小程序V3支付回调通知放回的数据怎么解密呢?
{
"id": "19c060b0-2bc2-5d4a-8b6c-93deb773e8e4",
"create_time": "2021-11-02T16:18:49+08:00",
"resource_type": "encrypt-resource",
"event_type": "TRANSACTION.SUCCESS",
"summary": "支付成功",
"resource": {
"original_type": "transaction",
"algorithm": "AEAD_AES_256_GCM",
"ciphertext": "1233333333",
"associated_data": "transaction",
"nonce": "N9spHaXjeHmj246"
}
}
想核对下单数据发现当前没法解密,按照官网要求已经下载了wechatpay-apache-httpclient,
然后查看这个demo的README.MD的时候并没有发现有回调通知解密的介绍,只有一个字符串加密解密的实例?
现在我的疑问点就是:怎么把resource对象的ciphertext解密出来?具体用什么方法?怎么才能得到图5解密后的数据?
有没有大佬出来指点一下,纯小白,非常感谢
谢邀:Java AES-256-GCM解密看这个类:
https://github.com/wechatpay-apiv3/wechatpay-apache-httpclient/blob/master/src/main/java/com/wechat/pay/contrib/apache/httpclient/util/AesUtil.java
package com.wechat.pay.contrib.apache.httpclient.util; import java.nio.charset.StandardCharsets; import java.security.GeneralSecurityException; import java.security.InvalidAlgorithmParameterException; import java.security.InvalidKeyException; import java.security.NoSuchAlgorithmException; import java.util.Base64; import javax.crypto.Cipher; import javax.crypto.NoSuchPaddingException; import javax.crypto.spec.GCMParameterSpec; import javax.crypto.spec.SecretKeySpec; /** * @author xy-peng */ public class AesUtil { private static final String TRANSFORMATION = "AES/GCM/NoPadding"; private static final int KEY_LENGTH_BYTE = 32; private static final int TAG_LENGTH_BIT = 128; private final byte[] aesKey; public AesUtil(byte[] key) { if (key.length != KEY_LENGTH_BYTE) { throw new IllegalArgumentException("无效的ApiV3Key,长度必须为32个字节"); } this.aesKey = key; } public String decryptToString(byte[] associatedData, byte[] nonce, String ciphertext) throws GeneralSecurityException { try { SecretKeySpec key = new SecretKeySpec(aesKey, "AES"); GCMParameterSpec spec = new GCMParameterSpec(TAG_LENGTH_BIT, nonce); Cipher cipher = Cipher.getInstance(TRANSFORMATION); cipher.init(Cipher.DECRYPT_MODE, key, spec); cipher.updateAAD(associatedData); return new String(cipher.doFinal(Base64.getDecoder().decode(ciphertext)), StandardCharsets.UTF_8); } catch (NoSuchAlgorithmException | NoSuchPaddingException e) { throw new IllegalStateException(e); } catch (InvalidKeyException | InvalidAlgorithmParameterException e) { throw new IllegalArgumentException(e); } } }
2.支付成功,回调通知处理,核对订单信息,判断订单金额等等,验证失败退款?
请问一下这个支付逻辑有没有问题大佬?
求代码
可以参考下这篇文章https://blog.csdn.net/qq_16746785/article/details/120260761