Overview of the public platform message body signature and encryption and decryption solution

Overview of the public platform message body signature and encryption and decryption solution

Overview of the public platform message body signature and encryption and decryption solution

1. Added message body signature verification, which is used by public platforms and public accounts to verify the correctness of message bodies.

2. Encrypt general messages and event messages pushed to WeChat public accounts, as well as device messages pushed to device public accounts

3. Public accounts are also required to encrypt their responses to ciphertext messages

Developers should note that public accounts actively calling APIs will not be affected.

After enabling the encryption and decryption function (i.e. selecting compatible mode or safe mode), when the public platform server pushes messages to the public account server configuration address (which can be modified in the "Developer Center"), the URL will add two new parameters (encryption type and message body signature) to reflect the new function. The encryption algorithm uses AES. For the specific encryption and decryption process and solution, please refer to the access guide, technical solution and sample code.

In order to cooperate with the launch of the message encryption function and help developers adapt to the new features, the public platform provides three encryption and decryption modes for developers to choose from, namely plain text mode, compatible mode, and secure mode (you can select the corresponding mode in the "Developer Center"). Before selecting the compatible mode and secure mode, you need to fill in the message encryption and decryption key EncodingAESKey in the Developer Center.

Plain text mode: Maintain the existing mode, without adapting the new encryption and decryption features, the message body is sent and received in plain text, and the default setting is plain text mode

Compatibility mode: The content of messages sent by the public platform will include both plain text and cipher text, and the message packet length will be increased to about 3 times the original; public accounts can reply with plain text or cipher text, without affecting the existing message sending and receiving; developers can debug in this mode

Safe mode (recommended): The content of the message body sent by the public platform contains only ciphertext, and the message body of the public account reply is also ciphertext. It is recommended that developers use this mode to send and receive messages after successful debugging.

What is EncodingAESKey?

WeChat public platform uses AES symmetric encryption algorithm to encrypt the message body pushed to the public account, and EncodingAESKey is the secret key used for encryption. The public account uses this secret key to decrypt the received ciphertext message body, and also uses this secret key to encrypt the reply message body.

In addition, WeChat public platform provides developers with sample codes in five languages ​​(including C++, PHP, Java, Python and C# versions, ../static/assets/a5a22f38cb60228cb32ab61d9e4c414b.zip ). Developers are requested to refer to the access guide and developer FAQ to access the message body signature and encryption and decryption functions. If you are interested in technical implementation, you can refer to the technical solution.

<<:  Interface return code and alarm troubleshooting global return code

>>:  How to use sample code to access encryption and decryption and technical solutions

Recommend

iOS 18 is about to be released, get to know the new features first

The May Day holiday is approaching, which means i...

Case: How to use product thinking to carry out fission activities?

In the second half of the Internet , the user div...

9 key points for event planning!

In marketing operations, marketing activities, as...

What challenges do astronauts need to overcome to return to Earth?

Chinese astronauts Tang Hongbo, Tang Shengjie and...

In 2019, there are two modes of content operation!

All content production is the product of certain ...

Futures War Theory Zhou Dao Price-abandoning Trend Trading System

Futures War Theory Zhou Dao Price-abandoning Tren...

Insights into new marketing trends in 2022

2022 is getting closer and closer. Looking back a...

Why is Mount Everest growing? | Technology Weekly

Compiled by Zhou Shuyi and Wang Xiang If global w...