收藏
回答

V3支付、退款回调的数据微信那边是如何加密的?

"original_type": "transaction","algorithm": "AEAD_AES_256_GCM", "ciphertext": "", "associated_data": "", "nonce": ""

resource里面将数据加密后回传给商户开发者,然后商户端的开发者解析数据进行业务处理,问题是你们如何加密的,我无法模拟数据的加密,官方只提供了解密的案例,没有加密的案例。无法在线上调试。

回答关注问题邀请回答
收藏

3 个回答

  • 大头
    大头
    2024-09-09

    退款回调微信使用的是AEAD_AES_256_GCM加密算法。

    2024-09-09
    有用
    回复
  • 随心漂泊
    随心漂泊
    2021-12-23
    //支付数据加密模拟
    public static String payNotify() throws NoSuchPaddingException, NoSuchAlgorithmException,
            InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        //密文数据
        String test = DataDemo.V3_PAY_NOTIFY_JSON;
        //随机串
        String nonce = "xxxxxx";
        //附加数据
        String fj = "";
        Cipher cipher = Cipher.getInstance(WxV3Constant.AES_GCM);
        byte[] aesKey = WxV3Constant.KEY_V3.getBytes();
        SecretKeySpec key = new SecretKeySpec(aesKey, "AES");
        GCMParameterSpec spec = new GCMParameterSpec(128, nonce.getBytes(StandardCharsets.UTF_8));
        cipher.init(Cipher.ENCRYPT_MODE, key, spec);
        cipher.updateAAD(fj.getBytes(StandardCharsets.UTF_8));
        byte[] encrypted = cipher.doFinal(test.getBytes());
        return Base64Util.encode(encrypted);
    }
    
    //退款数据加密模拟
    public static String refundNotify() throws NoSuchPaddingException, NoSuchAlgorithmException,
            InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
        //密文数据
        String test = DataDemo.V3_REFUND_JSON;
        //随机串
        String nonce = "xxxxx";
        //附加数据
        String fj = "";
        Cipher cipher = Cipher.getInstance(WxV3Constant.AES_GCM);
        byte[] aesKey = WxV3Constant.KEY_V3.getBytes();
        SecretKeySpec key = new SecretKeySpec(aesKey, "AES");
        GCMParameterSpec spec = new GCMParameterSpec(128, nonce.getBytes(StandardCharsets.UTF_8));
        cipher.init(Cipher.ENCRYPT_MODE, key, spec);
        cipher.updateAAD(fj.getBytes(StandardCharsets.UTF_8));
        byte[] encrypted = cipher.doFinal(test.getBytes());
        return Base64Util.encode(encrypted);
    
    }
    
    public static void main(String[] args) throws NoSuchPaddingException, InvalidKeyException,
            NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException,
            InvalidAlgorithmParameterException {
        String s = payNotify();
        System.out.println(s);
        String s1 = refundNotify();
        System.out.println(s1);
    
    }
    


    2021-12-23
    有用
    回复
  • Memory
    Memory
    2021-12-23

    你管怎么加密的干嘛,你验证签名没问题就可以进行解密了啊,调试要真实数据请求

    2021-12-23
    有用
    回复 2
    • 随心漂泊
      随心漂泊
      2021-12-23
      //支付数据加密模拟
          public static String payNotify() throws NoSuchPaddingException, NoSuchAlgorithmException,
                  InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
              //密文数据
              String test = "";
              //随机串
              String nonce = "ZIa37GRXWKNdYZFQV862oL1uW03Jg4OV";
              //附加数据
              String fj = "";
              Cipher cipher = Cipher.getInstance(WxV3Constant.AES_GCM);
      //微信申请的商户key
              byte[] aesKey = key.getBytes();
              SecretKeySpec key = new SecretKeySpec(aesKey, "AES");
              GCMParameterSpec spec = new GCMParameterSpec(128, nonce.getBytes(StandardCharsets.UTF_8));
              cipher.init(Cipher.ENCRYPT_MODE, key, spec);
              cipher.updateAAD(fj.getBytes(StandardCharsets.UTF_8));
              byte[] encrypted = cipher.doFinal(test.getBytes());
              return Base64Util.encode(encrypted);
          }
      拿去用吧,
      <font style="color:red;">知道了官方提供的解密方法,反向推理得到怎么加密的方法即可</font>***


      技术不是只会接收解密,学会反解密模拟真实数据也是一种手段,我没服务器没真实环境的情况下我怎么调用?难道就只会等买上服务器申请上域名才能去对接吗?
      2021-12-23
      回复
    • Memory
      Memory
      2021-12-23回复随心漂泊
      本地就不能调试了?难道只能买服务器买域名才能调试?你能保证你模拟的数据齐全?
      2021-12-23
      回复
登录 后发表内容