在公司的一部分产品中,有接口是使用AES 对称加解密方法来实现,并且采用ECB模式,padding PKCS5 的模式来实现接口的加密解密。
padding PKCS5的填充方法是根据块的大小默认是16,然后需要加密的明文长度除以16,不足16位字符串的补足到16的倍数,刚好是16的倍数也要补16位,然后补足的不是空格,而是差几位补充几位的Unicode值。
这里需要使用到base64位的编码,解码。
以下是针对某个接口的传参使用AES对称加密解密技术后,对该接口进行的测试,脚本如下:
#coding=utf-8
from base64 import b64decode
from base64 import b64encode
from Crypto.Cipher import AES
import base64
import json
import requests
# Padding for the input string --not
# related to encryption itself.
BLOCK_SIZE = 16 # Bytes
pad = lambda s: s + (BLOCK_SIZE - len(s) % BLOCK_SIZE) * \
chr(BLOCK_SIZE - len(s) % BLOCK_SIZE)
unpad = lambda s: s[:-ord(s[len(s) - 1:])]
class AESCipher:
"""
Tested under Python 3.x and PyCrypto 2.6.1.
"""
def __init__(self, key):
#加密需要的key值
self.key=key
def encrypt(self, raw):
raw = pad(raw)
#通过key值,使用ECB模式进行加密
cipher = AES.new(self.key, AES.MODE_ECB)
#返回得到加密后的字符串进行解码然后进行64位的编码
return base64.b64encode(cipher.encrypt(raw)).decode('utf8')
def decrypt(self, enc):
#首先对已经加密的字符串进行解码
enc = b64decode(enc)
#通过key值,使用ECB模式进行解密
cipher = AES.new(self.key, AES.MODE_ECB)
return unpad(cipher.decrypt(enc)).decode('utf8')
if __name__ == '__main__':
headers_1 = 'http://xx.yy.zz.com'
login_url = 'http://xx.yy.zz.com/api/user/login'
login_data = 'nxwJlgbc2+IhiYCvL++ImdhEQ8lRXwLLPtn65qG1w53dhrItqzxXQiWWr4WDJurG2/dgk4d2n/TwDcJqZp7f6rgFT9DBpwkO/qcuhZ15q6OEcX/bAY/+BL3hOFiHYcza3R1V3J89ChrYCqvS2wLCkZC9DHuG1kuzHI4eIu/PDA6umNumIN6mWnxNku4cxToAlSc+DFa8vRhrEJ5uTlA5q2ZEpobgVljmIXPjklSGqgGCZHHnnPGLh6OyEumgg9pbFVB1kFHrjWIQluP0nyBYEm+1TXwpYG7SDIn8mzJ/QpgHK9wMIbgsK10PJG4A0IRj1hI30jzSmKuuQ=='
r_1 = requests.post(url=login_url, data=login_data, headers=headers_1)
json_login_result = json.loads(r_1.text)
login_token = json_login_result['data']['token']
print("获取到的登录token值是:\n", login_token)
test_url = 'http://xx.yy.zz.com.com/api/statistic/query/'
test_data = '{"timeRange":"DAY","fromTime":"2017-09-07T00:00:00+08:00","toTime":"2017-09-13T23:59:59+08:00","type":"NEW_CUSTOMER_PANEL"}'
headers_2 = {'Referer': 'http://xx.yy.zz.com',
'Content-Type': 'application/json',
'X-Token': login_token,
'x-serverid': '30000',
'x-vendor': 'XXX'
}
key = 'xyABPTTjHYL6eyl1'
#调用加密函数
test_data = AESCipher(key).encrypt(test_data)
print("接口加密后的值是:\n", test_data)
r_2 = requests.post(url=test_url, data=test_data, headers=headers_2)
print("接口测试结果值是:\n", r_2.text)
encrypted_text = r_2.text
#调用解密函数
decrypted_text = AESCipher(key).decrypt(encrypted_text)
# 获取到code值
code = json.loads(decrypted_text)
print("接口测试结果解密后的值是:\n", code['code'])运行该脚本得到:
C:\Python36\python.exe D:/BW_endecrypt/AESCrypt.py
获取到的登录token值是:
PUB:eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiI0YzRjZjUxNS1kN2M0LTQxNmEtOTJmYi0wZTdlOTE1NjE4ZDkiLCJpc3MiOiJUMDAxMjI5QlciLCJpYXQiOjE1MjE2MTk0Mjd9.SdEmq6l--9InTf-N9n9PKBGNwuEZowHZsLkrSW3vv80W0j5dqclqtFKs9E9ucraagm_k-5RAZf3hJCQHPXXsjw
接口加密后的值是:
7sas+lcST+SzHPNsTPLEvIPGuZF1Wbs81l0lWo1f+iX0f0nCXDuQGmo6Huaioz2MqoiVcLXPg4RzZIaflc772IDgOZ81Cl8m6H/jjtFwyPksLWoOJ8pz0qWIwXtcEC+UVPDvK+YCktfnFNBQnNFHOR7nrNrgyPEra+rOc7hpxhI=
接口测试结果值是:
VJmSsrtltIzZp7yA6Y6G+aJOSA9Tevjb6iCgxF/oprjVl2qF7UlYdV3Bs+CFplGQmrGWS8vqE+dNjuSD1JoT+i2xMa0304Bi14mmcMm0xUQRXMfRmRiRwHiKI7U3m5uLjEoCBetDqIRd6FahY9R/gRuhLw6Oo1nF/6XMipaYVjfoHjAeCfM5ObtDEOJSVB8sIsyBxwsrKNeP0+ElUnmsz8IlihWjJm2moDyTJxcJyqRqhI9rN7o2Hu6ndZVKjng8pDMFct0syPKb8XiSR1nVq/k+bl6nbi23ihi1fOJQW9KO4zyBYQfPOkZALvcxpcLy+R5b4HylDM2mzwPlYIUab3SbzPjIhEQ9VVFID8XMQQcWxpUhWkspHzoc9C0mi2En8W6UeZxtxMR7/c66edFfwm8SIJQIw1URD8USmgxqUYzJf9lbLSyO0LGf2kvY/jwI3j5LtfzWkRJ1H2rNFhJyMq4WJxMUlpC5EF1JhVKDrqSy3uTRBjCCAjKwXTqhkaS6G+UcQBYuJ7IoFOvKhPFVrPYLQw7qoM/iqdQugVqCzMuJoS/kpnbSxISbhGiHxkqnCxsfP9bICKxK9+doBBc3EFZPlcNTXqTT6FRUHDk6ni71kK/
type is:
<class 'dict'>
接口测试结果解密后的值是:
m0000000最后一步步调试,得到需要的加解密结果值。
更多测试交流,可以加好友
