packagecom.pro.profwxappapi.util;
importjava.io.UnsupportedEncodingException;
importjava.security.AlgorithmParameters;
importjava.security.Security;
importjava.util.Arrays;
importjavax.crypto.Cipher;
importjavax.crypto.spec.IvParameterSpec;
importjavax.crypto.spec.SecretKeySpec;
importorg.apache.commons.codec.binary.Base64;
importorg.apache.commons.codec.digest.DigestUtils;
importorg.bouncycastle.jce.provider.BouncyCastleProvider;
importnet.sf.json.JSONObject;
publicclassSecretUtils {
privateSecretUtils(){}
publicstaticStringAES128CBCdecrypt(StringencryptedData,Stringiv,StringappId,StringsessionKey)throwsException {
// 被加密的数据
byte[]dataByte= Base64.decodeBase64(encryptedData);
// 加密秘钥
byte[]keyByte= Base64.decodeBase64(sessionKey);
// 偏移量
byte[]ivByte= Base64.decodeBase64(iv);
Security.addProvider(newBouncyCastleProvider());
Ciphercipher= Cipher.getInstance("AES/CBC/PKCS7Padding","BC");
SecretKeySpecspec=newSecretKeySpec(keyByte,"AES");
AlgorithmParametersparameters= AlgorithmParameters.getInstance("AES");
parameters.init(newIvParameterSpec(ivByte));
cipher.init(Cipher.DECRYPT_MODE,spec,parameters);// 初始化
byte[]resultByte=cipher.doFinal(dataByte);
if(null!=resultByte&&resultByte.length> 0) {
Stringresult=newString(resultByte,"UTF-8");
JSONObjectobj= JSONObject.fromObject(result);
JSONObjectwatermark=obj.getJSONObject("watermark");
if(!watermark.getString("appid").equals(appId)){
thrownewException("与小程序appid不符合");
}
if(System.currentTimeMillis()-watermark.getLong("timestamp")*1000>10000){
thrownewException("验证时间过长");
}
returnresult;
}
returnnull;
}
}