🔧: 重新定义加密

src/Exceptions/DecryptErrorException.php

@@ -0,0 +1,14 @@
+<?php
+
+
+namespace JoyceZ\LaravelLib\Exceptions;
+
+/**
+ * 解密异常
+ * Class DecryptErrorException
+ * @package JoyceZ\LaravelLib\Exceptions
+ */
+class DecryptErrorException extends \Exception
+{
+
+}

src/Aop/AopPassword.php → src/Security/AopPassword.php

@@ -1,16 +1,15 @@
 <?php
 
 
-namespace JoyceZ\LaravelLib\Aop;
+namespace JoyceZ\LaravelLib\Security;
 
 
 use Illuminate\Support\Str;
 
 /**
  * 密码操作
  * Class AopPassword
- * @author joyecZhang <[email protected]>
- * @package JoyceZ\LaravelLib\Aop
+ * @package JoyceZ\LaravelLib\Security
  */
 class AopPassword
 {
@@ -21,7 +20,7 @@ class AopPassword
      * @param string $salt 加密盐
      * @return $this
      */
-    public function withSalt(string $salt='')
+    public function withSalt(string $salt = '')
     {
         $this->salt = trim($salt) == '' ? config('landao.passport.password_salt') : $salt;
         return $this;
@@ -51,4 +50,4 @@ public function check(string $dbPassword, string $password, string $salt)
     {
         return $this->encrypt($password, $salt) == $dbPassword ? true : false;
     }
-}
+}

src/Aop/AopCrypt.php → src/Security/AopSecurity.php

@@ -1,34 +1,46 @@
 <?php
 
 
-namespace JoyceZ\LaravelLib\Aop;
+namespace JoyceZ\LaravelLib\Security;
 
+
+use JoyceZ\LaravelLib\Exceptions\DecryptErrorException;
 /**
  * 加密工具
  * Class AopCrypt
  * @author alipay  https://github.com/alipay/alipay-sdk-php-all
  * @package JoyceZ\LaravelLib\Aop
  */
-class AopCrypt
+class AopSecurity
 {
     /**
      * 密钥
      * @var string
      */
     protected $screctKey = '';
 
+    protected $scretIv = '';
+
 
     /**
      * 设置密码加密盐
      * @param string $screctKey 加密盐
      * @return $this
      */
-    public function withScrectKey(string $screctKey = '')
+    public function withScrectKey(string $screctKey = '', $iv='')
     {
-        $this->screctKey = trim($screctKey) == '' ? config('landao.crypt.screct_key') : $screctKey;
+        $this->screctKey = trim($screctKey) == '' ? config('landao.security.security_key') : $screctKey;
+        $this->scretIv = trim($iv) == '' ? config('landao.security.security_iv') : $iv;
         return $this;
     }
 
+    public function hmac_md5($input)
+    {
+        $key = base64_decode($this->screctKey);
+
+        return hash_hmac('md5', $input, $key, true);
+    }
+
     /**
      * 加密方法
      * @param string $str
@@ -43,15 +55,17 @@ public function encrypt($str)
 
         //设置全0的IV
 
-        $iv = str_repeat("\0", 16);
+        $iv = $this->scretIv;//str_repeat("\0", 16);
         $encrypt_str = openssl_encrypt($str, 'aes-128-cbc', $screct_key, OPENSSL_NO_PADDING, $iv);
         return base64_encode($encrypt_str);
     }
 
+
     /**
      * 解密方法
-     * @param string $str
-     * @return string
+     * @param $str
+     * @return false|string
+     * @throws DecryptErrorException
      */
     public function decrypt($str)
     {
@@ -60,10 +74,13 @@ public function decrypt($str)
         $screct_key = base64_decode($this->screctKey);
 
         //设置全0的IV
-        $iv = str_repeat("\0", 16);
-        $decrypt_str = openssl_decrypt($str, 'aes-128-cbc', $screct_key, OPENSSL_NO_PADDING, $iv);
-        $decrypt_str = $this->stripPKSC7Padding($decrypt_str);
-        return $decrypt_str;
+        $iv = $this->scretIv;//str_repeat("\0", 16);
+        $decrypted = openssl_decrypt($str, 'aes-128-cbc', $screct_key, OPENSSL_NO_PADDING, $iv);
+        $decrypted = $this->stripPKSC7Padding($decrypted);
+        if (!$decrypted) {
+            throw new DecryptErrorException(sprintf('解密失败，请检查密钥 %s 密文 %s 是否正确?', $screct_key, $str));
+        }
+        return $decrypted;
     }
 
     /**
@@ -98,4 +115,4 @@ private function stripPKSC7Padding($source)
         $source = substr($source, 0, -$num);
         return $source;
     }
-}
+}

src/Traits/EncryptTableDbAttribute.php

@@ -2,7 +2,7 @@
 
 namespace JoyceZ\LaravelLib\Traits;
 
-use JoyceZ\LaravelLib\Aop\AopCrypt;
+use JoyceZ\LaravelLib\Security\AopSecurity;
 
 /**
  * 对数据进行加密
@@ -30,10 +30,9 @@ public function setAttribute($key, $value)
     }
 
     /**
-     * Get a plain attribute (not a relationship).
-     *
-     * @param string $key
-     * @return mixed
+     * @param $key
+     * @return false|string
+     * @throws \JoyceZ\LaravelLib\Exceptions\DecryptErrorException
      */
     public function getAttributeValue($key)
     {
@@ -72,8 +71,8 @@ public function getAttributeValue($key)
 
     /**
      * 将模型的属性转换为数组
-     *
      * @return array
+     * @throws \JoyceZ\LaravelLib\Exceptions\DecryptErrorException
      */
     public function attributesToArray(): array
     {
@@ -109,8 +108,10 @@ public function attributesToArray(): array
     }
 
     /**
+     * 解密字段
      * @param array $attributes
      * @return array
+     * @throws \JoyceZ\LaravelLib\Exceptions\DecryptErrorException
      */
     private function decryptAttributes(array $attributes): array
     {
@@ -132,16 +133,17 @@ private function decryptAttributes(array $attributes): array
      */
     private function encrypt($value)
     {
-        return (new AopCrypt())->withScrectKey()->encrypt($value);
+        return (new AopSecurity())->withScrectKey()->encrypt($value);
     }
 
     /**
      * 解密
-     * @param mixed $value
-     * @return mixed
+     * @param $value
+     * @return false|string
+     * @throws \JoyceZ\LaravelLib\Exceptions\DecryptErrorException
      */
     public function decrypt($value)
     {
-        return (new AopCrypt())->withScrectKey()->decrypt($value);
+        return (new AopSecurity())->withScrectKey()->decrypt($value);
     }
 }

src/config.php

@@ -5,8 +5,9 @@
         'check_captcha_cache_key' => 'captcha_uniqid',
         'password_salt' => env('LANDAO_PASSPORT_PASSWORD_SALT', env('APP_KEY'))
     ],
-    'crypt' => [
-        'screct_key' => env('LANDAO_CRYPT_SCRECT_KEY', env('APP_KEY'))
+    'security' => [
+        'security_key' => env('LANDAO_CRYPT_SECURITY_KEY', md5('landao_admin')),
+        'security_iv' => env('LANDAO_CRYPT_SECURITY_IV', str_repeat("\0", 16))
     ],
     'captcha' => [
         'charset' => 'abcdefghkmnprstuvwxyzABCDEFGHKMNPRSTUVWXYZ23456789',