很多公司都开放对外的API,测试时候我们一般用postman,jmeter等工具可以简单上手,但是对于复杂的流程有时候就不太友好了。
例如:
- API如果是做支付相关的业务,每次调用接口订单号这个字段要做参数化处理。
- 调用接口有签名字段要做签名,返回参数需要做验签。
- 上传文件或图片的接口要做文件二进制的转换。
- 一些字段需要做加密传输。
- 多个API接口之间是有业务关系的,例如我调用一个接口需要另一个接口返回的值
接上章内容讲签名验签,本章我们讲加密解密
- 加解密方法中数据和公私钥我们都用字符串
- 方法中返回的加密数据我们一定义为base64格式的字符串
- text.encode('utf-8')先把加密数据转成字节串
- 公私钥我们传的也是base64字符串,所以要用base64.b64decode()转成字节串
前置条件:
安装 pycryptodome
pip3 install pycryptodome
引用相关类
from Crypto.PublicKey import RSA
from Crypto.Signature import PKCS1_v1_5 as Signature_PKCS1_v1_5
from Crypto.Cipher import PKCS1_v1_5 as Cipher_PKCS1_v1_5
from Crypto.Hash import MD5, SHA,SHA1, SHA256
from Crypto import Random
加密
def encryption(text: str, publicKey):
# 加密text数据是字符串,进行编码,编码为UTF-8格式的字节串
text_bytes = text.encode('utf-8')
# 加密公钥是base64字符串,先解码,解码后格式为字节串
public_key_Bytes = base64.b64decode(publicKey)
# 构建公钥对象
cipher_public = Cipher_PKCS1_v1_5.new(RSA.importKey(public_key_Bytes))
# 加密
text_encrypted = cipher_public.encrypt(text_bytes)
# base64编码,并转为字符串
text_encrypted_base64 = base64.b64encode(text_encrypted).decode()
return text_encrypted_base64
解密
def decryption(text_encrypted_base64: str, private_key):
# 字符串指定编码(转为bytes)
text_encrypted_base64 = text_encrypted_base64.encode('utf-8')
# base64解码
text_encrypted = base64.b64decode(text_encrypted_base64)
# 加密公钥是base64字符串,先解码,解码后格式为bytes
private_key_Bytes=base64.b64decode(private_key)
# 构建私钥对象
cipher_private = Cipher_PKCS1_v1_5.new(RSA.importKey(private_key_Bytes))
# 解密(bytes)
text_decrypted = cipher_private.decrypt(text_encrypted, Random.new().read)
# 解码为字符串
text_decrypted = text_decrypted.decode()
return text_decrypted
测试,用上一章我们获取的公私钥加秘 再解密
private_key=r'MIIEowIBAAKCAQEA2OnMeAxfrFVhU6M/G4gKR9815/Au93Rru9EkWu/Pk1juQ2nA4HCCvKtAAmeY35f80ZBcj1lIKK6icL31cpDaDSMWSQ2W64Bd1K34N0Zja6mLbI3jISgVcSKLSjo9I0I2e/JNo0A/tkPfTA2jxeKgcUGZPvUEUtb06GsC681oapImi+6OpRCC9b2dc1h4xDnbUdZbesGZspSYVFsNLRZLSUG6JfuJqQNSmDl4BJd0sxZJRBytlzSQuenczTqaHdf7JtvEsCpXseaoVO1A0c8RjYhLGhAsldE4NNPx6Jop66TYsokBv9KSJPZqaTvIng1szlw/jp+f5Lhv+Wyntnl2sQIDAQABAoIBAB4wZ/SQpaN6semDOmNutcjr+s4q4kvZaFcYVArTU9yqOhBS1cpxjkM2QwSH/kGm9G5cPQL3G5u3Nm93g1jXFSn9PKWdM73XZ00UNgwctUtE1QfzisLQwoSKQ2roxnKI+BlHD2F4WIWvAOh5ANan5HREJiZve727IhR+NEa07LfhbrdqdQ/RWb8N/vrt8HTpuLBLTFA0D943it9RHQw/s7rWA37qcgeScLONJ7Ewu0Yrulh9Rpv3JtxfdicG8ZEAqhen2p1Gf2oqTBeC4k9feHyUCpkARMDqvKm2ifhzO8cgKnVR0+pxLAa7BfgOCdeCXcNlz55Oz3dI4TRXnYlnD6sCgYEA36wpvXxwFsvovBOTy7ng4kaDYD8SjpC7CFPvAIO23xdWOathncCZjTpvhrT2OiKDUcd8i45KlbtB6ZIeMAfsonjNE/rGcEEckOtjvN6Toyt42UQuzOeKjTB2nLE66TYZ83N8IZjUqhfjCxTJFsgixsLyFM1kXYP5yolctM5GAncCgYEA+EOLmpqDkqxlK3Gju8/wz2lk9Hurcu7vVcIRX/LJtOtMLWFilJZprdjH2EZ7c7+b5DaHzklmJH2Rm8CaMmTHqptNEe11n25iP0p319pHGyxxaSvKkABk+31ykJUFFk8l260NzfZXMk3QhYMkKZ9ZbKjjukUb5+l2HPZhR6TsMhcCgYAN8tebiIIY+dhmujXSU6IxmkIhI23N1DrFty5FcvFZkkP/Tq/EvbkVtJo15V0hnPthgzZCIbqHAemHXmRhjGz2aOApKc9sOrNEWlma8qp0V4auzfC5OItMaMRM20SYPJZ7tyz7j2NbxCeVjlNIB20bxhaAs5pZtpxCRDSy1dZJ2wKBgQDsGKhJ5gmcUhCAaTjx4kW7qhpVGssoqSu4na+SVL0YLfCq84MhlY14w8EB372FjUH+nRE3z7uwli4ENf0uUYNErx5zHyUN8pbCY9pmz3Fx2SkdgITJv2ZJeLqb3uwQlEKHkCKhrVStRS0520Znwt/zIwY23YQ1X2NxFanbzW7GDwKBgFrR0UZDl55bJgqIvlt0QNufsJyStRr8teIqX7F0U9T4RoeCWuF7KjtHrk0WCgiMREOxIc3b9gICAlGxc8hhKAi2JWOxmwXaeIYWWXgSu/Ojhsj0wTBWRGigCRqhyB01Y1GirXx7nUHVYnegjxBMOa+oPacHB76Zb/6Aejkg2QeL'
public_key=r'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OnMeAxfrFVhU6M/G4gKR9815/Au93Rru9EkWu/Pk1juQ2nA4HCCvKtAAmeY35f80ZBcj1lIKK6icL31cpDaDSMWSQ2W64Bd1K34N0Zja6mLbI3jISgVcSKLSjo9I0I2e/JNo0A/tkPfTA2jxeKgcUGZPvUEUtb06GsC681oapImi+6OpRCC9b2dc1h4xDnbUdZbesGZspSYVFsNLRZLSUG6JfuJqQNSmDl4BJd0sxZJRBytlzSQuenczTqaHdf7JtvEsCpXseaoVO1A0c8RjYhLGhAsldE4NNPx6Jop66TYsokBv9KSJPZqaTvIng1szlw/jp+f5Lhv+Wyntnl2sQIDAQAB'
data='测试数据'
# sign=RSA_sign(data,private_key)
# print(sign.decode('utf-8'))
# test_return=RSA_verify(sign,data,public_key)
# print(test_return)
enc=encryption(data,public_key)#加密
print(decryption(enc,private_key))#解密
如果加密数据过长,我们还可以进行分段加解密,下章继续分段加解密方法