对解密用户信息进行修复并通过线上测试

royalrick · Nov 6, 2019 · 98ef090 · 98ef090
1 parent a8614c0
commit 98ef090
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 3 deletions.
diff --git a/Readme.md b/Readme.md
@@ -142,7 +142,7 @@ go get -u github.com/medivhzhan/weapp/v2
 - [解密](#解密)
   - [解密手机号码](#解密手机号码) ✅
   - [解密分享内容](#解密分享内容)
-  - [解密用户信息](#解密用户信息)
+  - [解密用户信息](#解密用户信息) ✅
 
 ---
 

diff --git a/crypto.go b/crypto.go
@@ -47,11 +47,17 @@ func pkcs7decode(plaintext []byte) []byte {
 	return plaintext[:(ln - pad)]
 }
 
-//  对数据包进行签名校验，确保数据的完整性。
+// 对加密数据包进行签名校验，确保数据的完整性。
 func validateSignature(signature string, parts ...string) bool {
 	return signature == createSignature(parts...)
 }
 
+// 校验用户数据数据
+func validateUserInfo(signature, rawData, ssk string) bool {
+	raw := sha1.Sum([]byte(rawData + ssk))
+	return signature == hex.EncodeToString(raw[:])
+}
+
 // 拼凑签名
 func createSignature(parts ...string) string {
 	sort.Strings(parts)

diff --git a/decrypt.go b/decrypt.go
@@ -87,7 +87,7 @@ type UserInfo struct {
 // iv 加密算法的初始向量
 func DecryptUserInfo(sessionKey, rawData, encryptedData, signature, iv string) (*UserInfo, error) {
 
-	if ok := validateSignature(signature, rawData, sessionKey); !ok {
+	if ok := validateUserInfo(signature, rawData, sessionKey); !ok {
 		return nil, errors.New("failed to validate signature")
 	}