JDK内置的签名算法不包含小程序需要的(对称解密使用的算法为 AES-128-CBC,数据采用PKCS#7填充),所以需要引用第三方jar。
compile group: ‘org.bouncycastle‘, name: ‘bcprov-jdk15on‘, version: ‘1.54‘
以下是具体的代码:
//自行在构造函数中赋值 String sessionKey; /** * AES-128-CBC解密 * 使用PKCS填充 * @param encryptedData * @param iv * @return * @throws Exception */ public String decryptAesPkcData(String encryptedData, String iv) throws Exception { //检查sessionKey的长度 if (this.sessionKey.length() != 24) { throw new AesException(AesException.IllegalAesKey); } //检查iv的长度 if (iv.length() != 24) { throw new AesException(AesException.IllegalAesKey); } byte[] aesKey = Base64.decodeBase64(this.sessionKey); byte[] aesIV = Base64.decodeBase64(iv); byte[] aesCipher = Base64.decodeBase64(encryptedData); Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding"); Key sKeySpec = new SecretKeySpec(aesKey, "AES"); AlgorithmParameters params = AlgorithmParameters.getInstance("AES"); params.init(new IvParameterSpec(aesIV)); cipher.init(Cipher.DECRYPT_MODE, sKeySpec, params); return new String(cipher.doFinal(aesCipher), "utf-8"); }