def encrypt_msg(timestamp, nonce, signature, config, replyDict):
''' encrypt msg for sending to wechat
* use AES_CBC encryption
* return a string ready for sending
* as in construct_msg, string in replyDict should be unicode
'''
text = construct_msg(replyDict).encode('utf8')
text = os.urandom(16) + struct.pack('>I', len(text)) +\
text + config.appId.encode('utf8')
paddingAmount = 32 - (len(text) % 32)
text += chr(paddingAmount).encode('utf8') * paddingAmount
text = aes_encode(config._encodingAesKey, text)
# Encrypt generated
s = [i.encode('utf8') for i in (timestamp, nonce, config.token)]
s += [text]; s.sort(); s = b''.join(s)
# Signature generated
return construct_msg({
'FromUserName': replyDict['FromUserName'],
'ToUserName': replyDict['ToUserName'],
'MsgType': ENCRYPT,
'Encrypt': text.decode('utf8'),
'MsgSignature': hashlib.sha1(s).hexdigest(),
'TimeStamp': timestamp,
'Nonce': nonce,
}, )
def encrypt_msg(timestamp, nonce, signature, config, replyDict):
''' encrypt msg for sending to wechat
* use AES_CBC encryption
* return a string ready for sending
* as in construct_msg, string in replyDict should be unicode
'''
text = construct_msg(replyDict).encode('utf8')
text = os.urandom(16) + struct.pack('>I', len(text)) +\
text + config.appId.encode('utf8')
paddingAmount = 32 - (len(text) % 32)
text += chr(paddingAmount).encode('utf8') * paddingAmount
text = aes_encode(config._encodingAesKey, text)
# Encrypt generated
s = [i.encode('utf8') for i in (timestamp, nonce, config.token)]
s += [text]; s.sort(); s = b''.join(s)
# Signature generated
return construct_msg({
'FromUserName': replyDict['FromUserName'],
'ToUserName': replyDict['ToUserName'],
'MsgType': ENCRYPT,
'Encrypt': text.decode('utf8'),
'MsgSignature': hashlib.sha1(s).hexdigest(),
'TimeStamp': timestamp,
'Nonce': nonce,
}, )
def verify_reply(core, tns, reply, msgDict, isActualEncrypt):
reply = reply_msg_format(reply)
if reply:
if reply.get('MsgType') in OUTCOME_MSG:
reply['ToUserName'] = msgDict['FromUserName']
reply['FromUserName'] = msgDict['ToUserName']
if 'FileDir' in reply and reply['MsgType'] != TEXT:
r = core.upload(reply['MsgType'], reply['FileDir'])
if not r:
logger.warning(r)
return None, None
else:
reply['MediaId'] = r['media_id']
if core.config.encryptMode == SAFE and isActualEncrypt:
return encrypt_msg(*(tns + [core.config, reply])), reply
else:
return construct_msg(reply), reply
else:
logger.warning('Reply is invalid: unknown MsgType')
else:
logger.warning('Reply is invalid: %s' % reply.get('errmsg'))
return None, None
def verify_reply(core, tns, reply, msgDict, isActualEncrypt):
reply = reply_msg_format(reply)
if reply:
if reply.get('MsgType') in OUTCOME_MSG:
reply['ToUserName'] = msgDict['FromUserName']
reply['FromUserName'] = msgDict['ToUserName']
if 'FileDir' in reply and reply['MsgType'] != TEXT:
r = core.upload(reply['MsgType'], reply['FileDir'])
if not r:
logger.warning(r); return None, None
else:
reply['MediaId'] = r['media_id']
if core.config.encryptMode == SAFE and isActualEncrypt:
return encrypt_msg(*(tns +
[core.config, reply])), reply
else:
return construct_msg(reply), reply
else:
logger.warning('Reply is invalid: unknown MsgType')
else:
logger.warning('Reply is invalid: %s' % reply.get('errmsg'))
return None, None
