getUserInfo拿到的敏感信息是否可以在前端解密
为什么我getUserInfo的success回调里的res解密出来后是乱码呢?
我的base64和aes库测试过一般的字符串加密解密都是可以的?
求解答,谢谢!
打印结果:
部分代码如下:
wx.request({ url: 'https://api.weixin.qq.com/sns/jscode2session?appid=' + APPID + '&secret=' + SECRET + '&js_code=' + JSCODE + '&grant_type=authorization_code' , success(res) { console.log( 'jscode to session success: ' , res) var session_key = res.data.session_key wx.getUserInfo({ withCredentials: true , success(res) { console.log( 'getUserInfo success :' , res) var encryptedData = res.encryptedData var iv = res.iv var ciphertext = base64.decode(encryptedData) var aeskey = base64.decode(session_key) var aesiv = base64.decode(iv) var decryptedData = aes.Decrypt(ciphertext,aeskey,aesiv) console.log( 'res of wx.getUserInfo is:' , '\nencryptedData:\n' , encryptedData, '\nsession_key:\n' ,session_key, '\niv:\n' ,iv) console.log( 'after base64.decode,data is: (ciphertext,aeskey,aesiv)\n' ,ciphertext,aeskey,aesiv) console.log( 'after aes.Decrypt,result is' ,decryptedData) }, fail: res => { console.log( 'getUserInfo fail :' , res) } }) } }) } |