//验证URL // @param sMsgSignature: 签名串,对应URL参数的msg_signature // @param sTimeStamp: 时间戳,对应URL参数的timestamp // @param sNonce: 随机串,对应URL参数的nonce // @param sEchoStr: 随机串,对应URL参数的echostr // @param sReplyEchoStr: 解密之后的echostr,当return返回0时有效 // @return:成功0,失败返回对应的错误码 public WeChatEncryptionErrorCode VerifyURL(string sMsgSignature, string sTimeStamp, string sNonce, string sEchoStr, ref string sReplyEchoStr) { WeChatEncryptionErrorCode ret = 0; if (M_sEncodingAESKey.Length != 43) { return(WeChatEncryptionErrorCode.IllegalAesKey); } ret = VerifySignature(M_sToken, sTimeStamp, sNonce, sEchoStr, sMsgSignature); if (0 != ret) { return(ret); } sReplyEchoStr = ""; string cpid = ""; try { sReplyEchoStr = WeChatCryptography.AES_decrypt(sEchoStr, M_sEncodingAESKey, ref cpid); //m_sCorpID); } catch (Exception) { sReplyEchoStr = ""; return(WeChatEncryptionErrorCode.DecryptAES_Error); } if (cpid != M_sCorpID) { sReplyEchoStr = ""; return(WeChatEncryptionErrorCode.ValidateCorpid_Error); } return(0); }
//将企业号回复用户的消息加密打包 // @param sReplyMsg: 企业号待回复用户的消息,xml格式的字符串 // @param sTimeStamp: 时间戳,可以自己生成,也可以用URL参数的timestamp // @param sNonce: 随机串,可以自己生成,也可以用URL参数的nonce // @param sEncryptMsg: 加密后的可以直接回复用户的密文,包括msg_signature, timestamp, nonce, encrypt的xml格式的字符串, // 当return返回0时有效 // return:成功0,失败返回对应的错误码 public WeChatEncryptionErrorCode EncryptMsg(string sReplyMsg, string sTimeStamp, string sNonce, ref string sEncryptdeXMLMsg) { if (M_sEncodingAESKey.Length != 43) { return(WeChatEncryptionErrorCode.IllegalAesKey); } string raw = ""; try { raw = WeChatCryptography.AES_encrypt(sReplyMsg, M_sEncodingAESKey, M_sCorpID); } catch (Exception) { return(WeChatEncryptionErrorCode.EncryptAES_Error); } string MsgSigature = ""; WeChatEncryptionErrorCode ret = 0; ret = GenarateSinature(M_sToken, sTimeStamp, sNonce, raw, ref MsgSigature); if (ret != WeChatEncryptionErrorCode.OK) { return(ret); } sEncryptdeXMLMsg = ""; sEncryptdeXMLMsg = sEncryptdeXMLMsg + "<xml><Encrypt><![CDATA[" + raw + "]]></Encrypt>"; sEncryptdeXMLMsg = sEncryptdeXMLMsg + "<MsgSignature><![CDATA[" + MsgSigature + "]]></MsgSignature>"; sEncryptdeXMLMsg = sEncryptdeXMLMsg + "<TimeStamp><![CDATA[" + sTimeStamp + "]]></TimeStamp>"; sEncryptdeXMLMsg = sEncryptdeXMLMsg + "<Nonce><![CDATA[" + sNonce + "]]></Nonce>"; sEncryptdeXMLMsg += "</xml>"; return(0); }
public void Get(string msg_signature, string timestamp, string nonce, string echostr) { WeChatEncryptionErrorCode ret = 0; string sEchoStr = ""; ret = WeChatHelper.WeChatEncryptor.VerifyURL(msg_signature, timestamp, nonce, echostr, ref sEchoStr); if (ret != 0) { return; } Response.WriteAsync(sEchoStr); }
//Verify Signature private static WeChatEncryptionErrorCode VerifySignature(string sToken, string sTimeStamp, string sNonce, string sMsgEncrypt, string sSigture) { string hash = ""; WeChatEncryptionErrorCode ret = 0; ret = GenarateSinature(sToken, sTimeStamp, sNonce, sMsgEncrypt, ref hash); return(ret != 0 ? ret : hash == sSigture ? 0 : WeChatEncryptionErrorCode.ValidateSignature_Error); }
// 检验消息的真实性,并且获取解密后的明文 // @param sMsgSignature: 签名串,对应URL参数的msg_signature // @param sTimeStamp: 时间戳,对应URL参数的timestamp // @param sNonce: 随机串,对应URL参数的nonce // @param sPostData: 密文,对应POST请求的数据 // @param sMsg: 解密后的原文,当return返回0时有效 // @return: 成功0,失败返回对应的错误码 public WeChatEncryptionErrorCode DecryptMsg(string sMsgSignature, string sTimeStamp, string sNonce, string sPostData, ref string sMsg) { if (M_sEncodingAESKey.Length != 43) { return(WeChatEncryptionErrorCode.IllegalAesKey); } XmlDocument doc = new XmlDocument(); XmlNode root; string sEncryptMsg; try { doc.LoadXml(sPostData); root = doc.FirstChild; sEncryptMsg = root["Encrypt"].InnerText; } catch (Exception) { return(WeChatEncryptionErrorCode.ParseXml_Error); } //verify signature WeChatEncryptionErrorCode ret = 0; ret = VerifySignature(M_sToken, sTimeStamp, sNonce, sEncryptMsg, sMsgSignature); if (ret != 0) { return(ret); } //decrypt string cpid = ""; try { sMsg = WeChatCryptography.AES_decrypt(sEncryptMsg, M_sEncodingAESKey, ref cpid); } catch (FormatException) { sMsg = ""; return(WeChatEncryptionErrorCode.DecodeBase64_Error); } catch (Exception) { sMsg = ""; return(WeChatEncryptionErrorCode.DecryptAES_Error); } return(cpid != M_sCorpID ? WeChatEncryptionErrorCode.ValidateCorpid_Error : 0); }
public void POST(string msg_signature, string timestamp, string nonce) { MemoryStream ms = new MemoryStream(); Request.Body.CopyTo(ms); string XML_Message = ""; string _message = Encoding.UTF8.GetString(ms.ToArray()); WeChatEncryptionErrorCode ret = WeChatHelper.WeChatEncryptor.DecryptMsg(msg_signature, timestamp, nonce, _message, ref XML_Message); if (ret != WeChatEncryptionErrorCode.OK) { Response.StatusCode = 500; L.E("WeChat Message Decrypt Failed!! " + _message); Response.WriteAsync(""); return; } WeChatMessageSystem.AddToRecvList(new WeChatRcvdMessage(XML_Message, DateTime.Now)); string outMessage = ""; WeChatEncryptionErrorCode _ = WeChatHelper.WeChatEncryptor.EncryptMsg(XConfig.Messages["WeChatMessageProcessing"], timestamp, nonce, ref outMessage); Response.StatusCode = 200; Response.WriteAsync(outMessage); }