Message encryption and decryption instructions

# Public account message encryption and decryption is a new mechanism provided by the public platform to further strengthen the security of public accounts. Developers should note that active API calls from public accounts will not be affected. Message encryption and decryption are only required when passively replying to a user's message. Specific modifications to message encryption and decryption include:

1.新增消息体签名验证，用于公众平台和公众账号验证消息体的正确性
2.针对推送给微信公众账号的普通消息和事件消息，以及推送给设备公众账号的设备消息进行加密
3.公众账号对密文消息的回复也要求加密

Please check the access guide and developer FAQ to access the message body signature and encryption and decryption functions: access guide, developer FAQ, if you pay attention For technical implementation, you can view the technical solution: Technical solution

After enabling the encryption and decryption function (that is, selecting compatibility mode or safe mode), the public platform server configures the address to the public account server (Can be modified in the "Developer Center") When pushing a message, two new parameters (encryption type and message body signature) will be added to the URL to reflect the new features. The encryption algorithm uses AES. For specific encryption and decryption processes and solutions, please see the access guide, technical solutions and sample code.

In order to cooperate with the launch of the message encryption function and help developers adapt to new features, the public platform provides 3 encryption and decryption modes for developers to choose, namely plaintext mode , compatibility mode, and security mode (you can select the corresponding mode in the "Developer Center"). Before selecting the compatibility mode and security mode, you need to fill in the message encryption and decryption key EncodingAESKey in the Developer Center.

明文模式：维持现有模式，没有适配加解密新特性，消息体明文收发，默认设置为明文模式
兼容模式：公众平台发送消息内容将同时包括明文和密文，消息包长度增加到原来的3倍左右；公众号回复明文或密文均可，不影响现有消息收发；开发者可在此模式下进行调试
安全模式（推荐）：公众平台发送消息体的内容只含有密文，公众账号回复的消息体也为密文，建议开发者在调试成功后使用此模式收发消息

What is EncodingAESKey?

The WeChat public platform uses the AES symmetric encryption algorithm to encrypt the message body pushed to the public account. EncodingAESKey is the secret key used for encryption. The public account uses this secret key to decrypt the received ciphertext message body, and the reply message body is also encrypted with this secret key.

In addition, the WeChat public platform provides developers with sample codes in 5 languages ​​(including C, php, Java, Python and C# versions, click to download).