AgainFly微信小程序encryptedData解密,java版
1.wx.login获取code
利用code到传到后台可以获得openid和sessionKey
微信小程序官网详细说明:小程序官网wx.login方法以及换取openid和sessionKey的说明
wx.login({
success: function(res) {
console.log(res.code);
}
);
2.获取用户额外信息iv和encryptedData
调用小程序自带方法wx.getUserInfo,可以换取到openid,头像,性别,城市,等其他信息
以及iv和encryptedData
官网的详细说明:https://mp.weixin.qq.com/debug/wxadoc/dev/api/open.html#wxgetuserinfoobject
wx.getUserInfo({
success: res => {
console.log("encryptedData:" + res.encryptedData)
console.log("iv:" + res.iv)
}
})
3.根据iv,encryptedData,sessionKey解密出用户数据
官网这里提供了详细的说明,并且有几门语言的案例,我稍微看了下没有java的,所以来写个案例。
依赖:
- bcprov-jdk16-1.46.jar
- fastjson.1.2.6.jar(非必须)
说明:代码中的Base64处理我是用的fastjson工具里面的自带的一个工具类,因为我直接处理成JSONObject格式的对象,你可以替换成任何你喜好的,java也有自带的Base64处理工具
maven依赖:
<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk16 -->
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk16</artifactId>
<version>1.46</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.6</version>
</dependency>
工具类:
package com.againfly.utils;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.util.Base64;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.AlgorithmParameters;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.util.Arrays;
public class WeUtils {
public static JSONObject getUserInfo(String sessionKey, String encryptedData, String iv) throws Exception {
// 被加密的数据
byte[] dataByte = Base64.decodeFast(encryptedData);
// 加密秘钥
byte[] keyByte = Base64.decodeFast(sessionKey);
// 偏移量
byte[] ivByte = Base64.decodeFast(iv);
try {
// 如果密钥不足16位,那么就补足. 这个if 中的内容很重要
int base = 16;
if (keyByte.length % base != 0) {
int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
byte[] temp = new byte[groups * base];
Arrays.fill(temp, (byte) 0);
System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
keyByte = temp;
}
// 初始化
Security.addProvider(new BouncyCastleProvider());
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding","BC");
SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
parameters.init(new IvParameterSpec(ivByte));
cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化
byte[] resultByte = cipher.doFinal(dataByte);
if (null != resultByte && resultByte.length > 0) {
String result = new String(resultByte, "UTF-8");
return JSONObject.parseObject(result);
}
}catch (NoSuchProviderException e) {
e.printStackTrace();
}
return null;
}
}
案例
encryptedData:TWS1OblTeRF3/aM9rmVxIApNIVGvH8yEXooS+Hv1prE1dsx6oRPoSIjLlPMUtjjLfQq4lK6i1KvmkcxWJakjVyLEtVi1R4jXJZw3nOU0z9kgR0yUGnTc1U5fVJ0Y6eZ/p/7ddqWdqcuVyRx9lvxz36KpNzzXYsA2M3rI/e5uLtx+nW4ZSUr4fUWtsm23hmdf6yzBsm1JxgVY+oPJyv2RdbZvMM3JkaSZmi5DZ0why/3Z1sibNE8UO+kHU/hsmEibslQswHZx+iiXFXH4gl/SXp2YnZBevv3xxsHD11uoTEjjHMCQwQRdMHMUzkqreRwVxAesa7H6PbJAaqKZ8gO3svMLBUG1tl5inETiudQHgXA1xc6ZRkOZKQh1zHu1SolZFoGVHyEkM1qk0fZ5gyuPdi0coX7ThpAPO6J10vYb8Vq1jh/ZzuXk+0xZs8xIaXiIeq/Erp8NituuY7nfUplQQw== iv:6lV/19RNeOmN6i3BStOsLw== sessionKey:bxH2tYDAkBDcqi+ZqmTXww==
解密后:
{
"openId": "oXjcB0UuzUu2axh8bxUbS4q_2m7M",
"nickName": "安康🎋",
"gender": 1,
"language": "zh_CN",
"city": "",
"province": "",
"country": "China",
"avatarUrl": "https://wx.qlogo.cn/mmopen/vi_32/ajNVdqHZLLCn9H6Up64ibAbBvC0pr2KvibmwoTbjXNbicBsaza82c5voW4mLoImg4Es4XjDdIzibMY9qf47tOfgmQg/0",
"watermark": {
"timestamp": 1509097785,
"appid": "wx7418352254c459ef"
}
}
最新评论