微信小程序encryptedData解密,java版
1.wx.login获取code
利用code到传到后台可以获得openid和sessionKey
微信小程序官网详细说明:小程序官网wx.login方法以及换取openid和sessionKey的说明
wx.login({ success: function(res) { console.log(res.code); } );
2.获取用户额外信息iv和encryptedData
调用小程序自带方法wx.getUserInfo,可以换取到openid,头像,性别,城市,等其他信息
以及iv和encryptedData
官网的详细说明:https://mp.weixin.qq.com/debug/wxadoc/dev/api/open.html#wxgetuserinfoobject
wx.getUserInfo({ success: res => { console.log("encryptedData:" + res.encryptedData) console.log("iv:" + res.iv) } })
3.根据iv,encryptedData,sessionKey解密出用户数据
官网这里提供了详细的说明,并且有几门语言的案例,我稍微看了下没有java的,所以来写个案例。
依赖:
- bcprov-jdk16-1.46.jar
- fastjson.1.2.6.jar(非必须)
说明:代码中的Base64处理我是用的fastjson工具里面的自带的一个工具类,因为我直接处理成JSONObject格式的对象,你可以替换成任何你喜好的,java也有自带的Base64处理工具
maven依赖:
<!-- https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk16 --> <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk16</artifactId> <version>1.46</version> </dependency> <dependency> <groupId>com.alibaba</groupId> <artifactId>fastjson</artifactId> <version>1.2.6</version> </dependency>
工具类:
package com.againfly.utils; import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.util.Base64; import org.bouncycastle.jce.provider.BouncyCastleProvider; import javax.crypto.Cipher; import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import java.security.AlgorithmParameters; import java.security.NoSuchProviderException; import java.security.Security; import java.util.Arrays; public class WeUtils { public static JSONObject getUserInfo(String sessionKey, String encryptedData, String iv) throws Exception { // 被加密的数据 byte[] dataByte = Base64.decodeFast(encryptedData); // 加密秘钥 byte[] keyByte = Base64.decodeFast(sessionKey); // 偏移量 byte[] ivByte = Base64.decodeFast(iv); try { // 如果密钥不足16位,那么就补足. 这个if 中的内容很重要 int base = 16; if (keyByte.length % base != 0) { int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0); byte[] temp = new byte[groups * base]; Arrays.fill(temp, (byte) 0); System.arraycopy(keyByte, 0, temp, 0, keyByte.length); keyByte = temp; } // 初始化 Security.addProvider(new BouncyCastleProvider()); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding","BC"); SecretKeySpec spec = new SecretKeySpec(keyByte, "AES"); AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES"); parameters.init(new IvParameterSpec(ivByte)); cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化 byte[] resultByte = cipher.doFinal(dataByte); if (null != resultByte && resultByte.length > 0) { String result = new String(resultByte, "UTF-8"); return JSONObject.parseObject(result); } }catch (NoSuchProviderException e) { e.printStackTrace(); } return null; } }
案例
encryptedData:TWS1OblTeRF3/aM9rmVxIApNIVGvH8yEXooS+Hv1prE1dsx6oRPoSIjLlPMUtjjLfQq4lK6i1KvmkcxWJakjVyLEtVi1R4jXJZw3nOU0z9kgR0yUGnTc1U5fVJ0Y6eZ/p/7ddqWdqcuVyRx9lvxz36KpNzzXYsA2M3rI/e5uLtx+nW4ZSUr4fUWtsm23hmdf6yzBsm1JxgVY+oPJyv2RdbZvMM3JkaSZmi5DZ0why/3Z1sibNE8UO+kHU/hsmEibslQswHZx+iiXFXH4gl/SXp2YnZBevv3xxsHD11uoTEjjHMCQwQRdMHMUzkqreRwVxAesa7H6PbJAaqKZ8gO3svMLBUG1tl5inETiudQHgXA1xc6ZRkOZKQh1zHu1SolZFoGVHyEkM1qk0fZ5gyuPdi0coX7ThpAPO6J10vYb8Vq1jh/ZzuXk+0xZs8xIaXiIeq/Erp8NituuY7nfUplQQw== iv:6lV/19RNeOmN6i3BStOsLw== sessionKey:bxH2tYDAkBDcqi+ZqmTXww==
解密后:
{ "openId": "oXjcB0UuzUu2axh8bxUbS4q_2m7M", "nickName": "安康🎋", "gender": 1, "language": "zh_CN", "city": "", "province": "", "country": "China", "avatarUrl": "https://wx.qlogo.cn/mmopen/vi_32/ajNVdqHZLLCn9H6Up64ibAbBvC0pr2KvibmwoTbjXNbicBsaza82c5voW4mLoImg4Es4XjDdIzibMY9qf47tOfgmQg/0", "watermark": { "timestamp": 1509097785, "appid": "wx7418352254c459ef" } }
最新评论