银联接口的mcrypt_cbc问题-php教程-PHP中文网

首页

后端开发

php教程

银联接口的mcrypt_cbc问题

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jun 23, 2016 pm 01:28 PM

用了php5.5 银联接口netpayclient.php 的mcrypt_cbc不能用了，该怎么替换？

  // This file is protected by copyright law & provided under license. Copyright(C) 2005-2009 www.chinapay.com, All rights reserved.// This file is protected by copyright law & provided under license. Copyright(C) 2005-2009 www.chinapay.com, All rights reserved.define("DES_KEY", "SCUBEPGW");define("HASH_PAD", "0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff003021300906052b0e03021a05000414");bcscale(0);$private_key = array(); /*function hex2bin($hexdata) {    $bindata = '';    if (strlen($hexdata) % 2 == 1) {        $hexdata = '0' . $hexdata;    }    for ($i = 0; $i < strlen($hexdata); $i+=2) {        $bindata .= chr(hexdec(substr($hexdata, $i, 2)));    }    return $bindata;}*/ function padstr($src, $len = 256, $chr = '0', $d = 'L') {    $ret = trim($src);    $padlen = $len - strlen($ret);    if ($padlen > 0) {        $pad = str_repeat($chr, $padlen);        if (strtoupper($d) == 'L') {            $ret = $pad . $ret;        } else {            $ret = $ret . $pad;        }    }    return $ret;} function bin2int($bindata) {    $hexdata = bin2hex($bindata);    return bchexdec($hexdata);} function bchexdec($hexdata) {    $ret = '0';    $len = strlen($hexdata);    for ($i = 0; $i < $len; $i++) {        $hex = substr($hexdata, $i, 1);        $dec = hexdec($hex);        $exp = $len - $i - 1;        $pow = bcpow('16', $exp);        $tmp = bcmul($dec, $pow);        $ret = bcadd($ret, $tmp);    }    return $ret;} function bcdechex($decdata) {    $s = $decdata;    $ret = '';    while ($s != '0') {        $m = bcmod($s, '16');        $s = bcdiv($s, '16');        $hex = dechex($m);        $ret = $hex . $ret;    }    return $ret;} function sha1_128($string) {    $hash = sha1($string);    $sha_bin = hex2bin($hash);    $sha_pad = hex2bin(HASH_PAD);    return $sha_pad . $sha_bin;} function mybcpowmod($num, $pow, $mod) {    if (function_exists('bcpowmod')) {        return bcpowmod($num, $pow, $mod);    }    return emubcpowmod($num, $pow, $mod);} function emubcpowmod($num, $pow, $mod) {    $result = '1';    do {        if (!bccomp(bcmod($pow, '2'), '1')) {            $result = bcmod(bcmul($result, $num), $mod);        }        $num = bcmod(bcpow($num, '2'), $mod);        $pow = bcdiv($pow, '2');    } while (bccomp($pow, '0'));    return $result;} function rsa_encrypt($private_key, $input) {    $p = bin2int($private_key["prime1"]);    $q = bin2int($private_key["prime2"]);    $u = bin2int($private_key["coefficient"]);    $dP = bin2int($private_key["prime_exponent1"]);    $dQ = bin2int($private_key["prime_exponent2"]);    $c = bin2int($input);    $cp = bcmod($c, $p);    $cq = bcmod($c, $q);    $a = mybcpowmod($cp, $dP, $p);    $b = mybcpowmod($cq, $dQ, $q);    if (bccomp($a, $b) >= 0) {        $result = bcsub($a, $b);    } else {        $result = bcsub($b, $a);        $result = bcsub($p, $result);    }    $result = bcmod($result, $p);    $result = bcmul($result, $u);    $result = bcmod($result, $p);    $result = bcmul($result, $q);    $result = bcadd($result, $b);    $ret = bcdechex($result);    $ret = strtoupper(padstr($ret));    return (strlen($ret) == 256) ? $ret : false;} function rsa_decrypt($input) {    global $private_key;    $check = bchexdec($input);    $modulus = bin2int($private_key["modulus"]);    $exponent = bchexdec("010001");    $result = bcpowmod($check, $exponent, $modulus);    $rb = bcdechex($result);    return strtoupper(padstr($rb));} function buildKey($key) {    global $private_key;    if (count($private_key) > 0) {        foreach ($private_key as $name => $value) {            unset($private_key[$name]);        }    }    $ret = false;    $key_file = parse_ini_file($key);    if (!$key_file) {        return $ret;    }    $hex = "";    if (array_key_exists("MERID", $key_file)) {        $ret = $key_file["MERID"];        $private_key["MERID"] = $ret;        $hex = substr($key_file["prikeyS"], 80);    } else    if (array_key_exists("PGID", $key_file)) {        $ret = $key_file["PGID"];        $private_key["PGID"] = $ret;        $hex = substr($key_file["pubkeyS"], 48);    } else {        return $ret;    }    $bin = hex2bin($hex);    $private_key["modulus"] = substr($bin, 0, 128);    $cipher = MCRYPT_DES;    $iv = str_repeat("\x00", 8);    $prime1 = substr($bin, 384, 64);    $enc = mcrypt_cbc($cipher, DES_KEY, $prime1, MCRYPT_DECRYPT, $iv);    $private_key["prime1"] = $enc;    $prime2 = substr($bin, 448, 64);    $enc = mcrypt_cbc($cipher, DES_KEY, $prime2, MCRYPT_DECRYPT, $iv);    $private_key["prime2"] = $enc;    $prime_exponent1 = substr($bin, 512, 64);    $enc = mcrypt_cbc($cipher, DES_KEY, $prime_exponent1, MCRYPT_DECRYPT, $iv);    $private_key["prime_exponent1"] = $enc;    $prime_exponent2 = substr($bin, 576, 64);    $enc = mcrypt_cbc($cipher, DES_KEY, $prime_exponent2, MCRYPT_DECRYPT, $iv);    $private_key["prime_exponent2"] = $enc;    $coefficient = substr($bin, 640, 64);    $enc = mcrypt_cbc($cipher, DES_KEY, $coefficient, MCRYPT_DECRYPT, $iv);    $private_key["coefficient"] = $enc;    return $ret;} function sign($msg) {    global $private_key;    if (!array_key_exists("MERID", $private_key)) {        return false;    }    $hb = sha1_128($msg);    return rsa_encrypt($private_key, $hb);} function signOrder($merid, $ordno, $amount, $curyid, $transdate, $transtype) {    if (strlen($merid) != 15)        return false;    if (strlen($ordno) != 16)        return false;    if (strlen($amount) != 12)        return false;    if (strlen($curyid) != 3)        return false;    if (strlen($transdate) != 8)        return false;    if (strlen($transtype) != 4)        return false;    $plain = $merid . $ordno . $amount . $curyid . $transdate . $transtype;    return sign($plain);} function verify($plain, $check) {    global $private_key;    if (!array_key_exists("PGID", $private_key)) {        return false;    }    if (strlen($check) != 256) {        return false;    }    $hb = sha1_128($plain);    $hbhex = strtoupper(bin2hex($hb));    $rbhex = rsa_decrypt($check);    return $hbhex == $rbhex ? true : false;} function verifyTransResponse($merid, $ordno, $amount, $curyid, $transdate, $transtype, $ordstatus, $check) {    if (strlen($merid) != 15)        return false;    if (strlen($ordno) != 16)        return false;    if (strlen($amount) != 12)        return false;    if (strlen($curyid) != 3)        return false;    if (strlen($transdate) != 8)        return false;    if (strlen($transtype) != 4)        return false;    if (strlen($ordstatus) != 4)        return false;    if (strlen($check) != 256)        return false;    $plain = $merid . $ordno . $amount . $curyid . $transdate . $transtype . $ordstatus;    return verify($plain, $check);}

回复讨论(解决方案)

自PHP 5.5.0起,此函数已经被废弃。强烈建议不要使用此函数。
http://www.php.net/manual/zh/function.mcrypt-cbc.php

我知道弃用了，但是银联的接口用的就是这个，我想知道怎么改，谢谢

声明

本文内容由网友自发贡献，版权归原作者所有，本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容，请联系admin@php.cn

您如何防止与会议有关的跨站点脚本（XSS）攻击？Apr 23, 2025 am 12:16 AM

要保护应用免受与会话相关的XSS攻击，需采取以下措施：1.设置HttpOnly和Secure标志保护会话cookie。2.对所有用户输入进行输出编码。3.实施内容安全策略(CSP)限制脚本来源。通过这些策略，可以有效防护会话相关的XSS攻击，确保用户数据安全。

您如何优化PHP会话性能？Apr 23, 2025 am 12:13 AM

优化PHP会话性能的方法包括：1.延迟会话启动，2.使用数据库存储会话，3.压缩会话数据，4.管理会话生命周期，5.实现会话共享。这些策略能显着提升应用在高并发环境下的效率。

什么是session.gc_maxlifetime配置设置？Apr 23, 2025 am 12:10 AM

thesession.gc_maxlifetimesettinginphpdeterminesthelifespanofsessiondata，setInSeconds.1）它'sconfiguredinphp.iniorviaini_set（）.2）abalanceIsiseededeedeedeedeedeedeedto to to avoidperformance andununununununexpectedLogOgouts.3）

您如何在PHP中配置会话名？Apr 23, 2025 am 12:08 AM

在PHP中，可以使用session_name()函数配置会话名称。具体步骤如下：1.使用session_name()函数设置会话名称，例如session_name("my_session")。2.在设置会话名称后，调用session_start()启动会话。配置会话名称可以避免多应用间的会话数据冲突，并增强安全性，但需注意会话名称的唯一性、安全性、长度和设置时机。

您应该多久再生一次会话ID？Apr 23, 2025 am 12:03 AM

会话ID应在登录时、敏感操作前和每30分钟定期重新生成。1.登录时重新生成会话ID可防会话固定攻击。2.敏感操作前重新生成提高安全性。3.定期重新生成降低长期利用风险，但需权衡用户体验。

如何在PHP中设置会话cookie参数？Apr 22, 2025 pm 05:33 PM

在PHP中设置会话cookie参数可以通过session_set_cookie_params()函数实现。1)使用该函数设置参数，如过期时间、路径、域名、安全标志等；2)调用session_start()使参数生效；3)根据需求动态调整参数，如用户登录状态；4)注意设置secure和httponly标志以提升安全性。