Overview of the public platform message body signature and encryption and decryption solution

Overview of the public platform message body signature and encryption and decryption solution

Overview of the public platform message body signature and encryption and decryption solution

1. Added message body signature verification, which is used by public platforms and public accounts to verify the correctness of message bodies.

2. Encrypt general messages and event messages pushed to WeChat public accounts, as well as device messages pushed to device public accounts

3. Public accounts are also required to encrypt their responses to ciphertext messages

Developers should note that public accounts actively calling APIs will not be affected.

After enabling the encryption and decryption function (i.e. selecting compatible mode or safe mode), when the public platform server pushes messages to the public account server configuration address (which can be modified in the "Developer Center"), the URL will add two new parameters (encryption type and message body signature) to reflect the new function. The encryption algorithm uses AES. For the specific encryption and decryption process and solution, please refer to the access guide, technical solution and sample code.

In order to cooperate with the launch of the message encryption function and help developers adapt to the new features, the public platform provides three encryption and decryption modes for developers to choose from, namely plain text mode, compatible mode, and secure mode (you can select the corresponding mode in the "Developer Center"). Before selecting the compatible mode and secure mode, you need to fill in the message encryption and decryption key EncodingAESKey in the Developer Center.

Plain text mode: Maintain the existing mode, without adapting the new encryption and decryption features, the message body is sent and received in plain text, and the default setting is plain text mode

Compatibility mode: The content of messages sent by the public platform will include both plain text and cipher text, and the message packet length will be increased to about 3 times the original; public accounts can reply with plain text or cipher text, without affecting the existing message sending and receiving; developers can debug in this mode

Safe mode (recommended): The content of the message body sent by the public platform contains only ciphertext, and the message body of the public account reply is also ciphertext. It is recommended that developers use this mode to send and receive messages after successful debugging.

What is EncodingAESKey?

WeChat public platform uses AES symmetric encryption algorithm to encrypt the message body pushed to the public account, and EncodingAESKey is the secret key used for encryption. The public account uses this secret key to decrypt the received ciphertext message body, and also uses this secret key to encrypt the reply message body.

In addition, WeChat public platform provides developers with sample codes in five languages ​​(including C++, PHP, Java, Python and C# versions, ../static/assets/a5a22f38cb60228cb32ab61d9e4c414b.zip ). Developers are requested to refer to the access guide and developer FAQ to access the message body signature and encryption and decryption functions. If you are interested in technical implementation, you can refer to the technical solution.

<<:  Interface return code and alarm troubleshooting global return code

>>:  How to use sample code to access encryption and decryption and technical solutions

Recommend

Top 10 Core Data tools and open source libraries loved by developers

Core Data is a great choice for storing and query...

AI can read people's minds! How long can you keep your little secrets secret?

Audit expert: Zheng Yuanpan Professor of Zhengzho...

Meandering: The Yellow River's posture in Sichuan

A meander, also known as a river bend or a snake-...

How did the Earth survive? Scientists have found new clues

The Earth is the only celestial body in the unive...

Keep operation strategy and gain 170 million users in 4 years!

Recently, keep became popular again with its new ...

Using the Internet+ skillfully, a small singer can also become a big star

Before the Internet became popular, it was hard t...

The first mistake 90% of marketers make when planning...

At any given moment in any business, there are on...

Really understand AE expressions from scratch

Really understand AE expression resources from scr...