//验证URL // @param sMsgSignature: 签名串,对应URL参数的msg_signature // @param sTimeStamp: 时间戳,对应URL参数的timestamp // @param sNonce: 随机串,对应URL参数的nonce // @param sEchoStr: 随机串,对应URL参数的echostr // @param sReplyEchoStr: 解密之后的echostr,当return返回0时有效 // @return:成功0,失败返回对应的错误码 public int VerifyURL(string sMsgSignature, string sTimeStamp, string sNonce, string sEchoStr, ref string sReplyEchoStr) { int ret = 0; if (m_sEncodingAESKey.Length != 43) { return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_IllegalAesKey); } ret = VerifySignature(m_sToken, sTimeStamp, sNonce, sEchoStr, sMsgSignature); if (0 != ret) { return(ret); } sReplyEchoStr = ""; string cpid = ""; try { sReplyEchoStr = Cryptography.AES_decrypt(sEchoStr, m_sEncodingAESKey, ref cpid); //m_sReceiveId); } catch (Exception) { sReplyEchoStr = ""; return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_DecryptAES_Error); } if (cpid != m_sReceiveId) { sReplyEchoStr = ""; return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_ValidateCorpid_Error); } return(0); }
//public static WXBizMsgCrypt(string sToken, string sEncodingAESKey, string sAppID) //{ // m_sToken = sToken; // m_sAppID = sAppID; // m_sEncodingAESKey = sEncodingAESKey; //} // 检验消息的真实性,并且获取解密后的明文 // @param sMsgSignature: 签名串,对应URL参数的msg_signature // @param sTimeStamp: 时间戳,对应URL参数的timestamp // @param sNonce: 随机串,对应URL参数的nonce // @param sPostData: 密文,对应POST请求的数据 // @param sMsg: 解密后的原文,当return返回0时有效 // @return: 成功0,失败返回对应的错误码 public static int DecryptMsg(string sMsgSignature, string sTimeStamp, string sNonce, string sPostData, ref string sMsg) { if (m_sEncodingAESKey.Length != 43) { return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_IllegalAesKey); } XmlDocument doc = new XmlDocument(); XmlNode root; string sEncryptMsg = ""; try { if (!string.IsNullOrEmpty(sPostData)) { doc.LoadXml(sPostData); root = doc.FirstChild; sEncryptMsg = root["Encrypt"]?.InnerText; if (string.IsNullOrEmpty(sEncryptMsg)) { sMsg = sPostData; return(0); } } } catch (Exception) { return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_ParseXml_Error); } //verify signature int ret = 0; ret = VerifySignature(m_sToken, sTimeStamp, sNonce, sEncryptMsg, sMsgSignature); if (ret != 0) { return(ret); } //decrypt string cpid = ""; try { if (!string.IsNullOrEmpty(sEncryptMsg)) { sMsg = Cryptography.AES_decrypt(sEncryptMsg, m_sEncodingAESKey, ref cpid); } } catch (FormatException) { return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_DecodeBase64_Error); } catch (Exception) { return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_DecryptAES_Error); } if (!string.IsNullOrEmpty(sEncryptMsg) && cpid != m_sAppID) { return((int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_ValidateAppid_Error); } return(0); }
// 检验消息的真实性,并且获取解密后的明文 // @param sMsgSignature: 签名串,对应URL参数的msg_signature // @param sTimeStamp: 时间戳,对应URL参数的timestamp // @param sNonce: 随机串,对应URL参数的nonce // @param sPostData: 密文,对应POST请求的数据 // @param sMsg: 解密后的原文,当return返回0时有效 // @return: 成功0,失败返回对应的错误码 public static (string msg, int code) DecryptMsg(string encryptData, string aesKey) { if (aesKey.Length != 43) { return("", (int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_IllegalAesKey); } string cpid = ""; try { return(Cryptography.AES_decrypt(encryptData, aesKey, ref cpid), 0); } catch (FormatException) { return("", (int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_DecodeBase64_Error); } catch (Exception) { return("", (int)WXBizMsgCryptErrorCode.WXBizMsgCrypt_DecryptAES_Error); } }
//验证URL // @param sMsgSignature: 签名串,对应URL参数的msg_signature // @param sTimeStamp: 时间戳,对应URL参数的timestamp // @param sNonce: 随机串,对应URL参数的nonce // @param sEchoStr: 随机串,对应URL参数的echostr // @param sReplyEchoStr: 解密之后的echostr,当return返回0时有效 // @return:成功0,失败返回对应的错误码 public int VerifyURL(string sMsgSignature, string sTimeStamp, string sNonce, string sEchoStr, ref string sReplyEchoStr) { int ret = 0; ret = VerifySignature(m_sToken, sTimeStamp, sNonce, sEchoStr, sMsgSignature); if (0 != ret) { //return ret; } sReplyEchoStr = ""; try { sReplyEchoStr = Cryptography.AES_decrypt(sEchoStr, m_sEncodingAESKey, ref m_sCorpID); } catch (Exception) { return((int)err_code.ERR_AESDECRYPT_FAIL); } return(0); }
//获取解密后的明文 public string DecryptMsg(string sEncryptMsg) { string cpid = ""; return(Cryptography.AES_decrypt(sEncryptMsg, m_sEncodingAESKey, ref cpid)); }