From 5b092d7b380048145e452a1d0f5957967aab7166 Mon Sep 17 00:00:00 2001 From: hobby Date: Thu, 29 Dec 2022 17:09:17 +0800 Subject: [PATCH] add verifyUrl --- WXBizMsgCrypt.php | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/WXBizMsgCrypt.php b/WXBizMsgCrypt.php index 4d30f3b..0b48855 100644 --- a/WXBizMsgCrypt.php +++ b/WXBizMsgCrypt.php @@ -23,7 +23,44 @@ public function __construct($token, $encodingAesKey, $appId) $this->encodingAesKey = $encodingAesKey; $this->appId = $appId; } + /* + *验证URL + *@param sMsgSignature: 签名串,对应URL参数的msg_signature + *@param sTimeStamp: 时间戳,对应URL参数的timestamp + *@param sNonce: 随机串,对应URL参数的nonce + *@param sEchoStr: 随机串,对应URL参数的echostr + *@param sReplyEchoStr: 解密之后的echostr,当return返回0时有效 + *@return:成功0,失败返回对应的错误码 + */ + public function VerifyURL($sMsgSignature, $sTimeStamp, $sNonce, $sEchoStr, &$sReplyEchoStr) + { + if (strlen($this->m_sEncodingAesKey) != 43) { + return ErrorCode::$IllegalAesKey; + } + + $pc = new Prpcrypt($this->m_sEncodingAesKey); + //verify msg_signature + $sha1 = new SHA1; + $array = $sha1->getSHA1($this->m_sToken, $sTimeStamp, $sNonce, $sEchoStr); + $ret = $array[0]; + + if ($ret != 0) { + return $ret; + } + $signature = $array[1]; + if ($signature != $sMsgSignature) { + return ErrorCode::$ValidateSignatureError; + } + + $result = $pc->decrypt($sEchoStr, $this->m_sReceiveId); + if ($result[0] != 0) { + return $result[0]; + } + $sReplyEchoStr = $result[1]; + + return ErrorCode::$OK; + } /** * 将公众平台回复用户的消息加密打包. *