//验证URL
// @param sMsgSignature: 签名串,对应URL参数的msg_signature
// @param sTimeStamp: 时间戳,对应URL参数的timestamp
// @param sNonce: 随机串,对应URL参数的nonce
// @param sEchoStr: 随机串,对应URL参数的echostr
// @param sReplyEchoStr: 解密之后的echostr,当return返回0时有效
// @return:成功0,失败返回对应的错误码
public WeChatEncryptionErrorCode VerifyURL(string sMsgSignature, string sTimeStamp, string sNonce, string sEchoStr, ref string sReplyEchoStr)
{
WeChatEncryptionErrorCode ret = 0;
if (M_sEncodingAESKey.Length != 43)
{
return(WeChatEncryptionErrorCode.IllegalAesKey);
}
ret = VerifySignature(M_sToken, sTimeStamp, sNonce, sEchoStr, sMsgSignature);
if (0 != ret)
{
return(ret);
}
sReplyEchoStr = "";
string cpid = "";
try
{
sReplyEchoStr = WeChatCryptography.AES_decrypt(sEchoStr, M_sEncodingAESKey, ref cpid); //m_sCorpID);
}
catch (Exception)
{
sReplyEchoStr = "";
return(WeChatEncryptionErrorCode.DecryptAES_Error);
}
if (cpid != M_sCorpID)
{
sReplyEchoStr = "";
return(WeChatEncryptionErrorCode.ValidateCorpid_Error);
}
return(0);
}
//将企业号回复用户的消息加密打包
// @param sReplyMsg: 企业号待回复用户的消息,xml格式的字符串
// @param sTimeStamp: 时间戳,可以自己生成,也可以用URL参数的timestamp
// @param sNonce: 随机串,可以自己生成,也可以用URL参数的nonce
// @param sEncryptMsg: 加密后的可以直接回复用户的密文,包括msg_signature, timestamp, nonce, encrypt的xml格式的字符串,
// 当return返回0时有效
// return:成功0,失败返回对应的错误码
public WeChatEncryptionErrorCode EncryptMsg(string sReplyMsg, string sTimeStamp, string sNonce, ref string sEncryptdeXMLMsg)
{
if (M_sEncodingAESKey.Length != 43)
{
return(WeChatEncryptionErrorCode.IllegalAesKey);
}
string raw = "";
try
{
raw = WeChatCryptography.AES_encrypt(sReplyMsg, M_sEncodingAESKey, M_sCorpID);
}
catch (Exception)
{
return(WeChatEncryptionErrorCode.EncryptAES_Error);
}
string MsgSigature = "";
WeChatEncryptionErrorCode ret = 0;
ret = GenarateSinature(M_sToken, sTimeStamp, sNonce, raw, ref MsgSigature);
if (ret != WeChatEncryptionErrorCode.OK)
{
return(ret);
}
sEncryptdeXMLMsg = "";
sEncryptdeXMLMsg = sEncryptdeXMLMsg + "<xml><Encrypt><![CDATA[" + raw + "]]></Encrypt>";
sEncryptdeXMLMsg = sEncryptdeXMLMsg + "<MsgSignature><![CDATA[" + MsgSigature + "]]></MsgSignature>";
sEncryptdeXMLMsg = sEncryptdeXMLMsg + "<TimeStamp><![CDATA[" + sTimeStamp + "]]></TimeStamp>";
sEncryptdeXMLMsg = sEncryptdeXMLMsg + "<Nonce><![CDATA[" + sNonce + "]]></Nonce>";
sEncryptdeXMLMsg += "</xml>";
return(0);
}
public void Get(string msg_signature, string timestamp, string nonce, string echostr)
{
WeChatEncryptionErrorCode ret = 0;
string sEchoStr = "";
ret = WeChatHelper.WeChatEncryptor.VerifyURL(msg_signature, timestamp, nonce, echostr, ref sEchoStr);
if (ret != 0)
{
return;
}
Response.WriteAsync(sEchoStr);
}
//Verify Signature
private static WeChatEncryptionErrorCode VerifySignature(string sToken, string sTimeStamp, string sNonce, string sMsgEncrypt, string sSigture)
{
string hash = "";
WeChatEncryptionErrorCode ret = 0;
ret = GenarateSinature(sToken, sTimeStamp, sNonce, sMsgEncrypt, ref hash);
return(ret != 0
? ret
: hash == sSigture
? 0
: WeChatEncryptionErrorCode.ValidateSignature_Error);
}
// 检验消息的真实性,并且获取解密后的明文
// @param sMsgSignature: 签名串,对应URL参数的msg_signature
// @param sTimeStamp: 时间戳,对应URL参数的timestamp
// @param sNonce: 随机串,对应URL参数的nonce
// @param sPostData: 密文,对应POST请求的数据
// @param sMsg: 解密后的原文,当return返回0时有效
// @return: 成功0,失败返回对应的错误码
public WeChatEncryptionErrorCode DecryptMsg(string sMsgSignature, string sTimeStamp, string sNonce, string sPostData, ref string sMsg)
{
if (M_sEncodingAESKey.Length != 43)
{
return(WeChatEncryptionErrorCode.IllegalAesKey);
}
XmlDocument doc = new XmlDocument();
XmlNode root;
string sEncryptMsg;
try
{
doc.LoadXml(sPostData);
root = doc.FirstChild;
sEncryptMsg = root["Encrypt"].InnerText;
}
catch (Exception)
{
return(WeChatEncryptionErrorCode.ParseXml_Error);
}
//verify signature
WeChatEncryptionErrorCode ret = 0;
ret = VerifySignature(M_sToken, sTimeStamp, sNonce, sEncryptMsg, sMsgSignature);
if (ret != 0)
{
return(ret);
}
//decrypt
string cpid = "";
try
{
sMsg = WeChatCryptography.AES_decrypt(sEncryptMsg, M_sEncodingAESKey, ref cpid);
}
catch (FormatException)
{
sMsg = "";
return(WeChatEncryptionErrorCode.DecodeBase64_Error);
}
catch (Exception)
{
sMsg = "";
return(WeChatEncryptionErrorCode.DecryptAES_Error);
}
return(cpid != M_sCorpID ? WeChatEncryptionErrorCode.ValidateCorpid_Error : 0);
}
public void POST(string msg_signature, string timestamp, string nonce)
{
MemoryStream ms = new MemoryStream();
Request.Body.CopyTo(ms);
string XML_Message = "";
string _message = Encoding.UTF8.GetString(ms.ToArray());
WeChatEncryptionErrorCode ret = WeChatHelper.WeChatEncryptor.DecryptMsg(msg_signature, timestamp, nonce, _message, ref XML_Message);
if (ret != WeChatEncryptionErrorCode.OK)
{
Response.StatusCode = 500;
L.E("WeChat Message Decrypt Failed!! " + _message);
Response.WriteAsync("");
return;
}
WeChatMessageSystem.AddToRecvList(new WeChatRcvdMessage(XML_Message, DateTime.Now));
string outMessage = "";
WeChatEncryptionErrorCode _ = WeChatHelper.WeChatEncryptor.EncryptMsg(XConfig.Messages["WeChatMessageProcessing"], timestamp, nonce, ref outMessage);
Response.StatusCode = 200;
Response.WriteAsync(outMessage);
}
