 4, -1530992060)
          d = md5hh(d, a, b, c, x[i + 4], 11, 1272893353)
          c = md5hh(c, d, a, b, x[i + 7], 16, -155497632)
          b = md5hh(b, c, d, a, x[i + 10], 23, -1094730640)
          a = md5hh(a, b, c, d, x[i + 13], 4, 681279174)
          d = md5hh(d, a, b, c, x[i], 11, -358537222)
          c = md5hh(c, d, a, b, x[i + 3], 16, -722521979)
          b = md5hh(b, c, d, a, x[i + 6], 23, 76029189)
          a = md5hh(a, b, c, d, x[i + 9], 4, -640364487)
          d = md5hh(d, a, b, c, x[i + 12], 11, -421815835)
          c = md5hh(c, d, a, b, x[i + 15], 16, 530742520)
          b = md5hh(b, c, d, a, x[i + 2], 23, -995338651)
    
          a = md5ii(a, b, c, d, x[i], 6, -198630844)
          d = md5ii(d, a, b, c, x[i + 7], 10, 1126891415)
          c = md5ii(c, d, a, b, x[i + 14], 15, -1416354905)
          b = md5ii(b, c, d, a, x[i + 5], 21, -57434055)
          a = md5ii(a, b, c, d, x[i + 12], 6, 1700485571)
          d = md5ii(d, a, b, c, x[i + 3], 10, -1894986606)
          c = md5ii(c, d, a, b, x[i + 10], 15, -1051523)
          b = md5ii(b, c, d, a, x[i + 1], 21, -2054922799)
          a = md5ii(a, b, c, d, x[i + 8], 6, 1873313359)
          d = md5ii(d, a, b, c, x[i + 15], 10, -30611744)
          c = md5ii(c, d, a, b, x[i + 6], 15, -1560198380)
          b = md5ii(b, c, d, a, x[i + 13], 21, 1309151649)
          a = md5ii(a, b, c, d, x[i + 4], 6, -145523070)
          d = md5ii(d, a, b, c, x[i + 11], 10, -1120210379)
          c = md5ii(c, d, a, b, x[i + 2], 15, 718787259)
          b = md5ii(b, c, d, a, x[i + 9], 21, -343485551)
    
          a = safeAdd(a, olda)
          b = safeAdd(b, oldb)
          c = safeAdd(c, oldc)
          d = safeAdd(d, oldd)
        }
        return [a, b, c, d]
      }
    
      /*
      * Convert an array of little-endian words to a string
      */
      function binl2rstr (input) {
        var i
        var output = ''
        var length32 = input.length * 32
        for (i = 0; i < length32; i += 8) {
          output += String.fromCharCode((input[i >> 5] >>> (i % 32)) & 0xff)
        }
        return output
      }
    
      /*
      * Convert a raw string to an array of little-endian words
      * Characters >255 have their high-byte silently ignored.
      */
      function rstr2binl (input) {
        var i
        var output = []
        output[(input.length >> 2) - 1] = undefined
        for (i = 0; i < output.length; i += 1) {
          output[i] = 0
        }
        var length8 = input.length * 8
        for (i = 0; i < length8; i += 8) {
          output[i >> 5] |= (input.charCodeAt(i / 8) & 0xff) << (i % 32)
        }
        return output
      }
    
      /*
      * Calculate the MD5 of a raw string
      */
      function rstrMD5 (s) {
        return binl2rstr(binlMD5(rstr2binl(s), s.length * 8))
      }
    
      /*
      * Calculate the HMAC-MD5, of a key and some data (raw strings)
      */
      function rstrHMACMD5 (key, data) {
        var i
        var bkey = rstr2binl(key)
        var ipad = []
        var opad = []
        var hash
        ipad[15] = opad[15] = undefined
        if (bkey.length > 16) {
          bkey = binlMD5(bkey, key.length * 8)
        }
        for (i = 0; i < 16; i += 1) {
          ipad[i] = bkey[i] ^ 0x36363636
          opad[i] = bkey[i] ^ 0x5c5c5c5c
        }
        hash = binlMD5(ipad.concat(rstr2binl(data)), 512 + data.length * 8)
        return binl2rstr(binlMD5(opad.concat(hash), 512 + 128))
      }
    
      /*
      * Convert a raw string to a hex string
      */
      function rstr2hex (input) {
        var hexTab = '0123456789abcdef'
        var output = ''
        var x
        var i
        for (i = 0; i < input.length; i += 1) {
          x = input.charCodeAt(i)
          output += hexTab.charAt((x >>> 4) & 0x0f) + hexTab.charAt(x & 0x0f)
        }
        return output
      }
    
      /*
      * Encode a string as utf-8
      */
      function str2rstrUTF8 (input) {
        return unescape(encodeURIComponent(input))
      }
    
      /*
      * Take string arguments and return either raw or hex encoded strings
      */
      function rawMD5 (s) {
        return rstrMD5(str2rstrUTF8(s))
      }
      function hexMD5 (s) {
        return rstr2hex(rawMD5(s))
      }
      function rawHMACMD5 (k, d) {
        return rstrHMACMD5(str2rstrUTF8(k), str2rstrUTF8(d))
      }
      function hexHMACMD5 (k, d) {
        return rstr2hex(rawHMACMD5(k, d))
      }
    
      function md5 (string, key, raw) {
        if (!key) {
          if (!raw) {
            return hexMD5(string)
          }
          return rawMD5(string)
        }
        if (!raw) {
          return hexHMACMD5(key, string)
        }
        return rawHMACMD5(key, string)
      }
    
      if (typeof define === 'function' && define.amd) {
        define(function () {
          return md5
        })
      } else if (typeof module === 'object' && module.exports) {
        module.exports = md5
      } else {
        $.md5 = md5
      }
    })(this)
    View Code
  • 相关阅读:
    NetCore与 NET Framework 不同的地方
    vue学习一
    C#基础
    css基础学习
    多线程相关教程
    IIS 配置网站
    C#控制台项目更改运行文件
    实现一个自适应网页用到的css知识
    如何让手机一直保持流畅
    TCP/IP网路协议复习
  • 原文地址:https://www.cnblogs.com/-mrl/p/9432353.html
Copyright © 2020-2023  润新知