解密微信小程序加密信息

Love The Way You Lie 2022-12-04 08:59 212阅读 0赞

获取微信程序人员信息之后，会给一个加密字符串，这个时候，前端不太好解密，因为浪费性能，会请求后端解密，那么后端如何解密呢？demo来说话；

1、首先工具类

package com.XXX.member.utils;
    
    
    import com.alibaba.fastjson.JSONObject;
    import lombok.Data;
    
    import javax.crypto.Cipher;
    import javax.crypto.spec.IvParameterSpec;
    import javax.crypto.spec.SecretKeySpec;
    import java.security.AlgorithmParameters;
    import java.security.Key;
    import java.security.Security;
    import java.util.Base64;
    
    /**
     * 小程序 AES 解密工具
     *
     * @author Kilde
     */
    @Data
    public class WXBizDataCrypt {
    
    //    public static void main(String[] args) {
    //
    //        String appId = "wx4f4bc4dec97d474b";
    //        String sessionKey = "tiihtNczf5v6AKRyjwEUhQ==";
    //        String encryptedData = "CiyLU1Aw2KjvrjMdj8YKliAjtP4gsMZMQmRzooG2xrDcvSnxIMXFufNstNGTyaGS9uT5geRa0W4oTOb1WT7fJlAC+oNPdbB+3hVbJSRgv+4lGOETKUQz6OYStslQ142dNCuabNPGBzlooOmB231qMM85d2/fV6ChevvXvQP8Hkue1poOFtnEtpyxVLW1zAo6/1Xx1COxFvrc2d7UL/lmHInNlxuacJXwu0fjpXfz/YqYzBIBzD6WUfTIF9GRHpOn/Hz7saL8xz+W//FRAUid1OksQaQx4CMs8LOddcQhULW4ucetDf96JcR3g0gfRK4PC7E/r7Z6xNrXd2UIeorGj5Ef7b1pJAYB6Y5anaHqZ9J6nKEBvB4DnNLIVWSgARns/8wR2SiRS7MNACwTyrGvt9ts8p12PKFdlqYTopNHR1Vf7XjfhQlVsAJdNiKdYmYVoKlaRv85IfVunYzO0IKXsyl7JCUjCpoG20f0a04COwfneQAGGwd5oa+T8yO5hzuyDb/XcxxmK01EpqOyuxINew==";
    //        String iv = "r7BXXKkLb8qrSNn05n0qiA==";
    //
    //        WXBizDataCrypt pc = new WXBizDataCrypt(appId,sessionKey);
    //        JSONObject decrypt = pc.decrypt(encryptedData, iv);
    //
    //        System.out.println(decrypt.toString());
    //
    //    }
    
    
        public static JSONObject getMoreInfoFromEncryptedData(String appId, String sessionKey, String encryptedData, String iv) {
            WXBizDataCrypt pc = new WXBizDataCrypt(appId, sessionKey);
            JSONObject decrypt = pc.decrypt(encryptedData, iv);
            return decrypt;
        }
    
        private String appId;
        private String sessionKey;
    
        public WXBizDataCrypt(String appId, String sessionKey) {
            this.appId = appId;
            this.sessionKey = sessionKey;
        }
    
    
        /**
         * 解密成json
         *
         * @param encryptedData
         * @param iv
         * @return
         */
        public JSONObject decrypt(String encryptedData, String iv) {
            byte[] encryptedDataDecode = Base64.getDecoder().decode(encryptedData);
            byte[] sessionKeyDecode = Base64.getDecoder().decode(this.sessionKey);
            byte[] ivDecode = Base64.getDecoder().decode(iv);
            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
            byte[] decodeData = decode(encryptedDataDecode, sessionKeyDecode, ivDecode);
            String stringData = new String(decodeData);
            JSONObject jsonObject = JSONObject.parseObject(stringData);
            return jsonObject;
        }
    
    
        /**
         * 解密算法 AES-128-CBC
         * 填充模式 PKCS#7
         *
         * @param encryptedDataDecode 目标密文
         * @return
         * @throws Exception
         */
        private byte[] decode(byte[] encryptedDataDecode, byte[] sessionKeyDecode, byte[] iv) {
            try {
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                Key sKeySpec = new SecretKeySpec(sessionKeyDecode, "AES");
                cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(iv));// 初始化
                byte[] result = cipher.doFinal(encryptedDataDecode);
                return result;
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
    
        /**
         * 处理iv
         *
         * @param iv
         * @return
         * @throws Exception
         */
        private AlgorithmParameters generateIV(byte[] iv) throws Exception {
            AlgorithmParameters params = AlgorithmParameters.getInstance("AES");
            params.init(new IvParameterSpec(iv));
            return params;
        }
    
    }

2、真正的代码

@Transactional(rollbackFor = Exception.class)
        @Override
        public JsonResult<UserInfoVoWeChatInfoDTO> saveAcode2SessionUserInfo(UserInfoVoWeChatInfoVO userInfoVoWeChatInfoVO) {
            if (Objects.isNull(userInfoVoWeChatInfoVO)) {
                return new JsonResult(JsonResultEnum.ARGS_NOT_FULL);
            }
            String encryptedData = userInfoVoWeChatInfoVO.getEncryptedData();
            Integer flag = userInfoVoWeChatInfoVO.getFlag();
            String iv = userInfoVoWeChatInfoVO.getIv();
            String sessionKey = userInfoVoWeChatInfoVO.getSessionKey();
            String openId = userInfoVoWeChatInfoVO.getOpenId();
            if (StringUtils.isBlank(encryptedData) ||
                    StringUtils.isBlank(iv) ||
                    StringUtils.isBlank(sessionKey) ||
                    StringUtils.isBlank(openId) ||
                    Objects.isNull(flag)) {
                return new JsonResult(JsonResultEnum.ARGS_NOT_FULL);
            }
            UserInfoVo userInfoVo = UserInfoVo.builder().build();
            String userPhone = userInfoVo.getUserPhone();
            String wechatAvatar = userInfoVo.getWechatAvatar();
            String wechatNickname = userInfoVo.getWechatNickname();
            String wechatOpenid = userInfoVo.getWechatOpenid();
            /**
             * 用户信息的
             * {"country":"CN","unionId":"ocMvos6NjeKLIBqg5Mr9QjxrP1FA","watermark":{"appid":"wx4f4bc4dec97d474b","timestamp":1477314187},"gender":1,"province":"Guangdong","city":"Guangzhou","avatarUrl":"http://wx.qlogo.cn/mmopen/vi_32/aSKcBBPpibyKNicHNTMM0qJVh8Kjgiak2AHWr8MHM4WgMEm7GFhsf8OYrySdbvAMvTsw3mo8ibKicsnfN5pRjl1p8HQ/0","openId":"oGZUI0egBJY1zhBYw2KhdUfwVJJE","nickName":"Band","language":"zh_CN"}
             *
             * 手机号的
             *
             * {"phoneNumber":"186168383*2","watermark":{"appid":"wxf0e8d778d88e861b","timestamp":1598263205},"purePhoneNumber":"18616838312","countryCode":"86"}
             *
             */
            if (flag.equals(NumberUtils.INTEGER_ONE)) {
                JSONObject moreInfoFromEncryptedDataJosn =
                        WXBizDataCrypt.getMoreInfoFromEncryptedData(appid, sessionKey, encryptedData, iv);
                //优先选这个
                userPhone = String.valueOf(moreInfoFromEncryptedDataJosn.get("phoneNumber"));
                userPhone = StringUtils.isBlank(userPhone) ? String.valueOf(moreInfoFromEncryptedDataJosn.get("purePhoneNumber")) : userPhone;
                wechatOpenid = openId;
            } else if (flag.equals(NumberUtils.INTEGER_TWO)) {
                JSONObject moreInfoFromEncryptedDataJosn =
                        WXBizDataCrypt.getMoreInfoFromEncryptedData(appid, sessionKey, encryptedData, iv);
                wechatAvatar = moreInfoFromEncryptedDataJosn.getString("avatarUrl");
                wechatNickname = moreInfoFromEncryptedDataJosn.getString("nickName");
                wechatOpenid = openId;
            }
    
            UserInfo userInfo = userInfoMapper.selectUserInfo(openId, userPhone);
            if (Objects.isNull(userInfo)) {
                //等获取到再补充更正
                UserInfo build = UserInfo.builder()
                        .userMoney(0)
                        .userName("0")
                        .userPhone(StringUtils.isBlank(userPhone) ? "0" : userPhone)
                        .wechatNickname(StringUtils.isBlank(wechatNickname) ? "0" : wechatNickname)
                        .wechatAvatar(StringUtils.isBlank(wechatAvatar) ? "0" : wechatAvatar)
                        .wechatOpenid(openId)
                        .build();
                int i = userInfoMapper.insertUser(build);
                if (i != 1) {
                    log.error("小程序获取Acode2Session信息保存失败---build:{}", JSON.toJSONString(build));
                    return JsonResult.error(JsonResultEnum.EXCEPTION_ERROR.getMsg());
                }
    
            } else if (Objects.nonNull(userInfo) && StringUtils.isNotBlank(wechatNickname) &&  StringUtils.isNotBlank(wechatAvatar)) {
    
                userInfo.setUserPhone(StringUtils.isBlank(userPhone) ? "0" : userPhone);
                userInfo.setWechatNickname(wechatNickname);
                userInfo.setWechatAvatar(wechatAvatar);
                int i = userInfoMapper.updateByPrimaryKeySelective(userInfo);
                if (i != 1) {
                    log.error("完善微信授权信息失败---build:{}", JSON.toJSONString(userInfo));
                    return JsonResult.error(JsonResultEnum.EXCEPTION_ERROR.getMsg());
                }
            }
            if (flag.equals(NumberUtils.INTEGER_ONE)) {
                UserInfoVoWeChatInfoDTO resultObject = UserInfoVoWeChatInfoDTO.builder()
                        .phone(userPhone)
                        .openId(openId)
                        .build();
                return new JsonResult(JsonResultEnum.SUCCESS, resultObject);
            } else if (flag.equals(NumberUtils.INTEGER_TWO)) {
                UserInfoVoWeChatInfoDTO resultObject = UserInfoVoWeChatInfoDTO.builder().phone(userPhone)
                        .wechatAvatar(wechatAvatar)
                        .wechatNickname(wechatNickname)
                        .phone(userInfo.getUserPhone())
                        .openId(openId).build();
                return new JsonResult(JsonResultEnum.SUCCESS, resultObject);
            }
            return JsonResult.seccess();
        }