- 微信授权手机号分为登录态和非登录态
- 登录态使用PKCS5Padding,非登录态使用PKCS7Padding
- java.security.NoSuchAlgorithmException: Cannot find any provider supporting AES/CBC/PKCS7Padding
问题:jdk没有PKCS7Padding的实现
解决:引入依赖
org.bouncycastle bcprov-ext-jdk161.45
类静态代码块:
static {
Security.addProvider(new BouncyCastleProvider());
}
- javax.crypto.BadPaddingException: pad block corrupted
问题: 前端调用顺序问题
解决:
2.1. 先调用的wx.login获取code;
2.2. 再通过code取到用户的session_key ;
2.3. 再通过getPhoneNumber获取了手机号的加密数据;
2.4. 最后再用session_key,手机号的加密数据和向量解密获取手机号;
代码:
static {
Security.addProvider(new BouncyCastleProvider());
}
public JSonObject decodeWxAppPhone(String encrypted, String iv, String code) throws Exception {
StringBuffer sbf = new StringBuffer();
sbf.append(WechatConstants.wxAppHost).append(WechatConstants.wxAppSecret)
.append("?appid=").append(wxAppId)
.append("&secret=").append(wxAppSecret)
.append("&js_code=").append(code)
.append("&grant_type=authorization_code");
String path = sbf.toString();
// 向微信服务器发送get请求获取加密了的内容
// 创建Httpclient对象
CloseableHttpClient client = HttpClients.createDefault();
HttpGet get = new HttpGet(path);
CloseableHttpResponse resp = null;
resp = client.execute(get);
String jsonStr = EntityUtils.toString(resp.getEntity());
JSonObject jsonObject = JSON.parseObject(jsonStr);
String sessionkey = jsonObject.getString(“session_key”);
try {
// 解密
byte[] encrypData = base64Utils.decodeFromString(encrypted);
byte[] ivData = base64Utils.decodeFromString(iv);
byte[] sessionKey = base64Utils.decodeFromString(sessionkey);
AlgorithmParameterSpec ivSpec = new IvParameterSpec(ivData);
Cipher cipher = Cipher.getInstance(“AES/CBC/PKCS5Padding”);
SecretKeySpec keySpec = new SecretKeySpec(sessionKey, “AES”);
cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
String resultString = new String(cipher.doFinal(encrypData), “UTF-8”);
JSonObject object = JSONObject.parseObject(resultString);
// 拿到手机号码
String phone = object.getString(“phoneNumber”);
// 返回手机号码
JSonObject returnObject = new JSonObject();
returnObject.put(“phone”, phone);
return returnObject;
} catch (Exception e) {
log.info(“使用 AES/CBC/PKCS7Padding 解密手机号”);
byte[] encData = base64Utils.decodeFromString(encrypted);
byte[] ivData = base64Utils.decodeFromString(iv);
byte[] key = base64Utils.decodeFromString(sessionkey);
AlgorithmParameterSpec ivSpec = new IvParameterSpec(ivData);
Cipher cipher = Cipher.getInstance(“AES/CBC/PKCS7Padding”);
SecretKeySpec keySpec = new SecretKeySpec(key, “AES”);
try {
cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
} catch (InvalidKeyException | InvalidAlgorithmParameterException invalidKeyException) {
log.error(“微信小程序手机号码解密异常,信息如下:”, invalidKeyException);
}
String resultString = new String(cipher.doFinal(encData), “UTF-8”);
JSonObject object = JSONObject.parseObject(resultString);
// 拿到手机号码
String phone = object.getString(“phoneNumber”);
// 返回手机号码
JSonObject returnObject = new JSonObject();
returnObject.put(“phone”, phone);
return returnObject;
}
