Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Encryptor基类hack导致小程序的sessionKey base64_decode失败 #614

Closed
tinpont opened this issue Mar 21, 2017 · 9 comments
Closed

Encryptor基类hack导致小程序的sessionKey base64_decode失败 #614

tinpont opened this issue Mar 21, 2017 · 9 comments

Comments

@tinpont
Copy link

tinpont commented Mar 21, 2017

我用的环境

PHP 版本:PHP 7.1
overtrue/wechat 版本:3.2.5

问题及现象

https://github.com/overtrue/wechat/blob/a2edf275e665402ae0225123aba9a9ea407eb0c8/src/Encryption/Encryptor.php#L229

此行代码在后面将AESKey添加了一个=号,导致小程序的sessionKey base64_decode失败,解密不出数据。这里为什么要补一个=号?为什么不在源头上解决这个问题?

[2017-03-22 00:27:27] local.INFO: session key: X6JK4X7h8uv39mvUeWZbPg==, iv: obJsPBkWKDyam25vEXBlRg==  
[2017-03-22 00:27:27] local.INFO: key length: 0, iv length: 16
@tinpont
Copy link
Author

tinpont commented Mar 21, 2017

补充:去掉附加的=号后,代码执行没问题。即:

        return base64_decode($this->AESKey.'=', true);

改为

        return base64_decode($this->AESKey, true);

@overtrue
Copy link
Collaborator

这里为什么要补一个=号?为什么不在源头上解决这个问题?
@tinpont 这部分代码是从微信官方算法改过来的,所以请验证你的修改在其它功能上比如公众平台的接口请求上是否正常

@tinpont
Copy link
Author

tinpont commented Mar 22, 2017

@overtrue 此问题的本质应该是,MiniProgram使用了Encrypter基类进行了解密,然后https://github.com/overtrue/wechat/blob/a2edf275e665402ae0225123aba9a9ea407eb0c8/src/MiniProgram/Encryption/Encryptor.php#L85 getAESKey的时候自动将它补等号了导致key decode失败,所以要修改应该也是在MiniProgram/Encryption/Encryptor.php,我可以提交一个pr

@overtrue
Copy link
Collaborator

@mingyoung

@overtrue
Copy link
Collaborator

@tinpont 我知道啊,但是他们应该是使用的同一个加密解密方案,所以这里需要谨慎测试

@tinpont
Copy link
Author

tinpont commented Mar 22, 2017

@mingyoung 另外有个跟此问题无关的规范问题我想提一下,就是

    /**
     * Decrypt data.
     *
     * @param $encrypted
     *
     * @return string
     */
    public function decryptData($encrypted)
    {
        return $this->decrypt($encrypted);
    }

    /**
     * Decrypt data.
     *
     * @param string $encrypted
     *
     * @return Collection
     *
     * @throws EncryptionException
     */
    private function decrypt($encrypted)
    {
        try {
            $key = $this->getAESKey();
            $ciphertext = base64_decode($encrypted, true);

            $decrypted = openssl_decrypt($ciphertext, 'aes-128-cbc', $key, OPENSSL_RAW_DATA | OPENSSL_NO_PADDING, $this->iv);

            $result = $this->decode($decrypted);
        } catch (BaseException $e) {
            throw new EncryptionException($e->getMessage(), EncryptionException::ERROR_DECRYPT_AES);
        }

        $result = json_decode($result, true);

        return new Collection($result);
    }

这段代码理应遵循parent class的规范,decrypt方法只是作为解密用途,理应只做解密处理,decryptData才是将数据格式化处理的地方,返回格式化后的数据。

PS: decryptData方法的返回类型写错了,昨晚我做的时候IDE一直提示我类型不匹配。

@mingyoung
Copy link
Collaborator

@tinpont 好的,我看看❤️

@tinpont
Copy link
Author

tinpont commented Mar 22, 2017

@mingyoung Thanks for your contributions!!

@mingyoung
Copy link
Collaborator

#615

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@overtrue @tinpont @mingyoung