在这之前 记得用pip install 安装几个包:
Crypto,base64, 反正环境缺什么就加什么呗
首先梳理下思路:
1.私钥由开发提供
2.规则基本是按参数名从小到大排序拼接 至于具体规则 参数名和值之间是否有=链接 都得问清楚规则
3.拼接之后是否MD5加密之后再加密等 都需要问清楚
4.生成签名之后,再加到请求参数内 即可访问
import hashlib
import Crypto
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5
from Crypto.Hash import SHA
import base64
privateKey = """-----BEGIN PRIVATE KEY-----
私钥问开发要就可以了
-----END PRIVATE KEY-----"""
def sign_body(body):
#参数拼接,用=连接
a = ["=".join(i) for i in body.items() if(i[1] and i[0] != "sign" and i[1] and i[0] !="sign_type")]
#参数与参数之间排序,用&连接
strA = "&".join(sorted(a))
# print("AA"+strA)
# MD5加密
# def jiamimd5(src):
# m = hashlib.md5()
# m.update(src.encode('UTF-8'))
# return m.hexdigest()
# sign = jiamimd5(strA.lower())
# body["sign"] = sign
return strA
def RSA_sign(data):
#获取私钥用户加签
priKey = RSA.importKey(privateKey)
#priKey = RSA.importKey(privateKey)
#创建用于执行PKS 加密或者解密的密码
signature = PKCS1_v1_5.new(priKey)
#内容进行sha加密
hash_val = SHA.new(data.encode("utf-8"))
re =signature.sign(hash_val)
#对于内容进行PKS加密,再使用base64进行编码
result = base64.b64encode(re)
red = result.decode()
# data["sign"] = red
return red
if __name__ == '__main__':
a='1232323231hfgds45123@¥%'
print(RSA_sign(a))
经过测试:结果正确
import requests
from api2.sgin import RSA_sign,sign_body
def way(body):
url="http://xxx.xx.xx.xx:xxxx/api-xxx/xxx/gateway"
print(body)
r=requests.post(url,data=body)
# print(r)
return r
if __name__ == '__main__':
body={
"xx": "xxx",
"xxx":"xx",
"xx": "utf-8",
"content":'xxxxx',
"method": "open.api.xx.xx.xx.xx",
"sign_type": "RSA",
"timestamp": "1634347347053",
"version": "1.0"
}
striSignTemp=sign_body(body)
print(striSignTemp)
sign=RSA_sign(striSignTemp)
print("ssssssssssssssss:"+sign)
body["sign"] = sign
print(body)
print(way(body))
调用前一个python文件 获取签名 加到入参内
然后请求,执行结束