Overview of the public platform message body signature and encryption and decryption solution

Overview of the public platform message body signature and encryption and decryption solution

1. Added message body signature verification, which is used by public platforms and public accounts to verify the correctness of message bodies.

2. Encrypt general messages and event messages pushed to WeChat public accounts, as well as device messages pushed to device public accounts

3. Public accounts are also required to encrypt their responses to ciphertext messages

Developers should note that public accounts actively calling APIs will not be affected.

After enabling the encryption and decryption function (i.e. selecting compatible mode or safe mode), when the public platform server pushes messages to the public account server configuration address (which can be modified in the "Developer Center"), the URL will add two new parameters (encryption type and message body signature) to reflect the new function. The encryption algorithm uses AES. For the specific encryption and decryption process and solution, please refer to the access guide, technical solution and sample code.

In order to cooperate with the launch of the message encryption function and help developers adapt to the new features, the public platform provides three encryption and decryption modes for developers to choose from, namely plain text mode, compatible mode, and secure mode (you can select the corresponding mode in the "Developer Center"). Before selecting the compatible mode and secure mode, you need to fill in the message encryption and decryption key EncodingAESKey in the Developer Center.

Plain text mode: Maintain the existing mode, without adapting the new encryption and decryption features, the message body is sent and received in plain text, and the default setting is plain text mode

Compatibility mode: The content of messages sent by the public platform will include both plain text and cipher text, and the message packet length will be increased to about 3 times the original; public accounts can reply with plain text or cipher text, without affecting the existing message sending and receiving; developers can debug in this mode

Safe mode (recommended): The content of the message body sent by the public platform contains only ciphertext, and the message body of the public account reply is also ciphertext. It is recommended that developers use this mode to send and receive messages after successful debugging.

What is EncodingAESKey?

WeChat public platform uses AES symmetric encryption algorithm to encrypt the message body pushed to the public account, and EncodingAESKey is the secret key used for encryption. The public account uses this secret key to decrypt the received ciphertext message body, and also uses this secret key to encrypt the reply message body.

In addition, WeChat public platform provides developers with sample codes in five languages ​​(including C++, PHP, Java, Python and C# versions, ../static/assets/a5a22f38cb60228cb32ab61d9e4c414b.zip ). Developers are requested to refer to the access guide and developer FAQ to access the message body signature and encryption and decryption functions. If you are interested in technical implementation, you can refer to the technical solution.