Home Explore Help
Register Sign In
gyfl
/
xyzshop
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: cda31e1b9d
Branches Tags
xyzshop
/
test
/
TestSecurity.php

TestSecurity.php 12 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * Created by PhpStorm.
    4. 

  4.  * User: stanley-king
    5. 

  5.  * Date: 2018/12/12
    6. 

  6.  * Time: 11:01 AM
    7. 

  7.  */
    8. 

  8. declare(strict_types=1);
    9. 

  9. 

  10. define('APP_ID', 'test');
    11. 

  11. define('BASE_ROOT_PATH', str_replace('/test', '', dirname(__FILE__)));
    12. 

  12. require_once(BASE_ROOT_PATH . '/global.php');
    13. 

  13. require_once(BASE_CORE_PATH . '/lrlz.php');
    14. 

  14. require_once(BASE_ROOT_PATH . '/fooder.php');
    15. 

  15. 

  16. use PHPUnit\Framework\TestCase;
    17. 

  17. 

  18. class TestAddData extends TestCase
    19. 

  19. {
    20. 

  20.     public static function setUpBeforeClass() : void
    21. 

  21.     {
    22. 

  22.         Base::run_util();
    23. 

  23.     }
    24. 

  24. 

  25.     public function testDecode()
    26. 

  26.     {
    27. 

  27.         $x = 'eyJpdiI6InpmVEFJOEtCNkxaL3Q5UHB4TFZOK2c9PSIsImVuY3J5cHRlZERhdGEiOiI0NWpJL2dsVXBBc1lpRTZXWVJ1bjlUeXVrUFlVTmJqRysxRy9MYnNQcUZFeTNUZFVROSsvTzNNTEZOaGJIbEdUdzdDMVhwN0lEbTdkQ1dVNVd4Z21sUzRYSGNNR2wrbUR5ZnVWcDAvNjhmVU81ajQ5eU1tNzZkRnl0NnZvOGtpRWxqdStCN0dBQzN6M3hpakhuY0dGbWl4Ujhwd1k2SnN0eWZQb3gzSHlpaFg2ZGE4cHZrbisxK0FLOVNyR0JsRGlCUFI4cUJzbkkxbzNlVzZ5YkRGQzVBPT0ifQ%253D%253D';
    28. 

  28.         $x = urldecode($x);
    29. 

  29.         $y = urldecode($x);
    30. 

  30. 

  31.         $user = base64_decode($y);
    32. 

  32.         $z = json_decode($user,true);
    33. 

  33.         Log::record("{$z}",Log::DEBUG);
    34. 

  34.     }
    35. 

  35. 

  36. 

  37.     public function testPay()
    38. 

  38.     {
    39. 

  39.         $pri_key = BASE_DATA_PATH .'/api/alipay/key/rsa_private_key.pem';
    40. 

  40.         $pub_key = BASE_DATA_PATH.'/api/alipay/key/alipay_public_key.pem';
    41. 

  41. 

  42.         $key = file_get_contents($pri_key);
    43. 

  43.         $pri = openssl_get_privatekey($key);
    44. 

  44.         $err = openssl_error_string();
    45. 

  45. //
    46. 

  46.         $key = file_get_contents($pub_key);
    47. 

  47.         $pub = openssl_get_publickey($key);
    48. 

  48.         $err = openssl_error_string();
    49. 

  49. 

  50.         $body = 'discount=0.00&payment_type=1&subject=%E5%AE%9E%E7%89%A9%E8%AE%A2%E5%8D%95_580507223514222365&trade_no=2016012721001004800042946454&buyer_email=13911129867&gmt_create=2016-01-27+15%3A25%3A29&notify_type=trade_status_sync&quantity=1&out_trade_no=580507223514222365&seller_id=2088121219613123&notify_time=2016-01-27+15%3A25%3A29&body=%E5%95%86%E5%93%81%E8%AF%A6%E6%83%85&trade_status=WAIT_BUYER_PAY&is_total_fee_adjust=Y&total_fee=8.00&seller_email=napheir.ao%40lrlz.com&price=8.00&buyer_id=2088202332994802&notify_id=66af3b99b765d046d2d533eaf6558fcm68&use_coupon=N';
    51. 

  51.         $body = 'discount=0.00&payment_type=1&subject=%E5%AE%9E%E7%89%A9%E8%AE%A2%E5%8D%95_280507226197761365&trade_no=2016012721001004800047345139&buyer_email=13911129867&gmt_create=2016-01-27+16%3A10%3A55&notify_type=trade_status_sync&quantity=1&out_trade_no=280507226197761365&seller_id=2088121219613123&notify_time=2016-01-27+16%3A10%3A55&body=%E5%95%86%E5%93%81%E8%AF%A6%E6%83%85&trade_status=WAIT_BUYER_PAY&is_total_fee_adjust=Y&total_fee=8.00&seller_email=napheir.ao%40lrlz.com&price=8.00&buyer_id=2088202332994802&notify_id=44d5cc359f27f5cb6e31fb10f480fb0m68&use_coupon=N';
    52. 

  52.         openssl_sign($body, $signed, $pri);
    53. 

  53. 

  54.         $res = openssl_verify($body, $signed, $pub);
    55. 

  55.         $err = openssl_error_string();
    56. 

  56. 

  57.         $s = base64_encode($signed);
    58. 

  58.         $s = urlencode($s);
    59. 

  59. 

  60.         $sign='lnxpRmnHsaeUoPgtCrGm%2FtWohi3ORJk85q9Ic6X4c10q9O%2FASMXA2Z%2BzAH9%2BgPZAwsMywUA9O4HQ3ZCCrSpPhzJ8hEQ8Dc2SsMnvmeY6UqA7Zi6MZBTSeU1AuV3IV0tN4DTpnuk9ceetwQhNEwCiRo9vjrC%2B0TTHGfXb94OfJuM%3D';
    61. 

  61.         $signx = urldecode($sign);
    62. 

  62.         $signy = base64_decode($signx);
    63. 

  63. 

  64.         $res = openssl_verify($body, $signy, $pub);
    65. 

  65.         $err = openssl_error_string();
    66. 

  66. 

  67. //        openssl_encrypt()
    68. 

  68. //
    69. 

  69. //
    70. 

  70. //    $signed = base64_encode($signed);
    71. 

  71. //    $signed = urlencode($signed);
    72. 

  72. //
    73. 

  73. //    $body = 'body=%E5%95%86%E5%93%81%E8%AF%A6%E6%83%85&buyer_email=bestcoolbear%40163.com&buyer_id=2088402949754402&discount=0.00&gmt_create=2015-12-31+14%3A51%3A41&gmt_payment=2015-12-31+14%3A51%3A41&is_total_fee_adjust=N&notify_id=35ceee6a4348f21bb27838770223ad0j34&notify_time=2015-12-31+14%3A51%3A41&notify_type=trade_status_sync&out_trade_no=150504888692984277&payment_type=1&price=0.01&quantity=1&seller_email=napheir.ao%40lrlz.com&seller_id=2088121219613123&subject=%E5%AE%9E%E7%89%A9%E8%AE%A2%E5%8D%95_150504888692984277&total_fee=0.01&trade_no=2015123121001004400035472261&trade_status=TRADE_SUCCESS&use_coupon=N';
    74. 

  74. //    $data = 'gNvKQd0GXULuvr%2F1FKjQrKVI%2BeT%2B8qz2ohSohfkzn%2Fx5ajMUdDD1zBXsxbv9%2FJZbaLq7KihhJmlb28E02S6hI9OlG7f7%2BTJ%2FTtrh8Xy2%2FYiU2KNpjtowS%2FM3io23lgfyQgIEQ0xIpyMZg4NRdaoW6thnrgQzs%2B9rY57iFgdG%2B24%3D';
    75. 

  75. //    openssl_sign($body, $sig, $pri);
    76. 

  76. //    $sig64 = base64_encode($sig);
    77. 

  77. //    $res = openssl_verify($body, $sig, $pub);
    78. 

  78. //    $err = openssl_error_string();
    79. 

  79.     }
    80. 

  80. 

  81.     public static function zero_iv($ivlen) {
    82. 

  82.         $result = '';
    83. 

  83.         for ($i = 0; $i < $ivlen; ++$i) {
    84. 

  84.             $result .= chr(0);
    85. 

  85.         }
    86. 

  86.         return $result;
    87. 

  87.     }
    88. 

  88.     public function testEncrypt()
    89. 

  89.     {
    90. 

  90.         $plaintext = "message to be encrypted";
    91. 

  91.         $cipher="AES-128-CBC";
    92. 

  92.         $ivlen = openssl_cipher_iv_length($cipher);
    93. 

  93. //        $iv = openssl_random_pseudo_bytes($ivlen);
    94. 

  94.         $iv = self::zero_iv($ivlen);
    95. 

  95.         $key = '55668899';
    96. 

  96.         $ciphertext = openssl_encrypt($plaintext, $cipher, $key, 0, $iv);
    97. 

  97.         $original_plaintext = openssl_decrypt($ciphertext, $cipher, $key, 0, $iv);
    98. 

  98. 

  99. 

  100. 

  101.     }
    102. 

  102.     public function testDecrypt()
    103. 

  103.     {
    104. 

  104.         $ciphers = openssl_get_cipher_methods();
    105. 

  105.         $cipher_text = 'pvmi16xnV6C3/1O8637DUKMTuNuZruETPg5TXE8rs78=';
    106. 

  106.         $cipher="AES-128-CBC";
    107. 

  107.         $ivlen = openssl_cipher_iv_length($cipher);
    108. 

  108.         $iv = self::zero_iv($ivlen);
    109. 

  109.         $key = '55668899';
    110. 

  110.         $plaintext = openssl_decrypt($cipher_text, $cipher, $key, 0, $iv);
    111. 

  111.     }
    112. 

  112. 

  113.     public function testSign()
    114. 

  114.     {
    115. 

  115.         //$body= 'body=order_sn=8000000000295701&buyer_email=13911129867&buyer_id=2088202332994802&discount=0.00&gmt_create=2016-10-29 20:51:36&gmt_payment=2016-10-29 20:51:37&is_total_fee_adjust=N&notify_id=0960c111697dbcdfbedad9ed94625adm6a&notify_time=2016-10-29 20:51:38&notify_type=trade_status_sync&out_trade_no=650531089488891490&payment_type=1&price=1.80&quantity=1&seller_email=napheir.ao@lrlz.com&seller_id=2088121219613123&subject=实物订单_650531089488891490&total_fee=1.80&trade_no=2016102921001004800260656982&trade_status=TRADE_SUCCESS&use_coupon=N';
    116. 

  116. 

  117.         $body = "xxxxffff";
    118. 

  118. 

  119.         $pri_key = BASE_DATA_PATH .'/api/alipay/key/rsa_private_key.pem';
    120. 

  120.         $pub_key = BASE_DATA_PATH.'/api/alipay/key/alipay_public_key.pem';
    121. 

  121. 

  122.         $key = file_get_contents($pri_key);
    123. 

  123.         $pri = openssl_get_privatekey($key);
    124. 

  124.         openssl_sign($body, $signed, $pri);
    125. 

  125.         $sign = base64_encode($signed);
    126. 

  126. 

  127.         $key = file_get_contents($pub_key);
    128. 

  128.         $pub = openssl_get_publickey($key);
    129. 

  129. 

  130.         $res = openssl_verify($body, $signed, $pub);
    131. 

  131.     }
    132. 

  132. 

  133.     public function testB64()
    134. 

  134.     {
    135. 

  135.         $pub_key = BASE_DATA_PATH.'/api/alipay/key/alipay_public_key.pem';
    136. 

  136. 

  137.         $key = file_get_contents($pub_key);
    138. 

  138.         $pub = openssl_get_publickey($key);
    139. 

  139.         $err = openssl_error_string();
    140. 

  140. 

  141.         $data = 'MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAL+I5/3VVhfpc3TmsUjuwc8mrZycavjuE4MV9Z+EXDvPy55PAYjDvKfMtRMCsJYgO4R0fyyb1OhvglyXUKLFajxOhUm/4K2hnI1E/+8zPbY0CU5Osr4C9sxWHtY66ugTx+O4W3e4CxYTfHn+C6EuiYJ2DWJig+Obphd8CPFYFzLxAgMBAAECgYA+og9zEytXIHEv/ixlNCZOjlBhkUjt5DSfPjQXGNpseLQWLbHLvm5X1Po1oECMpzevRcU8mizSYXyYuKaWw8XMJ7/CC6A8fSBdlUeLEfTfisurEnzeUsal2K/n+WAAFj+TUncnqYtEqCCT+9c4jVkfik7FNxjbcio9p27QKDzYwQJBAOlWs593knByuSFOVnIiphhKlZy+6MUxquxhP+3NlXVaTCHHbBl8xt3fLqLmrXPUHvAt39wJ8fAvLDuNUQgP2gkCQQDSIt7bZi2hmzqfXK9rqVyJ16o0Hwqa8Z6PYhodSSsf61h3+wxdEpDFxIV9JnPWBPhCxcX+d1VddyLZacXbKuupAkBpwFesID8II5Zv19cp5zYrsDHaVlOce4QhmXmlxxTDmOcEMCN38asXhzzVq4JVCn/zDnd0fDVgS6DaZJOi+bwxAkAJg2iheCvCsDtkMZcDgcRdvTTIbUtWnm+2QBO8la5tIIN90xDJOejx+yar9syxuMHgjAGdtptXwugB/cbmWDgZAkEAiRoMv6p7WKNU34kZqpvXMIhN6hUihquVFZDJ7wiBr1tCLw/kW3uhciCViM68FgLStuefTfssgr9+oHVw/o4GjA==';
    142. 

  142.         $pem = "-----BEGIN PUBLIC KEY-----\n" . $data . "-----END PUBLIC KEY-----\n";
    143. 

  143.         $x = openssl_pkey_get_private($pem);
    144. 

  144.         $y = openssl_error_string();
    145. 

  145.     }
    146. 

  146. 

  147.     public function testLocalSign()
    148. 

  148.     {
    149. 

  149. 

  150. //        $pri_key = BASE_DATA_PATH.'/api/alipay/key/rsa_private_key.pem';
    151. 

  151. //        $pub_key = BASE_DATA_PATH.'/api/alipay/key/rsa_public_key.pem';
    152. 

  152. 

  153.         $body ='body=order_sn=8000000000295404&buyer_email=13911129867&buyer_id=2088202332994802&discount=0.00&gmt_create=2016-10-29 20:24:18&gmt_payment=2016-10-29 20:24:18&is_total_fee_adjust=N&notify_id=f29b67caf1da662d7210f04b3675f3am6a&notify_time=2016-10-29 23:52:32&notify_type=trade_status_sync&out_trade_no=850531087853085490&payment_type=1&price=0.76&quantity=1&seller_email=napheir.ao@lrlz.com&seller_id=2088121219613123&subject=实物订单_850531087853085490&total_fee=0.76&trade_no=2016102921001004800260616422&trade_status=TRADE_SUCCESS&use_coupon=N';
    154. 

  154.         $sign ='WG+9QtqYOlmxVRzTVyso2toN1wOxXz4aBUS7ZRL7nzvDCdXaZRU3I2bN8EZ2pcag8DiU6eUXI99YY0MaTjnAJgGGESzd5S1KHDSg0ZNdsZueaLhmYQNGpap7jyRxBSDNIR+tEPU5FzgDivU4uK4f5PWu0FiOd9jOfXLIkGneRxg=';
    155. 

  155. 

  156.         $pub_key = '/Users/stanley-king/Desktop/payment/alipay/key/alipay_public_key.pem';
    157. 

  157. 

  158. //        $pri_key = '/Users/stanley-king/.ssh/rsa_private_key.pem';
    159. 

  159. //        $pub_key = '/Users/stanley-king/.ssh/rsa_public_key.pem';
    160. 

  160. 

  161. //        $pri_key = '/Users/stanley-king/work/PHPProject/rsa_private_key.pem';
    162. 

  162. //        $pub_key = '/Users/stanley-king/work/PHPProject/rsa_public_key.pem';
    163. 

  163. 

  164. //        $key = file_get_contents($pri_key);
    165. 

  165. //        $pri = openssl_get_privatekey($key);
    166. 

  166. //        openssl_sign($body, $signed, $pri);
    167. 

  167. //        $sign = base64_encode($signed);
    168. 

  168. 

  169.         $key = file_get_contents($pub_key);
    170. 

  170.         $pub = openssl_get_publickey($key);
    171. 

  171. 

  172.         $signed = base64_decode($sign);
    173. 

  173. 

  174.         $res = openssl_verify($body, $signed, $pub);
    175. 

  175.     }
    176. 

  176. 

  177.     public function testCmbpay()
    178. 

  178.     {
    179. 

  179.         $x = 'BranchID=0021&CoNo=006438&BillNo=5320089577&Amount=2.05&Date=20161030&ExpireTimeSpan=30&MerchantUrl=http%3A%2F%2F121.43.114.153%2Fmobile%2Fcmbpay_notify.php&MerchantPara=pay_sn%3A610531141658503490%7Corder_sn%3A8000000000298701%7Cmember_id%3A36490&MerchantCode=%7C4xKshccAHleC65HWnU828KX1n5MtZAcd1Ma4XfVTwPibT3QJLqgRwZhxSclZyyV8WE%2Fkv8jT01eYd1y%2Aed6SsJHw2BuxSoIqGeXL4b0HMTqYaZ%2AcGEyJ4n8nVYW7vDn%2AM%2FvnDRoCuahqmft0i2suJlgZP07w36WzDPmN9SKRd60%2A4HCG2GdSy0gJ1f8tcW9C7qW6ltC7XzWlZ9yJnuKeDSJ4JHzSy24invATyz8qOuehypiWCCRLYouNCJorAqFETHZgB5kfEEJzH%2AODIf24Fywe%2Amuib96thBMGwJ1A%2AuLl4FqlchHx6QYCUyxxRNcmnF7YPkfcQs43g4ekaiHKudxmAZ%2AwJMKxPRen3g9TUyXvqSW%2FpxyPELKlKJQYUGodBn6kZN0yQ7Pw%7C4fd51f4fe55b76e5e17538d7969b2fdd8f0b8e67&MerchantRetUrl=http%3A%2F%2F121.43.114.153%2Fmobile%2Findex.php&MerchantRetPara=act%3Dpay_return%26op%3Dcmbpay%26pay_sn%3D610531141658503490%26order_sn%3D8000000000298701%26member_id%3D36490';
    180. 

  180.         $y = urldecode($x);
    181. 

  181.     }
    182. 

  182. 

  183.     public function testPubkey()
    184. 

  184.     {
    185. 

  185.         $file = fopen('/Users/stanley-king/work/PHPProject/public.key','r');
    186. 

  186.         $data = fread($file,1024);
    187. 

  187.         fclose($file);
    188. 

  188.         $base64 = base64_encode($data);
    189. 

  189.     }
    190. 

  190. 

  191.     public function testPublicKey()
    192. 

  192.     {
    193. 

  193.         $CMPPAY_ONLINE = true;
    194. 

  194.         if($CMPPAY_ONLINE == true) {
    195. 

  195.             $pub_key = 'MIGJAoGBALKsktbh7j9O9pM0p7qnxxImgODqxjpiT7Xl2bvZCywJtwsNI6CchqAagOYGJjG0NZsnjFunTw5YM9TD5KxsUOILAL6IaNMH/fWREhVjkUDJ4CYtLWlKozElvXRp1iZxf66yHHhN4t7TE5S9NWpEBSn37TEfFLU99Go1WReI1XN1AgMBAAE=';
    196. 

  196.         } else {
    197. 

  197.             $pub_key = 'MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALuUIwMGhvbpCwYzKCMzvSMQiLAAj5y74cN09N1TXVONPWhvLWkuzEPSd1ogPJLWiVyEG7gEIBT3zTlCV+NMou0CAwEAAQ==';
    198. 

  198.         }
    199. 

  199. 

  200.         $pk = chunk_split($pub_key, 64, "\n");
    201. 

  201.         $pk = "-----BEGIN PUBLIC KEY-----\n{$pk}-----END PUBLIC KEY-----\n";
    202. 

  202. 

  203.         $pkid = openssl_pkey_get_public($pub_key);
    204. 

  204.     }
    205. 

  205. 

  206.     public function priKey()
    207. 

  207.     {
    208. 

  208.         $pri_key = BASE_DATA_PATH . '/api/alipay/key/lrlz_private_key.pem';
    209. 

  209.         $key = file_get_contents($pri_key);
    210. 

  210.         return $key;
    211. 

  211.     }
    212. 

  212. 

  213.     public function pubKey()
    214. 

  214.     {
    215. 

  215.         $pub_key = BASE_DATA_PATH . '/api/alipay/key/lrlz_public_key.pem';
    216. 

  216.         $key = file_get_contents($pub_key);
    217. 

  217. 

  218.         return $key;
    219. 

  219.     }
    220. 

  220. 

  221.     public function testVerify()
    222. 

  222.     {
    223. 

  223.         $body = "act=login&channel=0&client_type=mini&op=wxauthen&relay_id=0&user_info=%5Bobject%20Object%5D";
    224. 

  224.         $sign64 = 'jm0ieDFHo+7sDsIg4Jt7W+hqvX8O6Qq6uLqIP7N2pdH07K7A3qDqc5ymDayiwp/wgMEgEACkqPV8P8z6xP/jdduyu6DmZqkjt00EXfHXTglhd58Y4BMVqTtf53LeMN+U+Z9F5L2Y/2mFyI0q+tv1XGDtOqLiHUeiRSzdfE1qyso=';
    225. 

  225. 

  226. //        $pri = openssl_get_privatekey($this->priKey());
    227. 

  227. //        openssl_sign($body, $signed, $pri);
    228. 

  228. //        $sign = base64_encode($signed);
    229. 

  229.         $signed = base64_decode($sign64);
    230. 

  230. 

  231.         $pub = openssl_get_publickey($this->pubKey());
    232. 

  232.         $res = openssl_verify($body, $signed, $pub);
    233. 

  233.     }
    234. 

  234. 

  235. }
    236.