微信公众号 消息加解密说明 使用官方sdk报错?
String decrypt(String text) {
byte[] original;
try {
// 设置解密模式为AES的CBC模式
Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
SecretKeySpec key_spec = new SecretKeySpec(aesKey, "AES");
IvParameterSpec iv = new IvParameterSpec(Arrays.copyOfRange(aesKey, 0, 16));
cipher.init(Cipher.DECRYPT_MODE, key_spec, iv);
// 使用BASE64对密文进行解码
byte[] encrypted = Base64.decodeBase64(text);
// 解密
original = cipher.doFinal(encrypted);
} catch (Exception e) {
e.printStackTrace();
throw new AesException(AesException.DecryptAESError);
}
String xmlContent, from_id;
try {
// 去除补位字符
byte[] bytes = PKCS7Encoder.decode(original);
// 分离16位随机字符串,网络字节序和AppId
byte[] networkOrder = Arrays.copyOfRange(bytes, 16, 20);
int xmlLength = recoverNetworkBytesOrder(networkOrder);
System.out.println("xmlLength = " + xmlLength);
xmlContent = new String(Arrays.copyOfRange(bytes, 20, 20 + xmlLength), CHARSET);
from_id = new String(Arrays.copyOfRange(bytes, 20 + xmlLength, bytes.length),
CHARSET);
} catch (Exception e) {
e.printStackTrace();
throw new AesException(AesException.IllegalBuffer);
}
// appid不相同的情况
if (StringUtils.isBlank(appid) && !from_id.equals(receiveid)) {
throw new AesException(AesException.ValidateAppidError);
}
return xmlContent;
}
说明:企业微信消息回调解密正常,xmlLength 二三百;公众号消息解密时,xmlLength 是一个正负十位整数。创建URL时,企业微信需要解密echostr并返回解密后的字符串,而微信公众号直接返回无需解密,是否不是一个解密体系?为什么企业微信公众平台——公众号的上文档中的解密SDK,企业微信消息可以使用,公众号却使用不了,企业项目比较急!急需要解决! 日志: 2022-03-15 11:07:56.762 INFO 11212 --- [nio-8001-exec-1] c.g.wx.cp.controller.WXKeFuController : 接收到回调:keFuId 1001, msg_signature e6e1869e1f94cf73f140ba0c96719956eddaf762, timestamp 1647313676, nonce 699393265
sPostData = <xml>
<ToUserName><![CDATA[gh_251e2d32914a]]></ToUserName>
<Encrypt><![CDATA[DF8rpixK6xQaLGPCM2QECCmQ1aNVCeDDr4ByF1r4ZoINJWpYwtBp8KMHCplPFTvf3Cv/wKjsCEDUxoZQpQyntIZIExeEr7glp4N+4+v+wCkWd0Kodm2cBkXPV6wXwW8aaiwWAIkqPKMU+ki5u+xqySVHAwhUg4KnQOw5XGhbrGC5JDCCPd6XtHT48aQ0xFdkzHoeVgyDDnqp4e4d4zPDVx6UIyTOh3tXd6NvAHIOEG1Gn2g8trZvrs88bBCXjtS2tY/1+ETGTZI7Bj+iu2m/l/eGyvQmEMAJlV6D2GZL/uPFXvrzdm2ThSZfz5epPcjWu6NbxyyFrT0UKMHkEmNccWxvGiasLG7/T6gGiqJzyhQN48NcN33Q2wp9q6WUARkUacC3sFNwI1dPQsaXjmmXgO/hDJrJVotkSv1D5sP+J0c=]]></Encrypt>
</xml>
encrypt = DF8rpixK6xQaLGPCM2QECCmQ1aNVCeDDr4ByF1r4ZoINJWpYwtBp8KMHCplPFTvf3Cv/wKjsCEDUxoZQpQyntIZIExeEr7glp4N+4+v+wCkWd0Kodm2cBkXPV6wXwW8aaiwWAIkqPKMU+ki5u+xqySVHAwhUg4KnQOw5XGhbrGC5JDCCPd6XtHT48aQ0xFdkzHoeVgyDDnqp4e4d4zPDVx6UIyTOh3tXd6NvAHIOEG1Gn2g8trZvrs88bBCXjtS2tY/1+ETGTZI7Bj+iu2m/l/eGyvQmEMAJlV6D2GZL/uPFXvrzdm2ThSZfz5epPcjWu6NbxyyFrT0UKMHkEmNccWxvGiasLG7/T6gGiqJzyhQN48NcN33Q2wp9q6WUARkUacC3sFNwI1dPQsaXjmmXgO/hDJrJVotkSv1D5sP+J0c=
appid = wxde9c540c3328dbcc
第三方收到URL中的签名:e6e1869e1f94cf73f140ba0c96719956eddaf762
第三方校验签名:e6e1869e1f94cf73f140ba0c96719956eddaf762
xmlLength = -566866243
java.lang.IllegalArgumentException: 20 > -566866223
at java.util.Arrays.copyOfRange(Arrays.java:3519)
at com.gyhn.wx.cp.model.qywx.WXBizMsgCrypt.decrypt(WXBizMsgCrypt.java:281)
at com.gyhn.wx.cp.model.qywx.WXBizMsgCrypt.decryptMsg(WXBizMsgCrypt.java:365)
...........................
2022-03-15 11:07:56.799 ERROR 11212 --- [nio-8001-exec-1] o.a.c.c.C.[.[.[/].[dispatcherServlet] : Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is com.gyhn.wx.cp.model.AesException: 解密后得到的buffer非法] with root cause
com.gyhn.wx.cp.model.AesException: 解密后得到的buffer非法
at com.gyhn.wx.cp.model.qywx.WXBizMsgCrypt.decrypt(WXBizMsgCrypt.java:286) ~[classes/:na]
at com.gyhn.wx.cp.model.qywx.WXBizMsgCrypt.decryptMsg(WXBizMsgCrypt.java:365) ~[classes/:na]
...........................
出错代码 int xmlLength = recoverNetworkBytesOrder(networkOrder);
xmlContent = new String(Arrays.copyOfRange(bytes, 20, 20 + xmlLength), CHARSET);