今天由于某一部分数据比较敏感,所以传输过程需加密,解密后需认证数据是否被篡改,而自己又不大喜欢为了一个小功能就composer require一个大包,所以花2分钟撸了一个,暂时先顶着用用,项目进度太紧凑,无太多时间写出比较优雅的代码
<?php
class Signature
{
public static function makeSign(string $secret_key, string $data, string $alg = 'MD5')
{
if ('MD5' === strtoupper($alg)) {
return strtoupper(md5($data . '&' . $secret_key));
}
if ('SHA256' === strtoupper($alg)) {
return strtoupper(hash_hmac('sha256', $data, $secret_key));
}
return null;
}
public static function checkSign(string $secret_key, string $data, string $sign, string $alg = 'MD5')
{
$real_sign = self::makeSign($secret_key, $data, $alg);
return $sign === $real_sign;
}
}
echo Signature::makeSign('key001', 'helloworld', 'sha256');
// 输出结果:47FB290B88DF9C45A659B0879C097F6B4512ED789E008396BE9229549EE5470E
var_dump(Signature::checkSign('key001', 'helloworld', '47FB290B88DF9C45A659B0879C097F6B4512ED789E008396BE9229549EE5470E', 'sha256'));
// 输出结果 bool(true)