//验证URL // @param sMsgSignature: 签名串,对应URL参数的msg_signature // @param sTimeStamp: 时间戳,对应URL参数的timestamp // @param sNonce: 随机串,对应URL参数的nonce // @param sEchoStr: 随机串,对应URL参数的echostr // @param aes_key: 加密串 // @param sReplyEchoStr: 解密之后的echostr,当return返回0时有效 // @return:成功0,失败返回对应的错误码 public int VerifyURL(WXUnit unit, string sMsgSignature, string sTimeStamp, string sNonce, string sEchoStr, string aes_key, ref string sReplyEchoStr) { int ret = 0; if (aes_key.Length != 43) { return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_IllegalAesKey); } ret = VerifySignature(unit.EVENT_TOKEN, sTimeStamp, sNonce, sEchoStr, sMsgSignature); if (0 != ret) { return(ret); } sReplyEchoStr = ""; string cpid = ""; try { sReplyEchoStr = WXCryptography.AES_decrypt(sEchoStr, aes_key, ref cpid); //m_sCorpID); } catch (Exception) { sReplyEchoStr = ""; return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_DecryptAES_Error); } if (cpid != unit.APP_ID) { sReplyEchoStr = ""; return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_ValidateCorpid_Error); } return(0); }
// 检验消息的真实性,并且获取解密后的明文 // @param sMsgSignature: 签名串,对应URL参数的msg_signature // @param sTimeStamp: 时间戳,对应URL参数的timestamp // @param sNonce: 随机串,对应URL参数的nonce // @param sPostData: 密文,对应POST请求的数据 // @param aes_key: 加密串 // @param sMsg: 解密后的原文,当return返回0时有效 // @return: 成功0,失败返回对应的错误码 public int DecryptMsg(WXUnit unit, string sMsgSignature, string sTimeStamp, string sNonce, string sPostData, string aes_key, ref string sMsg) { if (aes_key.Length != 43) { return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_IllegalAesKey); } XmlDocument doc = new XmlDocument(); XmlNode root; string sEncryptMsg; try { doc.LoadXml(sPostData); root = doc.FirstChild; sEncryptMsg = root["Encrypt"].InnerText; } catch (Exception) { return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_ParseXml_Error); } //verify signature int ret = 0; ret = VerifySignature(unit.EVENT_TOKEN, sTimeStamp, sNonce, sEncryptMsg, sMsgSignature); if (ret != 0) { return(ret); } //decrypt string cpid = ""; try { sMsg = WXCryptography.AES_decrypt(sEncryptMsg, aes_key, ref cpid); } catch (FormatException) { sMsg = ""; return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_DecodeBase64_Error); } catch (Exception) { sMsg = ""; return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_DecryptAES_Error); } if (cpid != unit.APP_ID) { return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_ValidateCorpid_Error); } return(0); }
//将企业号回复用户的消息加密打包 // @param sReplyMsg: 企业号待回复用户的消息,xml格式的字符串 // @param sTimeStamp: 时间戳,可以自己生成,也可以用URL参数的timestamp // @param sNonce: 随机串,可以自己生成,也可以用URL参数的nonce // @param aes_key: 加密串 // @param sEncryptMsg: 加密后的可以直接回复用户的密文,包括msg_signature, timestamp, nonce, encrypt的xml格式的字符串, // 当return返回0时有效 // return:成功0,失败返回对应的错误码 public int EncryptMsg(WXUnit unit, string sReplyMsg, string sTimeStamp, string sNonce, string aes_key, ref string sEncryptMsg) { if (aes_key.Length != 43) { return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_IllegalAesKey); } string raw = ""; try { raw = WXCryptography.AES_encrypt(sReplyMsg, aes_key, unit.APP_ID); } catch (Exception) { return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_EncryptAES_Error); } string MsgSigature = ""; int ret = 0; ret = GenarateSinature(unit.EVENT_TOKEN, sTimeStamp, sNonce, raw, ref MsgSigature); if (0 != ret) { return(ret); } sEncryptMsg = ""; string EncryptLabelHead = "<Encrypt><![CDATA["; string EncryptLabelTail = "]]></Encrypt>"; string MsgSigLabelHead = "<MsgSignature><![CDATA["; string MsgSigLabelTail = "]]></MsgSignature>"; string TimeStampLabelHead = "<TimeStamp><![CDATA["; string TimeStampLabelTail = "]]></TimeStamp>"; string NonceLabelHead = "<Nonce><![CDATA["; string NonceLabelTail = "]]></Nonce>"; sEncryptMsg = sEncryptMsg + "<xml>" + EncryptLabelHead + raw + EncryptLabelTail; sEncryptMsg = sEncryptMsg + MsgSigLabelHead + MsgSigature + MsgSigLabelTail; sEncryptMsg = sEncryptMsg + TimeStampLabelHead + sTimeStamp + TimeStampLabelTail; sEncryptMsg = sEncryptMsg + NonceLabelHead + sNonce + NonceLabelTail; sEncryptMsg += "</xml>"; return(0); }