微信小程序用户数据的签名验证和加解密

1有问题的加我QQ（1051521493）
首先是 签名验证：
在网上搜索一个 sha 算法，放到自己的项目中，我的是放到一个AESUtil.java这个解密方法类中了，后面会有说到。
//sha1 签名认证
public static String getSha1(String str){
if(str==null||str.length()==0){
return null;
}
char hexDigits[] = {‘0’,’1’,’2’,’3’,’4’,’5’,’6’,’7’,’8’,’9’,
‘a’,’b’,’c’,’d’,’e’,’f’};
try {
MessageDigest mdTemp = MessageDigest.getInstance(“SHA1”);
mdTemp.update(str.getBytes(“UTF-8”));

      byte[] md = mdTemp.digest();
      int j = md.length;
      char buf[] = new char[j*2];
      int k = 0;
      for (int i = 0; i < j; i++) {
          byte byte0 = md[i];
          buf[k++] = hexDigits[byte0 >>> 4 & 0xf];
          buf[k++] = hexDigits[byte0 & 0xf];      
      }
      return new String(buf);
  } catch (Exception e) {
      // TODO: handle exception
      return null;
  }

}
验证签名：首先接收到 signature rawData session_key,调用这个上面的方法就行了signature1 和signature比较，签名认证完成。
String signature = request.getParameter(“signature”);
String rawData = request.getParameter(“rawData”);
String session_key = request.getParameter(“session_key”);

    String sha1=rawData+session_key;
    String signature1 = AESUtil.getSha1(sha1);
    //进行签名认证
    if(signature.equals(signature1)){
        System.out.println("签名认证成功");  
    }

下面是解密：
调用一个类直接复制 类名为 AESUtil
需要注意的是：
import org.bouncycastle.jce.provider.BouncyCastleProvider;
放到项目中会报红：需要下载 jar 在lib 加入了一个org.bouncycastle 的jar ,网上自己下放进去就行了。

import org.bouncycastle.jce.provider.BouncyCastleProvider;

import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.security.*;

/**
*

Title:AES解密类

*

Description: 在lib 加入了一个org.bouncycastle 的jar

*@author shaoyangzhang
*@data 2017年3月15日
*/
public class AESUtil {
public static final AESUtil instance = new AESUtil();

public static boolean initialized = false;

/**
* AES解密
* @param content 密文
* @return
* @throws InvalidAlgorithmParameterException
* @throws NoSuchProviderException
*/
public byte[] decrypt(byte[] content, byte[] keyByte, byte[] ivByte) throws InvalidAlgorithmParameterException {
initialize();
try {
Cipher cipher = Cipher.getInstance(“AES/CBC/PKCS7Padding”);
Key sKeySpec = new SecretKeySpec(keyByte, “AES”);

  cipher.init(Cipher.DECRYPT_MODE, sKeySpec, generateIV(ivByte));// 初始化
  byte[] result = cipher.doFinal(content);
  return result;
} catch (NoSuchAlgorithmException e) {
  e.printStackTrace();
} catch (NoSuchPaddingException e) {
  e.printStackTrace();
} catch (InvalidKeyException e) {
  e.printStackTrace();
} catch (IllegalBlockSizeException e) {
  e.printStackTrace();
} catch (BadPaddingException e) {
  e.printStackTrace();
} catch (NoSuchProviderException e) {
  // TODO Auto-generated catch block
  e.printStackTrace();
} catch (Exception e) {
  // TODO Auto-generated catch block
  e.printStackTrace();
}
return null;

}

public static void initialize(){
if (initialized) return;
Security.addProvider(new BouncyCastleProvider());
initialized = true;
}
//生成iv
public static AlgorithmParameters generateIV(byte[] iv) throws Exception{
AlgorithmParameters params = AlgorithmParameters.getInstance(“AES”);
params.init(new IvParameterSpec(iv));
return params;
}
//sha1 签名认证
public static String getSha1(String str){
if(str==null||str.length()==0){
return null;
}
char hexDigits[] = {‘0’,’1’,’2’,’3’,’4’,’5’,’6’,’7’,’8’,’9’,
‘a’,’b’,’c’,’d’,’e’,’f’};
try {
MessageDigest mdTemp = MessageDigest.getInstance(“SHA1”);
mdTemp.update(str.getBytes(“UTF-8”));

      byte[] md = mdTemp.digest();
      int j = md.length;
      char buf[] = new char[j*2];
      int k = 0;
      for (int i = 0; i < j; i++) {
          byte byte0 = md[i];
          buf[k++] = hexDigits[byte0 >>> 4 & 0xf];
          buf[k++] = hexDigits[byte0 & 0xf];      
      }
      return new String(buf);
  } catch (Exception e) {
      // TODO: handle exception
      return null;
  }

}

}

下面是对上面的类的调用：
需要说明的是 session_key 我们目前没有做缓存，我直接传到前台了，存到前台缓存了，等有了缓存redis 再放到里面，直接拿出来，现在是通过前台得到的。

public void decodeUserInfo(HttpServletRequest request) {

    String encryptedData = request.getParameter("encryptedData");
    String iv = request.getParameter("iv");
    String sessionId = request.getParameter("rd_session");
    String signature = request.getParameter("signature");
    String rawData = request.getParameter("rawData");
    String session_key = request.getParameter("session_key"); 

    String sha1=rawData+session_key;
    String signature1 = AESUtil.getSha1(sha1);
    //进行签名认证
    if(signature.equals(signature1)){
        System.out.println("签名认证成功");  
    }else{
        return;
    }
      try {
          byte[] resultByte = AESUtil.instance.decrypt(Base64.decodeBase64(encryptedData), Base64.decodeBase64(session_key), Base64.decodeBase64(iv));
          if(null != resultByte && resultByte.length > 0){
          String userInfo = new String(resultByte, "UTF-8");
         JSONObject json = JSONObject.fromObject(userInfo); //将字符串{“id”：1}
         System.out.println(json); 
        }
      } catch (InvalidAlgorithmParameterException  e) {
        e.printStackTrace();
      } catch(UnsupportedEncodingException e){
          e.printStackTrace();
      }

}