哥们,解决了没
视频号小店回调消息官方sdk解密失败?Java 版本:1.8.0_172 官方 sdk 下载地址:https://developers.weixin.qq.com/doc/oplatform/Third-party_Platforms/2.0/api/Before_Develop/Message_encryption_and_decryption.html,通过示例代码-点击下载 问题:收到视频号小店回调消息,解密时出现堆溢出 原因:在方法 com.qq.weixin.mp.aes.WXBizMsgCrypt#decrypt 解密时,计算 xmlLength 错误,取值过大,导致 Arrays.copyOfRange 时创建 byte[] 过大,最后堆溢出 截图: [图片] 在解密之前我们是已经验证 signature 了,所以请求应该是对的,下面是测试用的 main 方法,AppID:wx946a0126faf05117 public static void main(String[] args) throws AesException { String token = "7tyam"; String aesKey = "chwjjgre8aoqs85shbjxwn3q7eucsdprwgev6wx8an9"; String msgSignature = "f7a3294c2d63c71fba4903dbaf59bcc299e93000"; String timestamp = "1683744260"; String nonce = "2039739693"; String encrypt = "/CwHNJaI7TWZjv6HrvBN3OMWPck2Wmv+KimPFi2Z2PHpDd/T7p5Almay/bqRm/PgOTTHuKBSZbuqwkELV/u8PG30poUraIfu+Owok6lw2BA72pQ7maLPt6QmbZASlCpZRetGbNefupH+x01wzB5HIqcyhYUXKJyo771+TQsHpm+zEbadD+s3gMtiU6OxYBdnLp/HA1p/opUqnxXPs62JRIxUQpVKSBYsvLpUPwGiY9XoOXz1n1Pzeh6SkA+EpNafTyBmi51/CB0+mDjfcTTmZOdBfkRyRor13JTmgMz3S+T5D9hY/Ob0ntq1LR+Er66z/X7oAqXgbBonBmjHvOeMuJtDyWkSRfVkIcnxZwdoH93nZEQNIv00l+PZxJh6Uq+N"; WXBizMsgCrypt pc = new WXBizMsgCrypt(token, aesKey, null); String decryptMsg = pc.VerifyURL(msgSignature, timestamp, nonce, encrypt); log.info("微信视频号小店回调入参,decryptMsg={}", decryptMsg); }
11-15
获得过 0 次赞
回答过的问题获得 0 次赞
分享过的文章/案例获得 0 次赞
评论与回复获得 0 次赞