function secureSetStorage(key, data, secret) {
const encrypted = CryptoJS.AES.encrypt(JSON.stringify(data), secret).toString()
wx
.setStorageSync(key, encrypted)
}
function secureGetStorage(key, secret) {
const encrypted = wx.getStorageSync(key)
const decrypted = CryptoJS.AES.decrypt(encrypted, secret).toString(CryptoJS.enc.Utf8)
return JSON.parse(decrypted)
}
3.3 防篡改与防重放
请求签名机制:
1. 将请求参数按规则排序
2. 加上时间戳和nonce(随机字符串)
3. 使用密钥生成HMAC签名
4. 将签名和nonce放入请求头
javascript
复制
// 请求签名示例
function generateSignature(params, secretKey) {
const sortedParams = Object.keys(params).sort().map(k => `${k}=${params[k]}`).join('&')
const timestamp = Math.floor(Date.now() / 1000)
const nonce = Math.random().toString(36).substring(2, 10)
const stringToSign = `${sortedParams}×tamp=${timestamp}&nonce=${nonce}`
