//验证URL
// @param sMsgSignature: 签名串,对应URL参数的msg_signature
// @param sTimeStamp: 时间戳,对应URL参数的timestamp
// @param sNonce: 随机串,对应URL参数的nonce
// @param sEchoStr: 随机串,对应URL参数的echostr
// @param aes_key: 加密串
// @param sReplyEchoStr: 解密之后的echostr,当return返回0时有效
// @return:成功0,失败返回对应的错误码
public int VerifyURL(WXUnit unit, string sMsgSignature, string sTimeStamp, string sNonce, string sEchoStr, string aes_key, ref string sReplyEchoStr)
{
int ret = 0;
if (aes_key.Length != 43)
{
return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_IllegalAesKey);
}
ret = VerifySignature(unit.EVENT_TOKEN, sTimeStamp, sNonce, sEchoStr, sMsgSignature);
if (0 != ret)
{
return(ret);
}
sReplyEchoStr = "";
string cpid = "";
try
{
sReplyEchoStr = WXCryptography.AES_decrypt(sEchoStr, aes_key, ref cpid); //m_sCorpID);
}
catch (Exception)
{
sReplyEchoStr = "";
return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_DecryptAES_Error);
}
if (cpid != unit.APP_ID)
{
sReplyEchoStr = "";
return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_ValidateCorpid_Error);
}
return(0);
}
// 检验消息的真实性,并且获取解密后的明文
// @param sMsgSignature: 签名串,对应URL参数的msg_signature
// @param sTimeStamp: 时间戳,对应URL参数的timestamp
// @param sNonce: 随机串,对应URL参数的nonce
// @param sPostData: 密文,对应POST请求的数据
// @param aes_key: 加密串
// @param sMsg: 解密后的原文,当return返回0时有效
// @return: 成功0,失败返回对应的错误码
public int DecryptMsg(WXUnit unit, string sMsgSignature, string sTimeStamp, string sNonce, string sPostData, string aes_key, ref string sMsg)
{
if (aes_key.Length != 43)
{
return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_IllegalAesKey);
}
XmlDocument doc = new XmlDocument();
XmlNode root;
string sEncryptMsg;
try
{
doc.LoadXml(sPostData);
root = doc.FirstChild;
sEncryptMsg = root["Encrypt"].InnerText;
}
catch (Exception)
{
return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_ParseXml_Error);
}
//verify signature
int ret = 0;
ret = VerifySignature(unit.EVENT_TOKEN, sTimeStamp, sNonce, sEncryptMsg, sMsgSignature);
if (ret != 0)
{
return(ret);
}
//decrypt
string cpid = "";
try
{
sMsg = WXCryptography.AES_decrypt(sEncryptMsg, aes_key, ref cpid);
}
catch (FormatException)
{
sMsg = "";
return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_DecodeBase64_Error);
}
catch (Exception)
{
sMsg = "";
return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_DecryptAES_Error);
}
if (cpid != unit.APP_ID)
{
return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_ValidateCorpid_Error);
}
return(0);
}
//将企业号回复用户的消息加密打包
// @param sReplyMsg: 企业号待回复用户的消息,xml格式的字符串
// @param sTimeStamp: 时间戳,可以自己生成,也可以用URL参数的timestamp
// @param sNonce: 随机串,可以自己生成,也可以用URL参数的nonce
// @param aes_key: 加密串
// @param sEncryptMsg: 加密后的可以直接回复用户的密文,包括msg_signature, timestamp, nonce, encrypt的xml格式的字符串,
// 当return返回0时有效
// return:成功0,失败返回对应的错误码
public int EncryptMsg(WXUnit unit, string sReplyMsg, string sTimeStamp, string sNonce, string aes_key, ref string sEncryptMsg)
{
if (aes_key.Length != 43)
{
return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_IllegalAesKey);
}
string raw = "";
try
{
raw = WXCryptography.AES_encrypt(sReplyMsg, aes_key, unit.APP_ID);
}
catch (Exception)
{
return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_EncryptAES_Error);
}
string MsgSigature = "";
int ret = 0;
ret = GenarateSinature(unit.EVENT_TOKEN, sTimeStamp, sNonce, raw, ref MsgSigature);
if (0 != ret)
{
return(ret);
}
sEncryptMsg = "";
string EncryptLabelHead = "<Encrypt><![CDATA[";
string EncryptLabelTail = "]]></Encrypt>";
string MsgSigLabelHead = "<MsgSignature><![CDATA[";
string MsgSigLabelTail = "]]></MsgSignature>";
string TimeStampLabelHead = "<TimeStamp><![CDATA[";
string TimeStampLabelTail = "]]></TimeStamp>";
string NonceLabelHead = "<Nonce><![CDATA[";
string NonceLabelTail = "]]></Nonce>";
sEncryptMsg = sEncryptMsg + "<xml>" + EncryptLabelHead + raw + EncryptLabelTail;
sEncryptMsg = sEncryptMsg + MsgSigLabelHead + MsgSigature + MsgSigLabelTail;
sEncryptMsg = sEncryptMsg + TimeStampLabelHead + sTimeStamp + TimeStampLabelTail;
sEncryptMsg = sEncryptMsg + NonceLabelHead + sNonce + NonceLabelTail;
sEncryptMsg += "</xml>";
return(0);
}
