很多公司都开放对外的API,测试时候我们一般用postman,jmeter等工具可以简单上手,但是对于复杂的流程有时候就不太友好了。
例如:
- API如果是做支付相关的业务,每次调用接口订单号这个字段要做参数化处理。
- 调用接口有签名字段要做签名,返回参数需要做验签。
- 上传文件或图片的接口要做文件二进制的转换。
- 一些字段需要做加密传输。
- 多个API接口之间是有业务关系的,例如我调用一个接口需要另一个接口返回的值
本章内容先讲签名验签,用MD5withRSA签名验签举例
安装 pycryptodome
pip3 install pycryptodome
引用相关类
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5 as Signature_PKCS1_v1_5
from Crypto.Cipher import PKCS1_v1_5 as Cipher_PKCS1_v1_5
from Crypto.Hash import MD5, SHA,SHA1, SHA256
from Crypto import Random
生成公私钥方法
def create_rsa_pair(is_save=False):
'''
创建rsa公钥私钥对
:param is_save: default:False
:return: public_key, private_key
'''
f = RSA.generate(2048)#这里表示生成2048位的签名
private_key = f.exportKey("PEM") # 生成私钥
public_key = f.publickey().exportKey() # 生成公钥
if is_save:
with open("crypto_private_key.pem", "wb") as f:
f.write(private_key)
with open("crypto_public_key.pem", "wb") as f:
f.write(public_key)
return public_key, private_key
测试一下,把公私钥打印出来
签名方法
def RSA_sign(data,privateKey):
#privateKey = '''这里写私钥'''#字符串
private_keyBytes = base64.b64decode(privateKey)
priKey = RSA.importKey(private_keyBytes)
signer =Signature_PKCS1_v1_5.new(priKey)
hash_obj = MD5.new(data.encode('utf-8'))#数据转换格式再MD5加密
signature = base64.b64encode(signer.sign(hash_obj))
return signature
验签方法
def RSA_verify(signature,data,publicKey):
#publicKey='''这里写公钥'''#字符串
public_keyBytes = base64.b64decode(publicKey)
pub_key = RSA.importKey(public_keyBytes)
hash_obj = MD5.new(data.encode('utf-8'))
verifier = Signature_PKCS1_v1_5.new(pub_key)
return verifier.verify(hash_obj, base64.b64decode(signature))
最后用生成的公私钥去做签名,再验签,测试数据写成一样的,返回结果为ture就说明验签成功了
if __name__ == '__main__':
#私钥
private_key=r'MIIEowIBAAKCAQEA2OnMeAxfrFVhU6M/G4gKR9815/Au93Rru9EkWu/Pk1juQ2nA4HCCvKtAAmeY35f80ZBcj1lIKK6icL31cpDaDSMWSQ2W64Bd1K34N0Zja6mLbI3jISgVcSKLSjo9I0I2e/JNo0A/tkPfTA2jxeKgcUGZPvUEUtb06GsC681oapImi+6OpRCC9b2dc1h4xDnbUdZbesGZspSYVFsNLRZLSUG6JfuJqQNSmDl4BJd0sxZJRBytlzSQuenczTqaHdf7JtvEsCpXseaoVO1A0c8RjYhLGhAsldE4NNPx6Jop66TYsokBv9KSJPZqaTvIng1szlw/jp+f5Lhv+Wyntnl2sQIDAQABAoIBAB4wZ/SQpaN6semDOmNutcjr+s4q4kvZaFcYVArTU9yqOhBS1cpxjkM2QwSH/kGm9G5cPQL3G5u3Nm93g1jXFSn9PKWdM73XZ00UNgwctUtE1QfzisLQwoSKQ2roxnKI+BlHD2F4WIWvAOh5ANan5HREJiZve727IhR+NEa07LfhbrdqdQ/RWb8N/vrt8HTpuLBLTFA0D943it9RHQw/s7rWA37qcgeScLONJ7Ewu0Yrulh9Rpv3JtxfdicG8ZEAqhen2p1Gf2oqTBeC4k9feHyUCpkARMDqvKm2ifhzO8cgKnVR0+pxLAa7BfgOCdeCXcNlz55Oz3dI4TRXnYlnD6sCgYEA36wpvXxwFsvovBOTy7ng4kaDYD8SjpC7CFPvAIO23xdWOathncCZjTpvhrT2OiKDUcd8i45KlbtB6ZIeMAfsonjNE/rGcEEckOtjvN6Toyt42UQuzOeKjTB2nLE66TYZ83N8IZjUqhfjCxTJFsgixsLyFM1kXYP5yolctM5GAncCgYEA+EOLmpqDkqxlK3Gju8/wz2lk9Hurcu7vVcIRX/LJtOtMLWFilJZprdjH2EZ7c7+b5DaHzklmJH2Rm8CaMmTHqptNEe11n25iP0p319pHGyxxaSvKkABk+31ykJUFFk8l260NzfZXMk3QhYMkKZ9ZbKjjukUb5+l2HPZhR6TsMhcCgYAN8tebiIIY+dhmujXSU6IxmkIhI23N1DrFty5FcvFZkkP/Tq/EvbkVtJo15V0hnPthgzZCIbqHAemHXmRhjGz2aOApKc9sOrNEWlma8qp0V4auzfC5OItMaMRM20SYPJZ7tyz7j2NbxCeVjlNIB20bxhaAs5pZtpxCRDSy1dZJ2wKBgQDsGKhJ5gmcUhCAaTjx4kW7qhpVGssoqSu4na+SVL0YLfCq84MhlY14w8EB372FjUH+nRE3z7uwli4ENf0uUYNErx5zHyUN8pbCY9pmz3Fx2SkdgITJv2ZJeLqb3uwQlEKHkCKhrVStRS0520Znwt/zIwY23YQ1X2NxFanbzW7GDwKBgFrR0UZDl55bJgqIvlt0QNufsJyStRr8teIqX7F0U9T4RoeCWuF7KjtHrk0WCgiMREOxIc3b9gICAlGxc8hhKAi2JWOxmwXaeIYWWXgSu/Ojhsj0wTBWRGigCRqhyB01Y1GirXx7nUHVYnegjxBMOa+oPacHB76Zb/6Aejkg2QeL'
#公钥
public_key=r'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OnMeAxfrFVhU6M/G4gKR9815/Au93Rru9EkWu/Pk1juQ2nA4HCCvKtAAmeY35f80ZBcj1lIKK6icL31cpDaDSMWSQ2W64Bd1K34N0Zja6mLbI3jISgVcSKLSjo9I0I2e/JNo0A/tkPfTA2jxeKgcUGZPvUEUtb06GsC681oapImi+6OpRCC9b2dc1h4xDnbUdZbesGZspSYVFsNLRZLSUG6JfuJqQNSmDl4BJd0sxZJRBytlzSQuenczTqaHdf7JtvEsCpXseaoVO1A0c8RjYhLGhAsldE4NNPx6Jop66TYsokBv9KSJPZqaTvIng1szlw/jp+f5Lhv+Wyntnl2sQIDAQAB'
data='测试数据'#用来签名和验签的数据
sign=RSA_sign(data,private_key)#签名
print(sign.decode('utf-8'))#签名结果二进制字符串转字符串并打印
test_return=RSA_verify(sign,data,public_key)#验签
print(test_return)#打印签名结果