微信小程序获取手机号 java解密报错

临时帮朋友解决这个bug花了一下午时间，出坑以后赶紧给各位爷写一篇文章，心累。。

在此之前先测一下你的程序有没有问题，如果程序有问题，先去底部把我的代码拿走：

String encryptedData = "CiyLU1Aw2KjvrjMdj8YKliAjtP4gsMZM"+"QmRzooG2xrDcvSnxIMXFufNstNGTyaGS"+"9uT5geRa0W4oTOb1WT7fJlAC+oNPdbB+"+"3hVbJSRgv+4lGOETKUQz6OYStslQ142d"+"NCuabNPGBzlooOmB231qMM85d2/fV6Ch"+"evvXvQP8Hkue1poOFtnEtpyxVLW1zAo6"+"/1Xx1COxFvrc2d7UL/lmHInNlxuacJXw"+"u0fjpXfz/YqYzBIBzD6WUfTIF9GRHpOn"+"/Hz7saL8xz+W//FRAUid1OksQaQx4CMs"+"8LOddcQhULW4ucetDf96JcR3g0gfRK4P"+"C7E/r7Z6xNrXd2UIeorGj5Ef7b1pJAYB"+"6Y5anaHqZ9J6nKEBvB4DnNLIVWSgARns"+"/8wR2SiRS7MNACwTyrGvt9ts8p12PKFd"+"lqYTopNHR1Vf7XjfhQlVsAJdNiKdYmYV"+"oKlaRv85IfVunYzO0IKXsyl7JCUjCpoG"+"20f0a04COwfneQAGGwd5oa+T8yO5hzuy"+"Db/XcxxmK01EpqOyuxINew==";String sessionKey="tiihtNczf5v6AKRyjwEUhQ==";String iv = "r7BXXKkLb8qrSNn05n0qiA==";

输出以下：

{"openId":"oGZUI0egBJY1zhBYw2KhdUfwVJJE","nickName":"Band","gender":1,"language":"zh_CN","city":"Guangzhou","province":"Guangdong","country":"CN","avatarUrl":"/mmopen/vi_32/aSKcBBPpibyKNicHNTMM0qJVh8Kjgiak2AHWr8MHM4WgMEm7GFhsf8OYrySdbvAMvTsw3mo8ibKicsnfN5pRjl1p8HQ/0","unionId":"ocMvos6NjeKLIBqg5Mr9QjxrP1FA","watermark":{"timestamp":1477314187,"appid":"wx4f4bc4dec97d474b"}}

请先规避以下几个问题：

Exception in thread "main" org.bouncycastle.util.encoders.DecoderException: unable to decode base64 string: invalid characters encountered in base64 data

原因：

请注意看你的参数sessionKey，开头是否是sessionKey_。。开头

例子：sessionKey_oKqNV49ZNr5sbBjodYCPHw9Smgww（用错sessionKey了，这个是咱们服务端调用返回的，不是加密用的sessionKey）

官方解释：

2.注意你的encryptedData参数中是否有空格，微信返回的数据中不可能有空格，空格是前端传输过程中一些特殊字符被浏览器等原因处理掉了，

三个参数都一样 （举一反三哈。。）

解决办法：请求方式用 POST，并且将参数URLEncode；

气死LZ，这种密文竟然用GET请求，mlgbd

ps：看了很多SB的博客，说把空格直接给替换为空，，我一开始都信了

解析出手机号有部分乱码，如下图

原因：iv参数不对，bug调好后可以自测一下

如果你能看到这里，估计后边的代码解决不了你的问题，^_^,估计你得去其他地方看看有解决办法吗

方案零：

public static String decryptS5(String sSrc, String sKey, String ivParameter) throws Exception {try {BASE64Decoder decoder = new BASE64Decoder();byte[] raw = decoder.decodeBuffer(sKey);SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");IvParameterSpec iv = new IvParameterSpec(decoder.decodeBuffer(ivParameter));Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);byte[] myendicod = decoder.decodeBuffer(sSrc);byte[] original = cipher.doFinal(myendicod);String originalString = new String(original, "UTF-8");return originalString;} catch (Exception ex) {return null;}}

方案一：

import org.bouncycastle.util.encoders.Base64;//此处别导错包了。。private static String getUserInfo(String encryptedData, String session_key, String iv) {// 被加密的数据byte[] dataByte = Base64.decode(encryptedData);// 加密秘钥byte[] keyByte = Base64.decode(session_key);// 偏移量byte[] ivByte = Base64.decode(iv);try {// 如果密钥不足16位，那么就补足. 这个if 中的内容很重要int base = 16;if (keyByte.length % base != 0) {int groups = keyByte.length / base + (keyByte.length % base != 0 ? 1 : 0);byte[] temp = new byte[groups * base];Arrays.fill(temp, (byte) 0);System.arraycopy(keyByte, 0, temp, 0, keyByte.length);keyByte = temp;}// 初始化Security.addProvider(new BouncyCastleProvider());Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding", "BC");SecretKeySpec spec = new SecretKeySpec(keyByte, "AES");AlgorithmParameters parameters = AlgorithmParameters.getInstance("AES");parameters.init(new IvParameterSpec(ivByte));cipher.init(Cipher.DECRYPT_MODE, spec, parameters);// 初始化byte[] resultByte = cipher.doFinal(dataByte);if (null != resultByte && resultByte.length > 0) {String result = new String(resultByte, "UTF-8");return result;}} catch (Exception e) {e.printStackTrace();}return null;}

<dependency><groupId>org.bouncycastle</groupId><artifactId>bcprov-jdk15on</artifactId><version>1.57</version></dependency>

方案二：

package com.example.demo;import mons.codec.binary.Base64;import javax.crypto.*;import javax.crypto.spec.IvParameterSpec;import javax.crypto.spec.SecretKeySpec;import java.security.*;public class WxUtils {/*** * 微信 数据解密<br/>* * 对称解密使用的算法为 AES-128-CBC，数据采用PKCS#7填充<br/>* * 对称解密的目标密文:encrypted=Base64_Decode(encryptData)<br/>* * 对称解密秘钥:key = Base64_Decode(session_key),aeskey是16字节<br/>* * 对称解密算法初始向量:iv = Base64_Decode(iv),同样是16字节<br/>* ** * @param encrypted 目标密文* * @param session_key 会话ID* * @param iv 加密算法的初始向量**/public static String wxDecrypt(String encrypted, String session_key, String iv) {String result = null;byte[] encrypted64 = Base64.decodeBase64(encrypted);byte[] key64 = Base64.decodeBase64(session_key);byte[] iv64 = Base64.decodeBase64(iv);try {init();result = new String(decrypt(encrypted64, key64, generateIV(iv64)));} catch (Exception e) {e.printStackTrace();}return result;}/*** * 初始化密钥**/public static void init() throws Exception {Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());KeyGenerator.getInstance("AES").init(128);}/*** * 生成iv**/public static AlgorithmParameters generateIV(byte[] iv) throws Exception {// iv 为一个 16 字节的数组，这里采用和 iOS 端一样的构造方法，数据全为0// Arrays.fill(iv, (byte) 0x00);AlgorithmParameters params = AlgorithmParameters.getInstance("AES");params.init(new IvParameterSpec(iv));return params;}/*** * 生成解密**/public static byte[] decrypt(byte[] encryptedData, byte[] keyBytes, AlgorithmParameters iv)throws Exception {Key key = new SecretKeySpec(keyBytes, "AES");Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");// 设置为解密模式cipher.init(Cipher.DECRYPT_MODE, key, iv);return cipher.doFinal(encryptedData);}}

<dependency><groupId>commons-codec</groupId><artifactId>commons-codec</artifactId><version>1.10</version></dependency>

总结一下LZ的启发：不要太相信别人的代码。。