使用PHP,实现查询天府通余额

来源：互联网发布：阿里云怎么购买服务器编辑：程序博客网时间：2024/04/28 07:38

成都的巴适公交APP可以查询天府通余额,于是想将其移植到PHP代码上

解压apk,dex2jar反编译classes.dex为jar,用jd-gui.exe打开就可以看见代码了

public List<CardRechargeBean> getCardRechargeByNum(String paramString) { ArrayList localArrayList = new ArrayList(); localArrayList.add(new BasicNameValuePair("mod", "api")); localArrayList.add(new BasicNameValuePair("ac", "BusConsumption")); localArrayList.add(new BasicNameValuePair("op", "1")); localArrayList.add(new BasicNameValuePair("cardno", "0001" + paramString)); StringBuffer localStringBuffer = new StringBuffer(); localStringBuffer.append(Config.BASE_URL); localStringBuffer.append("Bus/QueryTopUp/"); localStringBuffer.append("?cardno=0001" + paramString); localObject1 = new ArrayList(); for (;;) { try { String str = request(getHttpClient(), ParamUtils.generateSignature(localStringBuffer.toString()), null); localJSONObject = new JSONObject(str.toLowerCase()); if (localJSONObject.getInt("status") == 101) { localType = new TypeToken() {}.getType(); System.out.println(">>>sss:" + str); } } catch (Exception localException) { JSONObject localJSONObject; Type localType; localException.printStackTrace(); if ((localException instanceof InterruptedException)) { continue; } (localException instanceof ConnectException); if (localObject1 != null) { continue; } return new ArrayList(); } finally { if (localObject1 != null) { continue; } new ArrayList(); } try { localObject1 = (List)gson.fromJson(localJSONObject.getString("listdata"), localType); if (localObject1 == null) { localObject1 = new ArrayList(); } return localObject1; } finally {} } }[/java][java collapse="true" title="com.guoke.chengdu.bashi.tools.util.ParamUtils"]public static final String generateSignature(String paramString) { if ((paramString != null) && (paramString.contains("http://www.basiapp.com"))) { String[] arrayOfString = paramString.split("[?]"); if (arrayOfString != null) {} try { if (arrayOfString.length > 1) { LogUtils.d(LogUtils.LogAuthor.AUTHOR, "before : " + arrayOfString[1] + "&time=" + getNowTime()); LogUtils.d(LogUtils.LogAuthor.AUTHOR, "after : " + AESUtil.encrypt(new StringBuilder(String.valueOf(arrayOfString[1])).append("&time=").append(getNowTime()).toString())); String str2 = arrayOfString[0] + "?signature=" + AESUtil.encrypt(new StringBuilder(String.valueOf(arrayOfString[1])).append("&time=").append(getNowTime()).toString()); LogUtils.d(LogUtils.LogAuthor.AUTHOR, "split : " + str2); return str2; } String str1 = paramString + "?signature=" + AESUtil.encrypt(new StringBuilder("time=").append(getNowTime()).toString()); LogUtils.d(LogUtils.LogAuthor.AUTHOR, "split : " + str1); return str1; } catch (Exception localException) { localException.printStackTrace(); } } return paramString; } public static final String getNowTime() { return new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date()); }

public static String keyValue = "666AA4DF3533497D973D852004B975BC";public static String encrypt(String paramString) throws Exception { SecretKeySpec localSecretKeySpec = new SecretKeySpec(shortmd5(keyValue), "AES"); Cipher localCipher = Cipher.getInstance("AES"); localCipher.init(1, localSecretKeySpec); return byte2hex(localCipher.doFinal(paramString.getBytes())).toLowerCase(); }

原理就是向http://www.basiapp.com/Bus/BusCardBalance/请求数据
参数为signature,ASC加密数据为cardno=0001XXXXXXXX&time=Y-m-d H:i:s
加密秘钥为666AA4DF3533497D973D852004B975BC的MD5的特殊形式

private static byte[] shortmd5(String paramString)    throws Exception  {    MessageDigest localMessageDigest = MessageDigest.getInstance("MD5");    localMessageDigest.update(paramString.getBytes("UTF-8"));    return localMessageDigest.digest();  }

与

md5('',true)

等同

接下来是获得URL地址,从而获得所需数据(8位卡号前面补0001)

class Security {public static function encrypt($input, $key) {$size = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_ECB);$input = Security::pkcs5_pad($input, $size);$td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_ECB, '');$iv = mcrypt_create_iv (mcrypt_enc_get_iv_size($td), MCRYPT_RAND);mcrypt_generic_init($td, $key, $iv);$data = mcrypt_generic($td, $input);mcrypt_generic_deinit($td);mcrypt_module_close($td);$data = bin2hex($data);return $data;} private static function pkcs5_pad ($text, $blocksize) {$pad = $blocksize - (strlen($text) % $blocksize);return $text . str_repeat(chr($pad), $pad);} public static function decrypt($sStr, $sKey) {$decrypted= mcrypt_decrypt(MCRYPT_RIJNDAEL_128,$sKey,base64_decode($sStr),MCRYPT_MODE_ECB); $dec_s = strlen($decrypted);$padding = ord($decrypted[$dec_s-1]);$decrypted = substr($decrypted, 0, -$padding);return $decrypted;} }

获得卡片余额

echo "http://www.basiapp.com/Bus/BusCardBalance/?signature=".Security::encrypt("cardno=0001{$CARD_NO}&time=". date('Y-m-d H:i:s',time()) ,  md5('666AA4DF3533497D973D852004B975BC',true));

BusCardBalance:卡片余额
QueryConsumption:消费记录
QueryTopUp:充值记录

0 0