微信小程序获取手机号,java解密报错
临时帮朋友解决这个bug花了一下午时间,出坑以后赶紧给各位爷写一篇文章,心累。。
在此之前先测一下你的程序有没有问题,如果程序有问题,先去底部把我的代码拿走: String encryptedData = "CiyLU1Aw2KjvrjMdj8YKliAjtP4gsMZM"+ "QmRzooG2xrDcvSnxIMXFufNstNGTyaGS"+ "9uT5geRa0W4oTOb1WT7fJlAC+oNPdbB+"+ "3hVbJSRgv+4lGOETKUQz6OYStslQ142d"+ "NCuabNPGBzlooOmB231qMM85d2/fV6Ch"+ "evvXvQP8Hkue1poOFtnEtpyxVLW1zAo6"+ "/1Xx1COxFvrc2d7UL/lmHInNlxuacJXw"+ "u0fjpXfz/YqYzBIBzD6WUfTIF9GRHpOn"+ "/Hz7saL8xz+W//FRAUid1OksQaQx4CMs"+ "8LOddcQhULW4ucetDf96JcR3g0gfRK4P"+ "C7E/r7Z6xNrXd2UIeorGj5Ef7b1pJAYB"+ "6Y5anaHqZ9J6nKEBvB4DnNLIVWSgARns"+ "/8wR2SiRS7MNACwTyrGvt9ts8p12PKFd"+ "lqYTopNHR1Vf7XjfhQlVsAJdNiKdYmYV"+ "oKlaRv85IfVunYzO0IKXsyl7JCUjCpoG"+ "20f0a04COwfneQAGGwd5oa+T8yO5hzuy"+ "Db/XcxxmK01EpqOyuxINew=="; String sessionKey="tiihtNczf5v6AKRyjwEUhQ=="; String iv = "r7BXXKkLb8qrSNn05n0qiA=="; 输出以下: {"openId":"oGZUI0egBJY1zhBYw2KhdUfwVJJE","nickName":"Band","gender":1,"language":"zh_CN","city":"Guangzhou","province":"Guangdong","country":"CN","avatarUrl":"http://wx.qlogo.cn/mmopen/vi_32/aSKcBBPpibyKNicHNTMM0qJVh8Kjgiak2AHWr8MHM4WgMEm7GFhsf8OYrySdbvAMvTsw3mo8ibKicsnfN5pRjl1p8HQ/0","unionId":"ocMvos6NjeKLIBqg5Mr9QjxrP1FA","watermark":{"timestamp":1477314187,"appid":"wx4f4bc4dec97d474b"}}
请先规避以下几个问题:
Exception in thread "main" org.bouncycastle.util.encoders.DecoderException: unable to decode base64 string: invalid characters encountered in base64 data 原因: 请注意看你的参数sessionKey,开头是否是sessionKey_。。开头 例子:sessionKey_oKqNV49ZNr5sbBjodYCPHw9Smgww(用错sessionKey了,这个是咱们服务端调用返回的,不是加密用的sessionKey) 官方解释: 三个参数都一样 (举一反三哈。。) 解决办法:请求方式用 POST,并且将参数URLEncode ; 气死LZ,这种密文竟然用GET 请求,mlgbd ps:看了很多SB 的博客,说把空格直接给替换为空,,我一开始都信了
解析出手机号有部分乱码,如下图 原因:iv 参数不对,bug调好后可以自测一下
如果你能看到这里,估计后边的代码解决不了你的问题,^_^,估计你得去其他地方看看有解决办法吗
方案零:
public static String decryptS5(String sSrc, String sKey, String ivParameter) throws Exception {
try {
BASE64Decoder decoder = new BASE64Decoder();
byte[] raw = decoder.decodeBuffer(sKey);
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
IvParameterSpec iv = new IvParameterSpec(decoder.decodeBuffer(ivParameter));
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
byte[] myendicod = decoder.decodeBuffer(sSrc);
byte[] original = cipher.doFinal(myendicod);
String originalString = new String(original, "UTF-8");
return originalString;
} catch (Exception ex) {
return null;
}
}
方案一:
import org.bouncycastle.util.encoders.Base64;//此处别导错包了。。
private static String getUserInfo(String encryptedData, String session_key, String iv) {
// 被加密的数据
byte[] dataByte = Base64.decode(encryptedData);
// 加密秘钥
byte[] keyByte = Base64.decode(session_key);
// 偏移量
byte[] ivByte = Base64.decode(iv);
try {
// 如果密钥不足16位,那么就补足. 这个if 中的内容很重要
int base = 16;
if (keyByte.length % base != 0) {
int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);
byte[] temp = new byte[groups * base];
Arrays.fill(temp, (byte) 0);
System.arraycopy(keyByte, 0, temp, 0, keyByte.length);
keyByte = temp;
}
// 初始化
Security.addProvider(new BouncyCastleProvider());
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "BC");
SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");
AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");
parameters.init(new IvParameterSpec(ivByte));
cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化
byte[] resultByte = cipher.doFinal(dataByte);
if (null != resultByte && resultByte.length > 0) {
String result = new String(resultByte, "UTF-8");
return result;
}
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
<dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk15on</artifactId> <version>1.57</version> </dependency>
方案二:
<dependency> <groupId>commons-codec</groupId> <artifactId>commons-codec</artifactId> <version>1.10</version> </dependency>
总结一下LZ 的启发:不要太相信别人的代码。。