From 5b092d7b380048145e452a1d0f5957967aab7166 Mon Sep 17 00:00:00 2001
From: hobby <hobby0524@gmail.com>
Date: Thu, 29 Dec 2022 17:09:17 +0800
Subject: [PATCH] add verifyUrl

---
 WXBizMsgCrypt.php | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/WXBizMsgCrypt.php b/WXBizMsgCrypt.php
index 4d30f3b..0b48855 100644
--- a/WXBizMsgCrypt.php
+++ b/WXBizMsgCrypt.php
@@ -23,7 +23,44 @@ public function __construct($token, $encodingAesKey, $appId)
         $this->encodingAesKey = $encodingAesKey;
         $this->appId = $appId;
     }
+    /*
+	*验证URL
+    *@param sMsgSignature: 签名串,对应URL参数的msg_signature
+    *@param sTimeStamp: 时间戳,对应URL参数的timestamp
+    *@param sNonce: 随机串,对应URL参数的nonce
+    *@param sEchoStr: 随机串,对应URL参数的echostr
+    *@param sReplyEchoStr: 解密之后的echostr,当return返回0时有效
+    *@return:成功0,失败返回对应的错误码
+	*/
+    public function VerifyURL($sMsgSignature, $sTimeStamp, $sNonce, $sEchoStr, &$sReplyEchoStr)
+    {
+        if (strlen($this->m_sEncodingAesKey) != 43) {
+            return ErrorCode::$IllegalAesKey;
+        }
+
+        $pc = new Prpcrypt($this->m_sEncodingAesKey);
+        //verify msg_signature
+        $sha1 = new SHA1;
+        $array = $sha1->getSHA1($this->m_sToken, $sTimeStamp, $sNonce, $sEchoStr);
+        $ret = $array[0];
+
+        if ($ret != 0) {
+            return $ret;
+        }
 
+        $signature = $array[1];
+        if ($signature != $sMsgSignature) {
+            return ErrorCode::$ValidateSignatureError;
+        }
+
+        $result = $pc->decrypt($sEchoStr, $this->m_sReceiveId);
+        if ($result[0] != 0) {
+            return $result[0];
+        }
+        $sReplyEchoStr = $result[1];
+
+        return ErrorCode::$OK;
+    }
     /**
      * 将公众平台回复用户的消息加密打包.
      * <ol>