吉刻api加密分析

api 安装逆向

1.获取栏目略

2.获取文章
{"type":1,"chnlid":"ff80b5b5576f937501576fa7d0130000","newid":"2465668"}

替换栏目值,然后MD5上述字符串（大写）。
加密字符串，代码案例给出
请求地址：http://app.chinajilin.com.cn/App/mobile/api
请求内容：

{
    "body": "z\/L84RA1\/EP7fMmAja7zqBs0Lr+H7pfD5+Ht4pmy+rSBbK84ypFqqoRUUdla SZxc697DIVd7tIrV5m4cXW8WUHvN6krb84SQg55OT+dswi8=",
    "header": {
        "length": "72",
        "md5": "44AB67E805202CE4F9A126881E5D7940",
        "num": "AE1002",
        "token": "71E61F81A057493F96CBFCDF7DFF8532",
        "cc": "1",
        "encrypt": "true",
        "version": "2.0.0"
    }
}

在此输入正文

<?php
  $key=bin2hex('u7ysDglRTDWu65CF_aWsDA==');
  $key = pack('H48',$key);//取48字节24个字符
  $iv='12345678';
  $msg = 'z\/L84RA1\/EP7fMmAja7zqBs0Lr+H7pfD5+Ht4pmy+rSBbK84ypFqqoRUUdla SZxc697DIVd7tIrV5m4cXW8WUHvN6krb84SQg55OT+dswi8=';
  $des = new STD3Des(base64_encode($key),base64_encode($iv));//mode：cbc
  $rs1 = $des->decrypt($msg);
  echo 'md5：'.strtoupper(md5($rs1)) ;
  echo '加密：'.$des->encrypt($rs1);
  echo '解密：'.($rs1) ;
class STD3Des {
    private $key  = "";
    private $iv   = "";
    private $mode = MCRYPT_MODE_CBC;
    /**
     * 构造，传递二个已经进行base64_encode的KEY与IV
     *
     * @param string $key
     * @param string $iv
     */
    function __construct($key, $iv = null) {
        if (empty($key)) {
            echo 'key is not valid';
            exit();
        }
        if ($iv == null) {
            $iv         = $key;
            $this->mode = MCRYPT_MODE_ECB;
        }
        $this->key = $key;
        $this->iv  = $iv;
    }
    /**
     * 加密
     * @param <type> $value
     * @return <type>
     */
    public function encrypt($value) {
        $td    = mcrypt_module_open(MCRYPT_3DES, '', $this->mode, '');
        $iv    = $this->mode == MCRYPT_MODE_CBC ? base64_decode($this->iv) : mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
        $value = $this->PaddingPKCS7($value);
        $key   = base64_decode($this->key);
        mcrypt_generic_init($td, $key, $iv);
        $dec   = mcrypt_generic($td, $value);
        $ret   = base64_encode($dec);
        mcrypt_generic_deinit($td);
        mcrypt_module_close($td);
        return $ret;
    }
    /**
     * 解密
     * @param <type> $value
     * @return <type>
     */
    public function decrypt($value) {
        $td  = mcrypt_module_open(MCRYPT_3DES, '', $this->mode, '');
        $iv  = $this->mode == MCRYPT_MODE_CBC ? base64_decode($this->iv) : mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND);
        $key = base64_decode($this->key);
        mcrypt_generic_init($td, $key, $iv);
        $ret = trim(mdecrypt_generic($td, base64_decode($value)));
        $ret = $this->UnPaddingPKCS7($ret);
        mcrypt_generic_deinit($td);
        mcrypt_module_close($td);
        return $ret;
    }
    private function PaddingPKCS7($data) {
        $block_size   = mcrypt_get_block_size('tripledes', $this->mode);
        $padding_char = $block_size - (strlen($data) % $block_size);
        $data .= str_repeat(chr($padding_char), $padding_char);
        return $data;
    }
    private function UnPaddingPKCS7($text) {
        $pad = ord($text{strlen($text) - 1});
        if ($pad > strlen($text)) {
            return false;
        }
        if (strspn($text, chr($pad), strlen($text) - $pad) != $pad) {
            return false;
        }
        return substr($text, 0, -1 * $pad);
    }
}