openssl_decrypt解密的时候有时候是正确的返回，有时候是false，接口从微信服务器返回到都是有数据，有人知道怎么回事吗？

 //服务端api加密
    public static function getRequestParam($url, $req)
    {
        $key = base64_decode(self::apiAES256['key']);
        $sn = self::apiAES256['sn'];
        $appId = self::miniAppID;
        $time = time();
        //16位随机字符
        $nonce = rtrim(base64_encode(random_bytes(16)), '=');
        $addReq = ["_n" => $nonce, "_appid" => $appId, "_timestamp" => $time];
        $realReq = array_merge($addReq, $req);
        $realReq = json_encode($realReq);
        //额外参数
        $aad = $url . "|" . $appId . "|" . $time . "|" . $sn;
        //12位随机字符
        $iv = random_bytes(12);
        //var_dump($iv);
        $cipher = openssl_encrypt($realReq, "aes-256-gcm", $key, 3, $iv, $tag, $aad);
        var_dump($cipher);
        echo PHP_EOL;
        //print_r($tag);
        $iv = base64_encode($iv);
        var_dump($iv);
        echo PHP_EOL;
        $data = base64_encode($cipher);
        $authTag = base64_encode($tag);
        $reqData = ["iv" => $iv, "data" => $data, "authtag" => $authTag];
        //校验本地加密是否正确 非必须
        //$checkParam = self::checkParam($key, $authTag, $iv, $data, $aad);
        return ['ts' => $time, 'reqData' => json_encode($reqData)];
    }
    
    //服务端api签名，$newRe参数是经过服务端api加密后的请求参数
    public static function sign(array $newRe, $url_path)
    {
        $time = $newRe['ts'];
        $key = self::apiRSA256['private_key'];
        $url = $url_path;
        $appId = self::miniAppID;
        $reqData = $newRe['reqData'];
        $payload = "$url\n$appId\n$time\n$reqData";
        $rsa = new RSA();
        $rsa->loadKey($key);
        $rsa->setHash("sha256");
        $rsa->setMGFHash("sha256");
        $signature = $rsa->sign($payload);
        return base64_encode($signature);
    }
    
    
    //服务端验对api返回的加密的结果进行解密，得到真实返回
    public static function jM($ts, $body, $url_path)
    {
        $url = $url_path;
        $appId = self::miniAppID;;
        $sn = self::apiAES256['sn'];
        $aad = $url . '|' . $appId . '|' . $ts . '|' . $sn;
        $key = self::apiAES256['key'];
        $key = base64_decode($key);
        var_dump($body['iv']);
        echo PHP_EOL;
        $iv = base64_decode($body['iv']);
        $data = $body['data'];
        if (strlen($data) % 16) {
            $data = str_pad($data,strlen($data) + 16 - strlen($data) % 16, "\0");
        }
        $data = base64_decode($data);
        $tag = base64_decode($body['authtag']);
        //print_r($tag);
        //print_r($data);
        $result = openssl_decrypt($data, "aes-256-gcm", $key, 3, $iv, $tag, $aad);
        // if (!$result) {
        //     throw new ErrorException();
        // }
        //$result = \Qiniu\json_decode($result,true);
        dd($result);
        return $result;

    }

openssl_decrypt解密的时候有时候是正确的返回，有时候是false，接口从微信服务器返回到都是有数据，有人知道怎么回事吗,

参考文档服务端api签名指南:
https://developers.weixin.qq.com/miniprogram/dev/OpenApiDoc/getting_started/api_signature.html