What a ghost, and then began to step on the path of various AES, in fact, according to a lot of online tutorials, once again cannot be listed for everyone, (because when I write this article, I 've been solving the problem for a week.) I 've also received a lot of help from the administrator. I 'd like to write another post to give back to you. here I will only list the unionId decryption method. if there is any problem, contact me or reply.
In addition,
Do not use the free certificate provided by startcom for https!
Do not use the free certificate provided by startcom for https!
Do not use the free certificate provided by startcom for https!
Let's talk about important things three times !!!!
AES. java
Import org. apache. commons. codec. binary. base64; import org. bouncycastle. jce. provider. bouncyCastleProvider; import javax. crypto. badPaddingException; import javax. crypto. cipher; import javax. crypto. illegalBlockSizeException; import javax. crypto. noSuchPaddingException; import javax. crypto. spec. ivParameterSpec; import javax. crypto. spec. secretKeySpec; import java. security. *; public class AES {public static boolean initialized = false; /*** AES decryption * @ param content ciphertext * @ return * @ throws InvalidAlgorithmParameterException * @ throws NoSuchProviderException */public byte [] decrypt (byte [] content, byte [] keyByte, byte [] ivByte) throws InvalidAlgorithmParameterException {initialize (); try {Cipher cipher = Cipher. getInstance ("AES/CBC/PKCS7Padding"); Key sKeySpec = new SecretKeySpec (keyByte, "AES"); cipher. init (Cipher. DECRYPT_MODE, sKeySpec, generateIV (ivByte); // initialize byte [] result = cipher. doFinal (content); return result;} catch (NoSuchAlgorithmException e) {e. printStackTrace ();} catch (NoSuchPaddingException e) {e. printStackTrace ();} catch (InvalidKeyException e) {e. printStackTrace ();} catch (IllegalBlockSizeException e) {e. printStackTrace ();} catch (BadPaddingException e) {e. printStackTrace ();} catch (NoSuchProviderException e) {// TODO Auto-generated catch block e. printStackTrace ();} catch (Exception e) {// TODO Auto-generated catch block e. printStackTrace ();} return null;} public static void initialize () {if (initialized) return; Security. addProvider (new BouncyCastleProvider (); initialized = true;} // Generate iv public static AlgorithmParameters generateIV (byte [] iv) throws Exception {AlgorithmParameters params = AlgorithmParameters. getInstance ("AES"); params. init (new IvParameterSpec (iv); return params ;}}
WxPKCS7Encoder. java
Import java. nio. charset. charset; import java. util. arrays;/*** Created by Kevin Dong on April /1/5. */public class WxPKCS7Encoder {private static final Charset CHARSET = Charset. forName ("UTF-8"); private static final int BLOCK_SIZE = 32;/*** get the byte that fills in the plaintext. ** @ param count refers to the number of plaintext bytes required for the padding operation * @ return refers to the array of Bytes used for completing the padding operation */public static byte [] encode (int count) {// calculate the number of digits to be filled int amountToPad = BLOCK_SIZE-(count % BLOCK_SIZE); if (amountToPad = 0) {amountToPad = BLOCK_SIZE ;} // char padChr = chr (amountToPad), String tmp = new String (), for (int index = 0; index <amountToPad; index ++) {tmp + = padChr;} return tmp. getBytes (CHARSET );} /*** delete the plaintext completion character after decryption ** @ param decrypted the decrypted plaintext * @ return delete the plaintext after the completion character */public static byte [] decode (byte [] decrypted) {int pad = decrypted [decrypted. length-1]; if (pad <1 | pad> 32) {pad = 0;} return Arrays. copyOfRange (decrypted, 0, decrypted. length-pad);}/*** converts a number to a character corresponding to an ASCII code, used to fill in plaintext ** @ param a number to be converted * @ return the converted character */public static char chr (int a) {byte target = (byte) (a & 0xFF); return (char) target ;}}
The call method is decrypted as follows:
WechatOpenIdRes wechatInfo = getWehatInfoByCode(code); if(wechatInfo != null && wechatInfo.isOk()){ boolean isNew = true; try { AES aes = new AES(); byte[] resultByte = aes.decrypt(Base64.decodeBase64(encryptedData), Base64.decodeBase64(wechatInfo.getSession_key()), Base64.decodeBase64(iv)); if(null != resultByte && resultByte.length > 0){ String userInfo = new String(WxPKCS7Encoder.decode(resultByte)); WxInfo wxInfo = GsonUtil.fromGson(userInfo, WxInfo.class); if(wxInfo != null) { logger.debug("xxxxxunionid===="+wxInfo.getUnionId()); } } } catch (InvalidAlgorithmParameterException e) { e.printStackTrace(); } catch (Exception e) { e.printStackTrace(); }
The compiling environment is java1.8.
In addition, the support package I introduced is
Bcprov-jdk16-139.jar this package has uploaded attachments,
Attach the code in my trial mini-app js,
var code ="";wechat.login() .then(function(res){ code = res.code; }) .then(function(){ return wechat.getUserInfo(); }) .then(function(res){var encryptedData = res.encryptedDatavar iv = res.iv;return userservice.getUserToken(code,encryptedData,iv); })
The preceding code uses promise. The last userservice. getUserToken is the method of the request server. the parameter is the obtained code, encrypted content, and initialization vector.
For more information about how to use java to implement AES decryption and obtain unionId, see PHP!
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
