WebQQ网页hash加密算法PHP版

时间：2015-01-23 来源：西部数据作者：西部数据

由于最近QQ垃圾信息群发严重,官方选择将WebQQ部分功能实现细节方面做了点手脚,其中获取好友的POST值多了一个hash参数,这个hash是在js里加密完成的,以下是js源码:

<script type="text/javascript">

function getHash(b, i) {

    for (var a = i + "password error",

    s = "",

    j = [];;) if (s.length <= a.length) {

        if (s += b, s.length == a.length) break

    } else {

        s = s.slice(0, a.length);

        break

    }

    for (var d = 0; d < s.length; d++) j[d] = s.charCodeAt(d) ^ a.charCodeAt(d);

    a = ["0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "A", "B", "C", "D", "E", "F"];

    s = "";

    for (d = 0; d < j.length; d++) s += a[j[d] >> 4 & 15],

    s += a[j[d] & 15];

    return s;

}

</script>

转成PHP版本处理,源码如下:

<?php

/**

* 获取好友时的POST参数Hash算法

*

* public

* @param string $qq qq号

* @param string $ptwebqq cookies中的ptwebqq

* @return string

*/

function get_hash($qq, $ptwebqq)

{

for ($a = $ptwebqq . "password error", $s = "", $j = array();;)

{

  if (strlen($s) <= strlen($a))

  {

   $s .= $qq;

   if ($s == strlen($a)) break;

  }

  else

  {

   $s = substr($s, 0, strlen($a));

   break;

  }

}

for ($d = 0; $d < strlen($s); $d++)

{

  $j[$d] = uniord(substr($s,$d)) ^ uniord(substr($a,$d));

}

$a = array("0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "A", "B", "C", "D", "E", "F");

$s = "";

for ($d = 0; $d < count($j); $d++)

{

  $s .= $a[$j[$d] >> 4 & 15];

  $s .= $a[$j[$d] & 15];

}

return $s;

}

/**

* 模拟 JavaScript charCodeAt函数

*

* protected

* @param string $str

* @return int

*/

function uniord($str)

{

list(, $ord) = unpack('N', mb_convert_encoding($str, 'UCS-4BE', 'UTF-8'));

return

$ord;

}

/* End of file commons.php */