diff --git a/webapp/endecrypt/errorCode.php b/webapp/endecrypt/errorCode.php
new file mode 100644
index 0000000..804d051
--- /dev/null
+++ b/webapp/endecrypt/errorCode.php
@@ -0,0 +1,35 @@
+
+ * -40001: 签名验证错误
+ * -40002: xml解析失败
+ * -40003: sha加密生成签名失败
+ * -40004: encodingAesKey 非法
+ * -40005: appid 校验错误
+ * -40006: aes 加密失败
+ * -40007: aes 解密失败
+ * -40008: 解密后得到的buffer非法
+ * -40009: base64加密失败
+ * -40010: base64解密失败
+ * -40011: 生成xml失败
+ *
+ */
+class ErrorCode
+{
+ public static $OK = 0;
+ public static $ValidateSignatureError = -40001;
+ public static $ParseXmlError = -40002;
+ public static $ComputeSignatureError = -40003;
+ public static $IllegalAesKey = -40004;
+ public static $ValidateAppidError = -40005;
+ public static $EncryptAESError = -40006;
+ public static $DecryptAESError = -40007;
+ public static $IllegalBuffer = -40008;
+ public static $EncodeBase64Error = -40009;
+ public static $DecodeBase64Error = -40010;
+ public static $GenReturnXmlError = -40011;
+}
+
+?>
\ No newline at end of file
diff --git a/webapp/endecrypt/pkcs7Encoder.php b/webapp/endecrypt/pkcs7Encoder.php
new file mode 100644
index 0000000..5dba1dd
--- /dev/null
+++ b/webapp/endecrypt/pkcs7Encoder.php
@@ -0,0 +1,167 @@
+ 32) {
+ $pad = 0;
+ }
+ return substr($text, 0, (strlen($text) - $pad));
+ }
+
+}
+
+/**
+ * Prpcrypt class
+ *
+ * 提供接收和推送给公众平台消息的加解密接口.
+ */
+class Prpcrypt
+{
+ public $key;
+
+ function Prpcrypt($k)
+ {
+ $this->key = base64_decode($k . "=");
+ }
+
+ /**
+ * 对明文进行加密
+ * @param string $text 需要加密的明文
+ * @return string 加密后的密文
+ */
+ public function encrypt($text, $appid)
+ {
+
+ try {
+ //获得16位随机字符串,填充到明文之前
+ $random = $this->getRandomStr();
+ $text = $random . pack("N", strlen($text)) . $text . $appid;
+ // 网络字节序
+ $size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
+ $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
+ $iv = substr($this->key, 0, 16);
+ //使用自定义的填充方式对明文进行补位填充
+ $pkc_encoder = new PKCS7Encoder;
+ $text = $pkc_encoder->encode($text);
+ mcrypt_generic_init($module, $this->key, $iv);
+ //加密
+ $encrypted = mcrypt_generic($module, $text);
+ mcrypt_generic_deinit($module);
+ mcrypt_module_close($module);
+
+ //print(base64_encode($encrypted));
+ //使用BASE64对加密后的字符串进行编码
+ return array(ErrorCode::$OK, base64_encode($encrypted));
+ } catch (Exception $e) {
+ //print $e;
+ return array(ErrorCode::$EncryptAESError, null);
+ }
+ }
+
+ /**
+ * 对密文进行解密
+ * @param string $encrypted 需要解密的密文
+ * @return string 解密得到的明文
+ */
+ public function decrypt($encrypted, $appid)
+ {
+
+ try {
+ //使用BASE64对需要解密的字符串进行解码
+ $ciphertext_dec = base64_decode($encrypted);
+ $module = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, '');
+ $iv = substr($this->key, 0, 16);
+ mcrypt_generic_init($module, $this->key, $iv);
+
+ //解密
+ $decrypted = mdecrypt_generic($module, $ciphertext_dec);
+ mcrypt_generic_deinit($module);
+ mcrypt_module_close($module);
+ } catch (Exception $e) {
+ return array(ErrorCode::$DecryptAESError, null);
+ }
+
+
+ try {
+ //去除补位字符
+ $pkc_encoder = new PKCS7Encoder;
+ $result = $pkc_encoder->decode($decrypted);
+ //去除16位随机字符串,网络字节序和AppId
+ if (strlen($result) < 16)
+ return "";
+ $content = substr($result, 16, strlen($result));
+ $len_list = unpack("N", substr($content, 0, 4));
+ $xml_len = $len_list[1];
+ $xml_content = substr($content, 4, $xml_len);
+ $from_appid = substr($content, $xml_len + 4);
+ } catch (Exception $e) {
+ //print $e;
+ return array(ErrorCode::$IllegalBuffer, null);
+ }
+ if ($from_appid != $appid)
+ return array(ErrorCode::$ValidateAppidError, null);
+ return array(0, $xml_content);
+
+ }
+
+
+ /**
+ * 随机生成16位字符串
+ * @return string 生成的字符串
+ */
+ function getRandomStr()
+ {
+
+ $str = "";
+ $str_pol = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789abcdefghijklmnopqrstuvwxyz";
+ $max = strlen($str_pol) - 1;
+ for ($i = 0; $i < 16; $i++) {
+ $str .= $str_pol[mt_rand(0, $max)];
+ }
+ return $str;
+ }
+
+}
+
+?>
\ No newline at end of file
diff --git a/webapp/endecrypt/sha1.php b/webapp/endecrypt/sha1.php
new file mode 100644
index 0000000..598caf8
--- /dev/null
+++ b/webapp/endecrypt/sha1.php
@@ -0,0 +1,36 @@
+
\ No newline at end of file
diff --git a/webapp/endecrypt/wxBizMsgCrypt.php b/webapp/endecrypt/wxBizMsgCrypt.php
new file mode 100644
index 0000000..652636a
--- /dev/null
+++ b/webapp/endecrypt/wxBizMsgCrypt.php
@@ -0,0 +1,150 @@
+token = $token;
+ $this->encodingAesKey = $encodingAesKey;
+ $this->appId = $appId;
+ }
+
+ /**
+ * 将公众平台回复用户的消息加密打包.
+ *
+ * - 对要发送的消息进行AES-CBC加密
+ * - 生成安全签名
+ * - 将消息密文和安全签名打包成xml格式
+ *
+ *
+ * @param $replyMsg string 公众平台待回复用户的消息,xml格式的字符串
+ * @param $timeStamp string 时间戳,可以自己生成,也可以用URL参数的timestamp
+ * @param $nonce string 随机串,可以自己生成,也可以用URL参数的nonce
+ * @param &$encryptMsg string 加密后的可以直接回复用户的密文,包括msg_signature, timestamp, nonce, encrypt的xml格式的字符串,
+ * 当return返回0时有效
+ *
+ * @return int 成功0,失败返回对应的错误码
+ */
+ public function encryptMsg($replyMsg, $timeStamp, $nonce, &$encryptMsg)
+ {
+ $pc = new Prpcrypt($this->encodingAesKey);
+
+ //加密
+ $array = $pc->encrypt($replyMsg, $this->appId);
+ $ret = $array[0];
+ if ($ret != 0) {
+ return $ret;
+ }
+
+ if ($timeStamp == null) {
+ $timeStamp = time();
+ }
+ $encrypt = $array[1];
+
+ //生成安全签名
+ $sha1 = new SHA1;
+ $array = $sha1->getSHA1($this->token, $timeStamp, $nonce, $encrypt);
+ $ret = $array[0];
+ if ($ret != 0) {
+ return $ret;
+ }
+ $signature = $array[1];
+
+ //生成发送的xml
+ $xmlparse = new XMLParse;
+ $encryptMsg = $xmlparse->generate($encrypt, $signature, $timeStamp, $nonce);
+ return ErrorCode::$OK;
+ }
+
+
+ /**
+ * 检验消息的真实性,并且获取解密后的明文.
+ *
+ * - 利用收到的密文生成安全签名,进行签名验证
+ * - 若验证通过,则提取xml中的加密消息
+ * - 对消息进行解密
+ *
+ *
+ * @param $msgSignature string 签名串,对应URL参数的msg_signature
+ * @param $timestamp string 时间戳 对应URL参数的timestamp
+ * @param $nonce string 随机串,对应URL参数的nonce
+ * @param $postData string 密文,对应POST请求的数据
+ * @param &$msg string 解密后的原文,当return返回0时有效
+ *
+ * @return int 成功0,失败返回对应的错误码
+ */
+ public function decryptMsg($msgSignature, $timestamp = null, $nonce, $postData, &$msg)
+ {
+ if (strlen($this->encodingAesKey) != 43) {
+ return ErrorCode::$IllegalAesKey;
+ }
+
+ $pc = new Prpcrypt($this->encodingAesKey);
+
+ //提取密文
+ $xmlparse = new XMLParse;
+ $array = $xmlparse->extract($postData);
+ $ret = $array[0];
+
+ if ($ret != 0) {
+ return $ret;
+ }
+
+ if ($timestamp == null) {
+ $timestamp = time();
+ }
+
+ $encrypt = $array[1];
+ $touser_name = $array[2];
+
+ //验证安全签名
+ $sha1 = new SHA1;
+ $array = $sha1->getSHA1($this->token, $timestamp, $nonce, $encrypt);
+ $ret = $array[0];
+
+ if ($ret != 0) {
+ return $ret;
+ }
+
+ $signature = $array[1];
+ if ($signature != $msgSignature) {
+ return ErrorCode::$ValidateSignatureError;
+ }
+
+ $result = $pc->decrypt($encrypt, $this->appId);
+ if ($result[0] != 0) {
+ return $result[0];
+ }
+ $msg = $result[1];
+
+ return ErrorCode::$OK;
+ }
+
+}
+
diff --git a/webapp/endecrypt/xmlparse.php b/webapp/endecrypt/xmlparse.php
new file mode 100644
index 0000000..ad57762
--- /dev/null
+++ b/webapp/endecrypt/xmlparse.php
@@ -0,0 +1,55 @@
+loadXML($xmltext);
+ $array_e = $xml->getElementsByTagName('Encrypt');
+ $array_a = $xml->getElementsByTagName('ToUserName');
+ $encrypt = $array_e->item(0)->nodeValue;
+ $tousername = $array_a->item(0)->nodeValue;
+ return array(0, $encrypt, $tousername);
+ } catch (Exception $e) {
+ //print $e . "\n";
+ return array(ErrorCode::$ParseXmlError, null, null);
+ }
+ }
+
+ /**
+ * 生成xml消息
+ * @param string $encrypt 加密后的消息密文
+ * @param string $signature 安全签名
+ * @param string $timestamp 时间戳
+ * @param string $nonce 随机字符串
+ */
+ public function generate($encrypt, $signature, $timestamp, $nonce)
+ {
+ $format = "
+
+
+%s
+
+";
+ return sprintf($format, $encrypt, $signature, $timestamp, $nonce);
+ }
+
+}
+
+
+?>
\ No newline at end of file