微信小程序加密数据解密的java实现

首先借鉴了两篇文章:

http://www.cnblogs.com/nosqlcoco/p/6105749.html

http://blog.csdn.net/sinat_29519243/article/details/70186622


首先吐槽一下,微信小程序这个设计,其实密文中包含的用于开发的有用信息并不是很多。...

解密后的类似:

{"openId":"oy9H90Nqxxxxxxxxxxx0BJmuw",

"nickName":"xxxxxxxxx",

"gender":1,

"language":"zh_CN",

"city":"city",

"province":"province",

"country":"country",

"avatarUrl":"https://wx.qlogo.cn/mmopen/vi_32/xxxxxxxxOcvbibeJxx0",

"watermark":{"timestamp":timestamp,"appid":"wx58b6xxxxxxxxx627"

}



解密需要登录的时候 提供的几个参数:

1. 密文:encryptedData

2. session_key

3. 偏移向量 iv


登录的几个东西如何获取这里简单说下:

1. session_ID的获取:wx.login()函数的返回里面包含了CODE.利用这个CODE,到这个地址去交换:

https://api.weixin.qq.com/sns/jscode2session?grant_type=authorization_code&js_code=CODE&appid=APPID&secret=APP_SRCRET。

2. iv和encryptedData的获取:wx.getUserInfo()的调用的时候,同时设置属性withCredentials: true,


wx.getUserInfo({ withCredentials: true, success: function(res) { console.log(res) that.globalData.userInfo = res.userInfo typeof cb == "function" && cb(that.globalData.userInfo) } })


就可以获取到所有的参数。


============================= 分割线 ========================================


java侧实现解密需要如下的包:

1. bcprov-jdk15on-157.jar ----主要是AES解码

2. commons-codec-1.10.jar ----主要是base64编码


核心代码:

 

Map map = new HashMap();  
       try {  
               byte[] resultByte  = AES.decrypt(Base64.decodeBase64(encryptedData),  
                       Base64.decodeBase64(session_key),
                       Base64.decodeBase64(iv));  
                   if(null != resultByte && resultByte.length > 0){  
                       String userInfo = new String(resultByte, "UTF-8");                 
                       map.put("status", "1");  
                       map.put("msg", "解密成功");                 
                       map.put("userInfo", userInfo);  
                   }else{  
                       map.put("status", "0");  
                       map.put("msg", "解密失败");  
                   }  
           }catch (InvalidAlgorithmParameterException e) {  
                   e.printStackTrace();  
           } catch (UnsupportedEncodingException e) {  
                   e.printStackTrace();  
           }                
           Gson gson = new Gson();  
           String decodeJSON = gson.toJson(map);  
           System.out.println(decodeJSON); 



其中

AES代码:

package com.aes;


import org.bouncycastle.jce.provider.BouncyCastleProvider;  
import java.security.AlgorithmParameters;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;


import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;


public class AES {
public static boolean initialized = false;    
    
    /** 
     * AES解密 
     * @param content 密文 
     * @return 
     * @throws InvalidAlgorithmParameterException  
     * @throws NoSuchProviderException  
     */  
    public static byte[] decrypt(byte[] content, byte[] keyByte, byte[] ivByte) throws InvalidAlgorithmParameterException {  
        initialize();  
        try {  
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");  
            Key sKeySpec = new SecretKeySpec(keyByte, "AES");  
              
            cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(ivByte));// 初始化   
            byte[] result = cipher.doFinal(content);  
            return result;  
        } catch (NoSuchAlgorithmException e) {  
            e.printStackTrace();    
        } catch (NoSuchPaddingException e) {  
            e.printStackTrace();    
        } catch (InvalidKeyException e) {  
            e.printStackTrace();  
        } catch (IllegalBlockSizeException e) {  
            e.printStackTrace();  
        } catch (BadPaddingException e) {  
            e.printStackTrace();  
        } catch (NoSuchProviderException e) {  
            // TODO Auto-generated catch block  
            e.printStackTrace();  
        } catch (Exception e) {  
            // TODO Auto-generated catch block  
            e.printStackTrace();  
        }  
        return null;  
    }    
      
    public static void initialize(){    
        if (initialized) return;    
        Security.addProvider(new BouncyCastleProvider());    
        initialized = true;    
    }  
    //生成iv    
    public static AlgorithmParameters generateIV(byte[] iv) throws Exception{    
        AlgorithmParameters params = AlgorithmParameters.getInstance("AES");    
        params.init(new IvParameterSpec(iv));    
        return params;    
    }     


}



你可能感兴趣的:(微信,基础)