def encrypt_msg(timestamp, nonce, signature, config, replyDict): ''' encrypt msg for sending to wechat * use AES_CBC encryption * return a string ready for sending * as in construct_msg, string in replyDict should be unicode ''' text = construct_msg(replyDict).encode('utf8') text = os.urandom(16) + struct.pack('>I', len(text)) +\ text + config.appId.encode('utf8') paddingAmount = 32 - (len(text) % 32) text += chr(paddingAmount).encode('utf8') * paddingAmount text = aes_encode(config._encodingAesKey, text) # Encrypt generated s = [i.encode('utf8') for i in (timestamp, nonce, config.token)] s += [text]; s.sort(); s = b''.join(s) # Signature generated return construct_msg({ 'FromUserName': replyDict['FromUserName'], 'ToUserName': replyDict['ToUserName'], 'MsgType': ENCRYPT, 'Encrypt': text.decode('utf8'), 'MsgSignature': hashlib.sha1(s).hexdigest(), 'TimeStamp': timestamp, 'Nonce': nonce, }, )
def verify_reply(core, tns, reply, msgDict, isActualEncrypt): reply = reply_msg_format(reply) if reply: if reply.get('MsgType') in OUTCOME_MSG: reply['ToUserName'] = msgDict['FromUserName'] reply['FromUserName'] = msgDict['ToUserName'] if 'FileDir' in reply and reply['MsgType'] != TEXT: r = core.upload(reply['MsgType'], reply['FileDir']) if not r: logger.warning(r) return None, None else: reply['MediaId'] = r['media_id'] if core.config.encryptMode == SAFE and isActualEncrypt: return encrypt_msg(*(tns + [core.config, reply])), reply else: return construct_msg(reply), reply else: logger.warning('Reply is invalid: unknown MsgType') else: logger.warning('Reply is invalid: %s' % reply.get('errmsg')) return None, None
def verify_reply(core, tns, reply, msgDict, isActualEncrypt): reply = reply_msg_format(reply) if reply: if reply.get('MsgType') in OUTCOME_MSG: reply['ToUserName'] = msgDict['FromUserName'] reply['FromUserName'] = msgDict['ToUserName'] if 'FileDir' in reply and reply['MsgType'] != TEXT: r = core.upload(reply['MsgType'], reply['FileDir']) if not r: logger.warning(r); return None, None else: reply['MediaId'] = r['media_id'] if core.config.encryptMode == SAFE and isActualEncrypt: return encrypt_msg(*(tns + [core.config, reply])), reply else: return construct_msg(reply), reply else: logger.warning('Reply is invalid: unknown MsgType') else: logger.warning('Reply is invalid: %s' % reply.get('errmsg')) return None, None