微信小程序中,由於有些數據比較隱私(openid,手機號等),所以你請求微信對應的接口返回的數據是加密的,這就需要解密了,具體可以看https://developers.weixin.qq.com/miniprogram/dev/framework/open-ability/getPhoneNumber.html
而微信又沒有提供c#demo,所以在網上找了一下,總結出來:
首先要解密數據,需要幾個參數:①sessionKey ②encryptedData ③iv
sessionKey:在js頁面調用wx.login方法返回code然後通過後端請求
https://api.weixin.qq.com/sns/jscode2session?appid=APPID&secret=SECRET&js_code=JSCODE&grant_type=authorization_code
就會得到了。
encryptedData:微信返回的解密數據
iv:加密算法的初始向量
/// <summary>
/// WXBizDataCrypt 的摘要說明
/// 微信小程序解密類
/// </summary>
public class WXBizDataCrypt
{
private string _appid;
private string _sessionKey;
/// <summary>
///
/// </summary>
/// <param name="sessionKey">sessionKey用戶在小程序登錄後獲取的會話密鑰</param>
public WXBizDataCrypt(string sessionKey)
{
_appid = AppSettingUtil.AppSettings["appid"];
_sessionKey = sessionKey;
}
/// <summary>
/// 檢驗數據的真實性,並且獲取解密後的明文.
/// </summary>
/// <param name="encryptedData">加密的用戶數據</param>
/// <param name="iv">與用戶數據一同返回的初始向量</param>
/// <param name="data">解密後的原文</param>
/// <returns>成功0,失敗返回對應的錯誤碼</returns>
/**
* error code 說明.
* <ul>
* <li>-41001: encodingAesKey 非法</li>
* <li>-41003: aes 解密失敗</li>
* <li>-41004: 解密後得到的buffer非法</li>
* <li>-41005: base64加密失敗</li>
* <li>-41016: base64解密失敗</li>
* </ul>
*/
public int decryptData(string encryptedData, string iv, out string data)
{
data = string.Empty;
if (this._sessionKey.Length != 24)
{
return -41001;
}
if (iv.Length != 24)
{
return -41002;
}
try
{
data = AESDecrypt(encryptedData, this._sessionKey, iv);
}
catch (Exception ex)
{
return -41004;
}
return 0;
}
public static string AESDecrypt(string encryptedDatatxt, string AesKey, string AesIV)
{
try
{
byte[] encryptedData = Convert.FromBase64String(encryptedDatatxt);
RijndaelManaged rijndaelCipher = new RijndaelManaged();
rijndaelCipher.Key = Convert.FromBase64String(AesKey);
rijndaelCipher.IV = Convert.FromBase64String(AesIV);
rijndaelCipher.Mode = CipherMode.CBC;
rijndaelCipher.Padding = PaddingMode.PKCS7;
ICryptoTransform transform = rijndaelCipher.CreateDecryptor();
byte[] plainText = transform.TransformFinalBlock(encryptedData, 0, encryptedData.Length);
string result = Encoding.Default.GetString(plainText);
return result;
}
catch (Exception ex)
{
throw ex;
}
}
}
這個是c#的解密類,然後調用解密方法可以這樣:
new WXBizDataCrypt(session_key).decryptData(encryptedData, iv, out data);