微信小程序中,由于有些数据比较隐私(openid,手机号等),所以你请求微信对应的接口返回的数据是加密的,这就需要解密了,具体可以看https://developers.weixin.qq.com/miniprogram/dev/framework/open-ability/getPhoneNumber.html
而微信又没有提供c#demo,所以在网上找了一下,总结出来:
首先要解密数据,需要几个参数:①sessionKey ②encryptedData ③iv
sessionKey:在js页面调用wx.login方法返回code然后通过后端请求
https://api.weixin.qq.com/sns/jscode2session?appid=APPID&secret=SECRET&js_code=JSCODE&grant_type=authorization_code
就会得到了。
encryptedData:微信返回的解密数据
iv:加密算法的初始向量
/// <summary>
/// WXBizDataCrypt 的摘要说明
/// 微信小程序解密类
/// </summary>
public class WXBizDataCrypt
{
private string _appid;
private string _sessionKey;
/// <summary>
///
/// </summary>
/// <param name="sessionKey">sessionKey用户在小程序登录后获取的会话密钥</param>
public WXBizDataCrypt(string sessionKey)
{
_appid = AppSettingUtil.AppSettings["appid"];
_sessionKey = sessionKey;
}
/// <summary>
/// 检验数据的真实性,并且获取解密后的明文.
/// </summary>
/// <param name="encryptedData">加密的用户数据</param>
/// <param name="iv">与用户数据一同返回的初始向量</param>
/// <param name="data">解密后的原文</param>
/// <returns>成功0,失败返回对应的错误码</returns>
/**
* error code 说明.
* <ul>
* <li>-41001: encodingAesKey 非法</li>
* <li>-41003: aes 解密失败</li>
* <li>-41004: 解密后得到的buffer非法</li>
* <li>-41005: base64加密失败</li>
* <li>-41016: base64解密失败</li>
* </ul>
*/
public int decryptData(string encryptedData, string iv, out string data)
{
data = string.Empty;
if (this._sessionKey.Length != 24)
{
return -41001;
}
if (iv.Length != 24)
{
return -41002;
}
try
{
data = AESDecrypt(encryptedData, this._sessionKey, iv);
}
catch (Exception ex)
{
return -41004;
}
return 0;
}
public static string AESDecrypt(string encryptedDatatxt, string AesKey, string AesIV)
{
try
{
byte[] encryptedData = Convert.FromBase64String(encryptedDatatxt);
RijndaelManaged rijndaelCipher = new RijndaelManaged();
rijndaelCipher.Key = Convert.FromBase64String(AesKey);
rijndaelCipher.IV = Convert.FromBase64String(AesIV);
rijndaelCipher.Mode = CipherMode.CBC;
rijndaelCipher.Padding = PaddingMode.PKCS7;
ICryptoTransform transform = rijndaelCipher.CreateDecryptor();
byte[] plainText = transform.TransformFinalBlock(encryptedData, 0, encryptedData.Length);
string result = Encoding.Default.GetString(plainText);
return result;
}
catch (Exception ex)
{
throw ex;
}
}
}
这个是c#的解密类,然后调用解密方法可以这样:
new WXBizDataCrypt(session_key).decryptData(encryptedData, iv, out data);