Skip to content

sdk0.2.16 NotificationParser解密时报错Empty key #220

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
alv002 opened this issue Feb 22, 2025 · 3 comments
Open

sdk0.2.16 NotificationParser解密时报错Empty key #220

alv002 opened this issue Feb 22, 2025 · 3 comments

Comments

@alv002
Copy link

alv002 commented Feb 22, 2025
edited
Loading

报错信息
Caused by: java.lang.IllegalArgumentException: Empty key
at javax.crypto.spec.SecretKeySpec. (SecretKeySpec.java:99)
at com.wechat.pay.java.core.cipher.AbstractAeadCipher.decrypt (AbstractAeadCipher.java:71)
at com.wechat.pay.java.core.notification.NotificationParser.decryptData (NotificationParser.java:154)
at com.wechat.pay.java.core.notification.NotificationParser.getDecryptObject (NotificationParser.java:110)
at com.wechat.pay.java.core.notification.NotificationParser.parse (NotificationParser.java:50)
at com.fish.pay.common.wechat.WeChatPayment.paySuccessCheck (WeChatPayment.java:178)
at com.fish.api.server.controller.api.ApiPayController.renotify (ApiPayController.java:130)
at com.fish.api.server.controller.api.ApiPayController$$FastClassBySpringCGLIB$$e2e58982.invoke ()
@alv002
Copy link
Author

alv002 commented Feb 22, 2025
edited
Loading

获取body片段,使用的issue里另一位提供的,试过网上多种getbody的代码

private String getRequestBody(HttpServletRequest request) {
        BufferedReader br = null;
        try {
            StringBuilder result = new StringBuilder();
            br = request.getReader();
            for (String line; (line = br.readLine()) != null; ) {
                if (result.length() > 0) {
                    result.append("\n");
                }
                result.append(line);
            }
            return result.toString();
        } catch (IOException e) {
            throw new RuntimeException(e);
        } finally {
            if (br != null) {
                try {
                    br.close();
                } catch (IOException e) {
                    e.printStackTrace();
                }
            }
        }

这是另一个

private String getRequestBody(HttpServletRequest request) {
        String body;
        try (ServletInputStream inputStream = request.getInputStream()
        ) {
            ByteArrayOutputStream result = new ByteArrayOutputStream();
            byte[] buffer = new byte[1024];
            for (int length; (length = inputStream.read(buffer)) != -1; ) {
                result.write(buffer, 0, length);
            }
            body = result.toString();
        } catch (IOException e) {
            throw new RuntimeException(e);
        }
        return body;
    }

两种都是一致的报错。

@alv002 alv002 closed this as completed Feb 22, 2025
@alv002 alv002 reopened this Feb 22, 2025
@alv002
Copy link
Author

alv002 commented Feb 22, 2025
edited
Loading

这是获取微信端回调的方式。

// 从请求头中获取信息
        String timestamp                        = request.getHeader("Wechatpay-Timestamp");
        String nonce                            = request.getHeader("Wechatpay-Nonce");
        String signature                        = request.getHeader("Wechatpay-Signature");
        String singType                         = request.getHeader("Wechatpay-Signature-Type");
        String wechatPayCertificateSerialNumber = request.getHeader("Wechatpay-Serial");

        String requestBody = getRequestBody(request);

        // 构造 RequestParam
        RequestParam requestParam = new RequestParam.Builder()
                .serialNumber(wechatPayCertificateSerialNumber)
                .nonce(nonce)
                .signature(signature)
                .signType(singType)
                .timestamp(timestamp)
                .body(requestBody)
                .build();

由于微信小程序时2025年之后开的,使用sdk为0.2.16,所以都是使用RSAPublicKey 获取的config

@alv002
Copy link
Author

alv002 commented Feb 22, 2025

java版本1.8.400+,环境为花生壳内网穿透。 body内容
{"id":"a26a97b4-d3a9-53cb-8835-7c0508e14fd5","create_time":"2025-02-22T19:17:11+08:00","resource_type":"encrypt-resource","event_type":"TRANSACTION.SUCCESS","summary":"支付成功","resource":{"original_type":"transaction","algorithm":"AEAD_AES_256_GCM","ciphertext":"4u0KHxGb4sA1LnGOQxNIleXuGsL/bcuDWMONMox18M0tyol6oe5tXOJBYHqj7BU2H7YKzz7dhv87pcCeCPZi1wZ2VO83k93Va0vkVZRQ2nIEQshYBXnJ97cUJSqra0+UDSxoYIHn41Rqy8C+U3K9gVhAeSJlOkfXFRhj2SzPCJCcY6780VLuhVldCFjM/dPXqgfXp1YUWMw9dx/jw+mlbr4bPBWEdwBDjhjkkWdgYeh/okHDoX3J7GlOJfuYjSdvXrN/xskKtb/uVeDwY1tpTUGJr2WP+DWk3JlUtdHcyfJ8l+mizeeDnDzulDMY4LrjQqP5bQTkJ/BubLsQyUmTBEO/td61THSxu43ATD4zvSg2vWaq7hEM30MW9lCQCNvrV1VNvpM+hMjD3xAkntkByxqExgC7xLssRLLjnjXtOszmSw23jEwthiC36zSMdoxqW0F5by+LOWnfr8lTQx/XBdRPNxUqn0Db2dRwdBQqbmg9CcUDTUH7WB+RMw+tH3xljwRzap1cbq2BGP4y7L2n1QPDesrmRh5fsQMmR+xn58Yq618iKe1AThxxWuL4j8hX6fs=","associated_data":"transaction","nonce":"kk7cv1zVbia8"}}

@alv002 alv002 changed the title NotificationParser解密时报错Empty key sdk0.2.16 NotificationParser解密时报错Empty key Feb 22, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@alv002