一、创建证书请求、生成公钥私钥
在官网按照文档进行正常操作:https://cloud.tencent.com/document/product/1007/63370
其中要注意的是证书公钥和私钥的生成和保存,即下面的命令的结果是重点:
gmssl pkey -in CAkey.pem -noout -text
图为腾讯云官方文档示例图
图中 f9:b5:87:74 这样的写法为16进制,在程序中使用只需要去掉冒号:即可,即:f9b58774
截止到目前我们已经有了1个文件:
CAkey.pem(通过此文件可重新查看公钥和私钥)(不要尝试通过此文件的字面值自行生成hex形式的公钥和私钥)
二、解密
因为后端语言是php,因此最方便的解决方案是找一个使用php实现的sm2 sm3 sm4库:https://github.com/lpilp/phpsm2sm3sm4
这个库不好的地方在于没有使用文档,不过通过自己查看源码也可以解决使用的问题
另外这个库还要求php安装gmp拓展
关键代码如下:
$des_key = $response['data']['Response']['EidInfo']['DesKey'];
$des_key = bin2hex(base64_decode($des_key));
$user_info = $response['data']['Response']['EidInfo']['UserInfo'];
$user_info = bin2hex(base64_decode($user_info));
$sm2 = new RtSm2();
$sm4Key = $sm2->doDecrypt($des_key, $privatekey_of_hex);
$sm4 = new RtSm4($sm4Key);
$plainText = $sm4->decrypt($user_info, 'sm4-ecb');
三、返回数据格式示例
eid的成功返回信息如下:(其中有值的部分都被xxx代替了)
Array
(
[Response] => Array
(
[BestFrame] => Array
(
[BestFrame] => xxx
[BestFrames] =>
)
[EidInfo] => Array
(
[DesKey] => xxx
[EidCode] => xxx
[EidSign] => xxx
[UserInfo] => xxx
)
[IdCardData] => Array
(
[Avatar] =>
[BackWarnInfos] =>
[OcrBack] => xxx
[OcrFront] => xxx
[ProcessedBackImage] =>
[ProcessedFrontImage] =>
[WarnInfos] =>
)
[IntentionActionResult] =>
[IntentionQuestionResult] => Array
(
[AsrResult] =>
[Audios] =>
[FinalResultCode] =>
[FinalResultDetailCode] =>
[FinalResultMessage] =>
[ResultCode] =>
[ScreenShot] =>
[Video] =>
)
[IntentionVerifyData] => Array
(
[AsrResult] =>
[AsrResultSimilarity] =>
[ErrorCode] => 0
[ErrorMessage] =>
[IntentionVerifyBestFrame] =>
[IntentionVerifyVideo] =>
)
[RequestId] => xxx
[Text] => Array
(
[CompareLibType] => 权威库
[Comparemsg] => 成功
[Comparestatus] => 0
[ErrCode] => 0
[ErrMsg] => 成功
[Extra] =>
[IdCard] =>
[IdInfoFrom] => OCR
[LiveMsg] => 成功
[LiveStatus] => 0
[LivenessDetail] => Array
(
[0] => Array
(
[CompareLibType] => 权威库
[Comparemsg] => 成功
[Comparestatus] => 0
[Errcode] => 0
[Errmsg] => 成功
[Idcard] =>
[IsNeedCharge] => 1
[Livemsg] => 成功
[LivenessMode] => 4
[Livestatus] => 0
[Name] =>
[ReqTime] => xxx
[Seq] => xxx
[Sim] => 93.70
)
)
[LivenessMode] => 4
[Location] =>
[Mobile] =>
[NFCBillingCounts] => 0
[NFCRequestIds] =>
[Name] =>
[OcrAddress] => xxx
[OcrAuthority] => xxx
[OcrBirth] => xxx
[OcrGender] => xxx
[OcrIdCard] =>
[OcrName] =>
[OcrNation] => xxx
[OcrValidDate] => xxx
[PassNo] =>
[Sim] => 93.70
[UseIDType] => 0
[VisaNum] =>
)
[VideoData] => Array
(
[LivenessVideo] =>
)
)
)
eid的未完成(一次认证都未进行)返回信息如下:
Array
(
[Response] => Array
(
[BestFrame] => Array
(
[BestFrame] =>
[BestFrames] =>
)
[EidInfo] => Array
(
[DesKey] =>
[EidCode] =>
[EidSign] =>
[UserInfo] =>
)
[IdCardData] => Array
(
[Avatar] =>
[BackWarnInfos] =>
[OcrBack] =>
[OcrFront] =>
[ProcessedBackImage] =>
[ProcessedFrontImage] =>
[WarnInfos] =>
)
[IntentionActionResult] =>
[IntentionQuestionResult] => Array
(
[AsrResult] =>
[Audios] =>
[FinalResultCode] =>
[FinalResultDetailCode] =>
[FinalResultMessage] =>
[ResultCode] =>
[ScreenShot] =>
[Video] =>
)
[IntentionVerifyData] => Array
(
[AsrResult] =>
[AsrResultSimilarity] =>
[ErrorCode] => 0
[ErrorMessage] =>
[IntentionVerifyBestFrame] =>
[IntentionVerifyVideo] =>
)
[RequestId] => xxx
[Text] => Array
(
[CompareLibType] =>
[Comparemsg] =>
[Comparestatus] =>
[ErrCode] => 17
[ErrMsg] => 本次流程未完成
[Extra] =>
[IdCard] =>
[IdInfoFrom] =>
[LiveMsg] =>
[LiveStatus] =>
[LivenessDetail] =>
[LivenessMode] =>
[Location] =>
[Mobile] =>
[NFCBillingCounts] =>
[NFCRequestIds] =>
[Name] =>
[OcrAddress] =>
[OcrAuthority] =>
[OcrBirth] =>
[OcrGender] =>
[OcrIdCard] =>
[OcrName] =>
[OcrNation] =>
[OcrValidDate] =>
[PassNo] =>
[Sim] =>
[UseIDType] =>
[VisaNum] =>
)
[VideoData] => Array
(
[LivenessVideo] =>
)
)
)
eid的验证不符(多次失败)返回信息如下:
Array
(
[Response] => Array
(
[BestFrame] => Array
(
[BestFrame] => xxx
[BestFrames] =>
)
[EidInfo] => Array
(
[DesKey] =>
[EidCode] =>
[EidSign] =>
[UserInfo] =>
)
[IdCardData] => Array
(
[Avatar] =>
[BackWarnInfos] =>
[OcrBack] => xxx
[OcrFront] => xxx
[ProcessedBackImage] =>
[ProcessedFrontImage] =>
[WarnInfos] =>
)
[IntentionActionResult] =>
[IntentionQuestionResult] => Array
(
[AsrResult] =>
[Audios] =>
[FinalResultCode] =>
[FinalResultDetailCode] =>
[FinalResultMessage] =>
[ResultCode] =>
[ScreenShot] =>
[Video] =>
)
[IntentionVerifyData] => Array
(
[AsrResult] =>
[AsrResultSimilarity] =>
[ErrorCode] => 0
[ErrorMessage] =>
[IntentionVerifyBestFrame] =>
[IntentionVerifyVideo] =>
)
[RequestId] => 24c500d3-3205-4aa2-b0d5-0b7b50e58fcf
[Text] => Array
(
[CompareLibType] => 权威库
[Comparemsg] => 无法判断为同一人,请确认身份后重试
[Comparestatus] => 2016
[ErrCode] => 2016
[ErrMsg] => 比对人脸信息不匹配(10004)
[Extra] =>
[IdCard] =>
[IdInfoFrom] => OCR
[LiveMsg] => 比对人脸信息不匹配(10004)
[LiveStatus] => 2016
[LivenessDetail] => Array
(
[0] => Array
(
[CompareLibType] => 权威库
[Comparemsg] => 无法判断为同一人,请确认身份后重试
[Comparestatus] => 2016
[Errcode] => 2016
[Errmsg] => 无法判断为同一人,请确认身份后重试
[Idcard] =>
[IsNeedCharge] => 1
[Livemsg] => 成功
[LivenessMode] => 4
[Livestatus] => 0
[Name] =>
[ReqTime] => 1729028464111
[Seq] => xxxx
[Sim] => 12.32
)
[1] => Array
(
[CompareLibType] => 权威库
[Comparemsg] => 无法判断为同一人,请确认身份后重试
[Comparestatus] => 2016
[Errcode] => 2016
[Errmsg] => 无法判断为同一人,请确认身份后重试
[Idcard] =>
[IsNeedCharge] => 1
[Livemsg] => 成功
[LivenessMode] => 4
[Livestatus] => 0
[Name] =>
[ReqTime] => 1729028475183
[Seq] => xxxx
[Sim] => 8.46
)
[2] => Array
(
[CompareLibType] => 权威库
[Comparemsg] => 无法判断为同一人,请确认身份后重试
[Comparestatus] => 2016
[Errcode] => 2016
[Errmsg] => 比对人脸信息不匹配(10004)
[Idcard] =>
[IsNeedCharge] => 1
[Livemsg] => 比对人脸信息不匹配(10004)
[LivenessMode] => 4
[Livestatus] => 2016
[Name] =>
[ReqTime] => 1729028485716
[Seq] => xxx
[Sim] => 16.54
)
)
[LivenessMode] => 4
[Location] =>
[Mobile] =>
[NFCBillingCounts] => 0
[NFCRequestIds] =>
[Name] =>
[OcrAddress] => xxx
[OcrAuthority] => xxx
[OcrBirth] => xxx
[OcrGender] => xxx
[OcrIdCard] =>
[OcrName] =>
[OcrNation] => xxx
[OcrValidDate] => xxx
[PassNo] =>
[Sim] => 16.54
[UseIDType] => 0
[VisaNum] =>
)
[VideoData] => Array
(
[LivenessVideo] =>
)
)
)
eid多次失败最后成功的返回如下:
Array
(
[Response] => Array
(
[BestFrame] => Array
(
[BestFrame] => xxx
[BestFrames] =>
)
[EidInfo] => Array
(
[DesKey] => xxx
[EidCode] => xxx
[EidSign] => xxx
[UserInfo] => xxx
)
[IdCardData] => Array
(
[Avatar] =>
[BackWarnInfos] =>
[OcrBack] => xxx
[OcrFront] => xxx
[ProcessedBackImage] =>
[ProcessedFrontImage] =>
[WarnInfos] =>
)
[IntentionActionResult] =>
[IntentionQuestionResult] => Array
(
[AsrResult] =>
[Audios] =>
[FinalResultCode] =>
[FinalResultDetailCode] =>
[FinalResultMessage] =>
[ResultCode] =>
[ScreenShot] =>
[Video] =>
)
[IntentionVerifyData] => Array
(
[AsrResult] =>
[AsrResultSimilarity] =>
[ErrorCode] => 0
[ErrorMessage] =>
[IntentionVerifyBestFrame] =>
[IntentionVerifyVideo] =>
)
[RequestId] => 6c7ef3e0-8de2-4573-b051-da574127925d
[Text] => Array
(
[CompareLibType] => 权威库
[Comparemsg] => 成功
[Comparestatus] => 0
[ErrCode] => 0
[ErrMsg] => 成功
[Extra] =>
[IdCard] =>
[IdInfoFrom] => OCR
[LiveMsg] => 成功
[LiveStatus] => 0
[LivenessDetail] => Array
(
[0] => Array
(
[CompareLibType] => 权威库
[Comparemsg] => 无法判断为同一人,请确认身份后重试
[Comparestatus] => 2016
[Errcode] => 2016
[Errmsg] => 无法判断为同一人,请确认身份后重试
[Idcard] =>
[IsNeedCharge] => 1
[Livemsg] => 成功
[LivenessMode] => 4
[Livestatus] => 0
[Name] =>
[ReqTime] => 1729030387276
[Seq] => xxx
[Sim] => 14.05
)
[1] => Array
(
[CompareLibType] => 权威库
[Comparemsg] => 无法判断为同一人,请确认身份后重试
[Comparestatus] => 2016
[Errcode] => 2016
[Errmsg] => 无法判断为同一人,请确认身份后重试
[Idcard] =>
[IsNeedCharge] => 1
[Livemsg] => 成功
[LivenessMode] => 4
[Livestatus] => 0
[Name] =>
[ReqTime] => 1729030396066
[Seq] => xxx
[Sim] => 14.04
)
[2] => Array
(
[CompareLibType] => 权威库
[Comparemsg] => 成功
[Comparestatus] => 0
[Errcode] => 0
[Errmsg] => 成功
[Idcard] =>
[IsNeedCharge] => 1
[Livemsg] => 成功
[LivenessMode] => 4
[Livestatus] => 0
[Name] =>
[ReqTime] => 1729030408569
[Seq] => xxx
[Sim] => 97.31
)
)
[LivenessMode] => 4
[Location] =>
[Mobile] =>
[NFCBillingCounts] => 0
[NFCRequestIds] =>
[Name] =>
[OcrAddress] => xxx
[OcrAuthority] => xxx
[OcrBirth] => xxx
[OcrGender] => xxx
[OcrIdCard] =>
[OcrName] =>
[OcrNation] => xx
[OcrValidDate] => xxxx
[PassNo] =>
[Sim] => 97.31
[UseIDType] => 0
[VisaNum] =>
)
[VideoData] => Array
(
[LivenessVideo] =>
)
)
)
原创文章,作者:witersen,如若转载,请注明出处:https://www.witersen.com