From aaa1325afc6be9b193d5447b668f9f87ea61ca7a Mon Sep 17 00:00:00 2001
From: van <van333@foxmail.com>
Date: Wed, 1 Apr 2026 01:28:50 +0800
Subject: [PATCH] 1

---
 .../wxsend/util/WeComCallbackCrypto.java      | 22 +++++++++++++------
 src/main/resources/application.yml            |  2 +-
 2 files changed, 16 insertions(+), 8 deletions(-)

diff --git a/src/main/java/cn/van333/wxsend/util/WeComCallbackCrypto.java b/src/main/java/cn/van333/wxsend/util/WeComCallbackCrypto.java
index fc7dd90..553f045 100644
--- a/src/main/java/cn/van333/wxsend/util/WeComCallbackCrypto.java
+++ b/src/main/java/cn/van333/wxsend/util/WeComCallbackCrypto.java
@@ -25,9 +25,9 @@ public class WeComCallbackCrypto {
     private final byte[] iv;
 
     public WeComCallbackCrypto(String token, String encodingAESKey, String corpId) {
-        this.token = token;
-        this.aesKey = Base64.getDecoder().decode(encodingAESKey + "=");
-        this.corpId = corpId;
+        this.token = token == null ? "" : token.trim();
+        this.aesKey = Base64.getDecoder().decode((encodingAESKey == null ? "" : encodingAESKey.trim()) + "=");
+        this.corpId = corpId == null ? "" : corpId.trim();
         this.iv = Arrays.copyOfRange(aesKey, 0, 16);
     }
 
@@ -69,13 +69,21 @@ public class WeComCallbackCrypto {
             byte[] plainPadded = cipher.doFinal(cipherData);
             byte[] plain = PKCS7Encoder.decode(plainPadded);
 
-            // 结构：16字节随机 + 4字节网络序正文长度 + 正文 + corpId
+            // 结构：16字节随机 + 4字节网络序正文长度 + 正文 + receiveid
+            // 自建应用 receiveid 为企业 CorpId；部分第三方/套件回调包尾为 SuiteId，须与后台一致。
             byte[] networkOrder = Arrays.copyOfRange(plain, 16, 20);
             int xmlLength = ByteBuffer.wrap(networkOrder).order(ByteOrder.BIG_ENDIAN).getInt();
+            if (xmlLength < 0 || 20 + xmlLength > plain.length) {
+                throw new RuntimeException("invalid decrypted layout: msgLen=" + xmlLength + ", plainLen=" + plain.length
+                        + "（请核对 EncodingAESKey、Token 是否与当前「接收消息」配置为同一套）");
+            }
             byte[] xmlBytes = Arrays.copyOfRange(plain, 20, 20 + xmlLength);
-            String fromCorpId = new String(Arrays.copyOfRange(plain, 20 + xmlLength, plain.length), StandardCharsets.UTF_8);
-            if (!fromCorpId.equals(corpId)) {
-                throw new RuntimeException("corpId mismatch");
+            String fromReceiveId = new String(Arrays.copyOfRange(plain, 20 + xmlLength, plain.length), StandardCharsets.UTF_8).trim();
+            if (!fromReceiveId.equals(corpId)) {
+                throw new RuntimeException(
+                        "receiveid mismatch: qywx.app.corpId=[" + corpId + "], fromWeCom=[" + fromReceiveId
+                                + "]。自建应用请填「管理后台-我的企业-企业信息-企业ID」；若为服务商/套件回调，包尾多为 SuiteId，须填 SuiteId。"
+                                + " Token、EncodingAESKey、企业ID须为同一接收消息配置中生成的成对参数。");
             }
             return new String(xmlBytes, StandardCharsets.UTF_8);
         } catch (Exception e) {
diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml
index badf78b..55890f4 100644
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -73,7 +73,7 @@ qywx:
         # 机器人安全设置中的加签secret（可选）。若不开启加签可留空
         secret: ""
     app:
-        corpId: "ww4f2e72baba7d07ea"
+        corpId: "ww929e7d6493c6336e"
         agentId: "1000006"
         token: "agxO6u1K8AVgPy7"
         encodingAESKey: "fzObpzNPhU3FdavtT73S5bqpvBky7LL0Ncnd6fPmAmd"