PHP API接口签名验证
hash_hmac
在php中hash_hmac函数就能将HMAC和一部分哈希加密算法相结合起来实现HMAC-SHA1 HMAC-SHA256 HMAC-MD5等等算法。函数介绍如下:
string hash_hmac(string $algo, string $data, string $key, bool $raw_output = false)
algo:要使用的哈希算法名称,可以是上述提到的md5,sha1等
data:要进行哈希运算的消息,也就是需要加密的明文。
key:使用HMAC生成信息摘要是所使用的密钥。
raw_output:该参数为可选参数,默认为false,如果设为true,则返回原始二进制数据表示的信息摘要,否则返回16进制小写字符串格式表示的信息摘要(注意是16进制数,而非简单的字母加数字)。
另外:如果algo参数指定的不是受支持的算法,将返回false
<head> <script src="https://cdn.bootcss.com/blueimp-md5/2.10.0/js/md5.js"></script> </head> <?php header("Content-type: text/html; charset=utf-8"); /** * 验证 哈希签名 */ function check_hmacSign($array, $token) { if (isset($array['sign'])) { $orig_sign = $array['sign']; unset($array['sign']); } else { print_r([1000, '签名错误']); } $newSign = getSign($array,$token); if ($orig_sign != $newSign) { print_r([1000, '签名错误.']); } } /** * 生成 哈希签名 * 生成签名步骤&例子如下 * 0.需要加密的数据: * array * ( * [b] => 1 * [B] => 2 * [d] => Array * ( * [id] => 1 * ) * [a] => 3 * ) * 1. 对需要加密的参数进行字典排序 * array * ( * [B] => 2 * [a] => 3 * [b] => 1 * [d] => Array * ( * [id] => 1 * ) * ) * 2. 将Key和Value拼接成字符串(如果值为数组不参与拼接) * B=2a=3b=1 * 3. 拼接字符串全部转为小写 * b=2a=3b=1 * 4. 使用hmac的md5加密算法,并且使用token对拼接字符串进行加密【token为luo生成加密数据如下:】 * 7392a985ecd3cd183ce378cb2813fb68 */ function getSign($array, $token) { ksort($array); $requestString = ''; foreach ($array as $k => $v) { if(!is_array($v)){ $requestString .= $k . '=' . $v; } } $requestString = strtolower($requestString); print_r($requestString); $newSign = hash_hmac('md5', $requestString, $token); return $newSign; } define('token', 'token_test'); $time = '1!2@3#¥!@#$%^&*()?/、'; $DId = '12 . + * ? [ ^ ] ( $ ) 3'; $appid = '11✌☪✡☭✯卐✐✎✏✑✒✍✉✁✂✃✄✆✉☎☏➟➡➢➣➤➥➦➧➨➚➘➙➛➜➝➞➸♐2'; $data = [ 'time' => $time, 'DId' => $DId, 'appid' => $appid, 'info'=>[1,2,'$'] ]; /* * * 客户端 签名 */ $sign = getSign($data, token); /** * 服务器验证 */ $sig = $data; $sig['sign'] = $sign; check_hmacSign($sig, token); //签名数据 $data['sign'] = $sign; echo '<pre>'; print_r($data); echo '<br>'; ?> <script> /*var postData =<?php echo json_encode($data); ?>;*/ var postData = { time:'<?php echo $time ?>', DId:'<?php echo $DId ?>', appid:'<?php echo $appid ?>', info:[ 1,2,'$' ] }; var token ='<?php echo token; ?>'; /** * json 排序 * 先排序再toLower,所以Did 在appid 之前 */ function jsonSort(jsonObj) { let arr = []; for (var key in jsonObj) { arr.push(key); } arr.sort(); let str = ''; let val = ''; for (var i in arr) { if(typeof (jsonObj[arr[i]]) !== 'object'){ //不是数组,进行拼接 val = (jsonObj[arr[i]]).toString(); str += arr[i].toLowerCase() + "=" + val.toLowerCase(); // val 转换为小写 } } return str; } strData = jsonSort(postData); console.log(strData); var sign = md5(strData, token); postData['sign'] = sign; console.log(postData); </script>
md5.js
/* * JavaScript MD5 * https://github.com/blueimp/JavaScript-MD5 * * Copyright 2011, Sebastian Tschan * https://blueimp.net * * Licensed under the MIT license: * https://opensource.org/licenses/MIT * * Based on * A JavaScript implementation of the RSA Data Security, Inc. MD5 Message * Digest Algorithm, as defined in RFC 1321. * Version 2.2 Copyright (C) Paul Johnston 1999 - 2009 * Other contributors: Greg Holt, Andrew Kepert, Ydnar, Lostinet * Distributed under the BSD License * See http://pajhome.org.uk/crypt/md5 for more info. */ /* global define */ ;(function ($) { 'use strict' /* * Add integers, wrapping at 2^32. This uses 16-bit operations internally * to work around bugs in some JS interpreters. */ function safeAdd (x, y) { var lsw = (x & 0xffff) + (y & 0xffff) var msw = (x >> 16) + (y >> 16) + (lsw >> 16) return (msw << 16) | (lsw & 0xffff) } /* * Bitwise rotate a 32-bit number to the left. */ function bitRotateLeft (num, cnt) { return (num << cnt) | (num >>> (32 - cnt)) } /* * These functions implement the four basic operations the algorithm uses. */ function md5cmn (q, a, b, x, s, t) { return safeAdd(bitRotateLeft(safeAdd(safeAdd(a, q), safeAdd(x, t)), s), b) } function md5ff (a, b, c, d, x, s, t) { return md5cmn((b & c) | (~b & d), a, b, x, s, t) } function md5gg (a, b, c, d, x, s, t) { return md5cmn((b & d) | (c & ~d), a, b, x, s, t) } function md5hh (a, b, c, d, x, s, t) { return md5cmn(b ^ c ^ d, a, b, x, s, t) } function md5ii (a, b, c, d, x, s, t) { return md5cmn(c ^ (b | ~d), a, b, x, s, t) } /* * Calculate the MD5 of an array of little-endian words, and a bit length. */ function binlMD5 (x, len) { /* append padding */ x[len >> 5] |= 0x80 << (len % 32) x[((len + 64) >>> 9 << 4) + 14] = len var i var olda var oldb var oldc var oldd var a = 1732584193 var b = -271733879 var c = -1732584194 var d = 271733878 for (i = 0; i < x.length; i += 16) { olda = a oldb = b oldc = c oldd = d a = md5ff(a, b, c, d, x[i], 7, -680876936) d = md5ff(d, a, b, c, x[i + 1], 12, -389564586) c = md5ff(c, d, a, b, x[i + 2], 17, 606105819) b = md5ff(b, c, d, a, x[i + 3], 22, -1044525330) a = md5ff(a, b, c, d, x[i + 4], 7, -176418897) d = md5ff(d, a, b, c, x[i + 5], 12, 1200080426) c = md5ff(c, d, a, b, x[i + 6], 17, -1473231341) b = md5ff(b, c, d, a, x[i + 7], 22, -45705983) a = md5ff(a, b, c, d, x[i + 8], 7, 1770035416) d = md5ff(d, a, b, c, x[i + 9], 12, -1958414417) c = md5ff(c, d, a, b, x[i + 10], 17, -42063) b = md5ff(b, c, d, a, x[i + 11], 22, -1990404162) a = md5ff(a, b, c, d, x[i + 12], 7, 1804603682) d = md5ff(d, a, b, c, x[i + 13], 12, -40341101) c = md5ff(c, d, a, b, x[i + 14], 17, -1502002290) b = md5ff(b, c, d, a, x[i + 15], 22, 1236535329) a = md5gg(a, b, c, d, x[i + 1], 5, -165796510) d = md5gg(d, a, b, c, x[i + 6], 9, -1069501632) c = md5gg(c, d, a, b, x[i + 11], 14, 643717713) b = md5gg(b, c, d, a, x[i], 20, -373897302) a = md5gg(a, b, c, d, x[i + 5], 5, -701558691) d = md5gg(d, a, b, c, x[i + 10], 9, 38016083) c = md5gg(c, d, a, b, x[i + 15], 14, -660478335) b = md5gg(b, c, d, a, x[i + 4], 20, -405537848) a = md5gg(a, b, c, d, x[i + 9], 5, 568446438) d = md5gg(d, a, b, c, x[i + 14], 9, -1019803690) c = md5gg(c, d, a, b, x[i + 3], 14, -187363961) b = md5gg(b, c, d, a, x[i + 8], 20, 1163531501) a = md5gg(a, b, c, d, x[i + 13], 5, -1444681467) d = md5gg(d, a, b, c, x[i + 2], 9, -51403784) c = md5gg(c, d, a, b, x[i + 7], 14, 1735328473) b = md5gg(b, c, d, a, x[i + 12], 20, -1926607734) a = md5hh(a, b, c, d, x[i + 5], 4, -378558) d = md5hh(d, a, b, c, x[i + 8], 11, -2022574463) c = md5hh(c, d, a, b, x[i + 11], 16, 1839030562) b = md5hh(b, c, d, a, x[i + 14], 23, -35309556) a = md5hh(a, b, c, d, x[i + 1], 4, -1530992060) d = md5hh(d, a, b, c, x[i + 4], 11, 1272893353) c = md5hh(c, d, a, b, x[i + 7], 16, -155497632) b = md5hh(b, c, d, a, x[i + 10], 23, -1094730640) a = md5hh(a, b, c, d, x[i + 13], 4, 681279174) d = md5hh(d, a, b, c, x[i], 11, -358537222) c = md5hh(c, d, a, b, x[i + 3], 16, -722521979) b = md5hh(b, c, d, a, x[i + 6], 23, 76029189) a = md5hh(a, b, c, d, x[i + 9], 4, -640364487) d = md5hh(d, a, b, c, x[i + 12], 11, -421815835) c = md5hh(c, d, a, b, x[i + 15], 16, 530742520) b = md5hh(b, c, d, a, x[i + 2], 23, -995338651) a = md5ii(a, b, c, d, x[i], 6, -198630844) d = md5ii(d, a, b, c, x[i + 7], 10, 1126891415) c = md5ii(c, d, a, b, x[i + 14], 15, -1416354905) b = md5ii(b, c, d, a, x[i + 5], 21, -57434055) a = md5ii(a, b, c, d, x[i + 12], 6, 1700485571) d = md5ii(d, a, b, c, x[i + 3], 10, -1894986606) c = md5ii(c, d, a, b, x[i + 10], 15, -1051523) b = md5ii(b, c, d, a, x[i + 1], 21, -2054922799) a = md5ii(a, b, c, d, x[i + 8], 6, 1873313359) d = md5ii(d, a, b, c, x[i + 15], 10, -30611744) c = md5ii(c, d, a, b, x[i + 6], 15, -1560198380) b = md5ii(b, c, d, a, x[i + 13], 21, 1309151649) a = md5ii(a, b, c, d, x[i + 4], 6, -145523070) d = md5ii(d, a, b, c, x[i + 11], 10, -1120210379) c = md5ii(c, d, a, b, x[i + 2], 15, 718787259) b = md5ii(b, c, d, a, x[i + 9], 21, -343485551) a = safeAdd(a, olda) b = safeAdd(b, oldb) c = safeAdd(c, oldc) d = safeAdd(d, oldd) } return [a, b, c, d] } /* * Convert an array of little-endian words to a string */ function binl2rstr (input) { var i var output = '' var length32 = input.length * 32 for (i = 0; i < length32; i += 8) { output += String.fromCharCode((input[i >> 5] >>> (i % 32)) & 0xff) } return output } /* * Convert a raw string to an array of little-endian words * Characters >255 have their high-byte silently ignored. */ function rstr2binl (input) { var i var output = [] output[(input.length >> 2) - 1] = undefined for (i = 0; i < output.length; i += 1) { output[i] = 0 } var length8 = input.length * 8 for (i = 0; i < length8; i += 8) { output[i >> 5] |= (input.charCodeAt(i / 8) & 0xff) << (i % 32) } return output } /* * Calculate the MD5 of a raw string */ function rstrMD5 (s) { return binl2rstr(binlMD5(rstr2binl(s), s.length * 8)) } /* * Calculate the HMAC-MD5, of a key and some data (raw strings) */ function rstrHMACMD5 (key, data) { var i var bkey = rstr2binl(key) var ipad = [] var opad = [] var hash ipad[15] = opad[15] = undefined if (bkey.length > 16) { bkey = binlMD5(bkey, key.length * 8) } for (i = 0; i < 16; i += 1) { ipad[i] = bkey[i] ^ 0x36363636 opad[i] = bkey[i] ^ 0x5c5c5c5c } hash = binlMD5(ipad.concat(rstr2binl(data)), 512 + data.length * 8) return binl2rstr(binlMD5(opad.concat(hash), 512 + 128)) } /* * Convert a raw string to a hex string */ function rstr2hex (input) { var hexTab = '0123456789abcdef' var output = '' var x var i for (i = 0; i < input.length; i += 1) { x = input.charCodeAt(i) output += hexTab.charAt((x >>> 4) & 0x0f) + hexTab.charAt(x & 0x0f) } return output } /* * Encode a string as utf-8 */ function str2rstrUTF8 (input) { return unescape(encodeURIComponent(input)) } /* * Take string arguments and return either raw or hex encoded strings */ function rawMD5 (s) { return rstrMD5(str2rstrUTF8(s)) } function hexMD5 (s) { return rstr2hex(rawMD5(s)) } function rawHMACMD5 (k, d) { return rstrHMACMD5(str2rstrUTF8(k), str2rstrUTF8(d)) } function hexHMACMD5 (k, d) { return rstr2hex(rawHMACMD5(k, d)) } function md5 (string, key, raw) { if (!key) { if (!raw) { return hexMD5(string) } return rawMD5(string) } if (!raw) { return hexHMACMD5(key, string) } return rawHMACMD5(key, string) } if (typeof define === 'function' && define.amd) { define(function () { return md5 }) } else if (typeof module === 'object' && module.exports) { module.exports = md5 } else { $.md5 = md5 } })(this)