python 应用 base64、hmac、hashlib包实现:MD5编码 base64编码解码、SHA256编码、urlsafe_b64encode编码等等基本所有的加密签名的方法
用python做HTTP接口自动化测试的时候,接口的很多参数是经过各种编码加密处理后在传到后台的,这里列举出python实现 应用 base64、hmac、hashlib包实现:md5编码 sha1编码 sha3_224编码 sha3_256编码 sha3_384编码 sha3_512编码 、 sha224编码 、 sha384编码 、 sha512编码 、shake_128编码 、 shake_256 编码 、urlsafe_b64encode编码等各种编码加密签名的方法
import base64 import hmac import hashlib # MD5 编码 应用haslib user = 'username' pwd = 'pass123456' user = user.encode(encoding='utf-8') pwd = pwd.encode(encoding='utf-8') user_MD5 = hashlib.md5(user).hexdigest() pwd_MD5 = hashlib.md5(pwd).hexdigest() print('user_MD5:', user_MD5) print('pwd_MD5:', pwd_MD5) # MD5 编码含有中文 # 如果有中文中文字符在Python中是以unicode存在的,同一个字符串在不同的编码体系下有不同的值,所以在hash前要进行编码需要转为gb2312 # 这样才可能跟其他工具的编码一样(当然具体转为那种编码,前后端需要统一即可) user = '张三as' pwd = 'a小四a' user = user.encode(encoding='gb2312') pwd = pwd.encode(encoding='utf-8') user_MD5 = hashlib.md5(user).hexdigest() pwd_MD5 = hashlib.md5(pwd).hexdigest() print('张三as:', user_MD5) print('a小四a:', pwd_MD5) # hashlib的编码:md5 sha1 sha3_224 sha3_256 sha3_384 sha3_512 sha224 sha384 sha512 shake_128 shake_256 a = "hello word" a = a.encode(encoding='utf-8') print('hello word:md5 = ', hashlib.md5(a).hexdigest()) print('hello word:sha1 = ', hashlib.sha1(a).hexdigest()) print('hello word:sha224 = ', hashlib.sha224(a).hexdigest()) print('hello word:sha256 = ', hashlib.sha256(a).hexdigest()) print('hello word:sha384 = ', hashlib.sha384(a).hexdigest()) print('hello word:sha512 = ', hashlib.sha512(a).hexdigest()) # base64 编码 string = 'helloWord' byteString = string.encode(encoding='utf-8') base64String = base64.b64encode(byteString) print("base64String :", base64String) # 这个时候base64String 是byte型的,需要转化为str base64String = base64String.decode() print("base64String.decode :", base64String) # 现在 才是str型的 # base64 解码 decodestr = base64.b64decode(base64String) print('decodestr:', decodestr) print("decodestr.decode:", decodestr.decode()) # SHA256编码 string = '123456' byteString = string.encode(encoding='utf-8') print(byteString) sha256str = hashlib.sha256(byteString).hexdigest() # 把小写转换为大写 sha256str = sha256str.upper() print("sha256str:", sha256str) # urlsafe_b64encode编码 p= 'PUT' m= '\n' q= "/api/v1/t11104_1502526876337/status" s= "api_sign_key" qs= "timestamp=1502526886275" pay= "{\"device\":{\"app_version_number\":12,\"dtype\":1,\"did\":\"2c6e2d7594e49a4a\",\"net_type\":\"WIFI\",\"system_version_name\":\"4.1.1\",\"app_version_name\":\"1.0.2\",\"channel\":\"200\",\"lang\":\"zh\",\"phone_model\":\"Samsung Galaxy S2 - 4.1.1 - API 16 - 480x800\",\"country\":\"US\"}},\"previous_status\":\"CREATED\",\"status_to_change\":\"LIVING\""; secret_key = s.encode(encoding='utf-8') message = (p+m+q+m+qs+m+pay).encode(encoding='utf-8') print('p+m+q+m+qs+m+pay:', p+m+q+m+qs+m+pay) print('byte_secret_key:', secret_key) print('byte_message:', message) # 这里举例 sha256编码 除此之外,hmac 也有其他的各种编码: # md5 sha1 sha3_224 sha3_256 sha3_384 sha3_512 sha224 sha384 sha512 shake_128 shake_256 digest = hmac.new(secret_key, message, digestmod=hashlib.sha256).digest() print('digest:', digest) sig = base64.urlsafe_b64encode(digest).decode() print('sig', sig) sig = sig.rstrip('=') print('sig去除末尾=号', sig) p = 'GET' m= '\n' q= "/api/v1/discovery" s= "api_sign_key" qs= "device=eyJhcHBfdmVyc2lvbl9udW1iZXIiOi0xMDAwLCJkdHlwZSI6MSwiZGlkIjoiMmM2ZTJkNzU5NGU0OWE0YSIsIm5ldF90eXBlIjoiV0lGSSIsInN5c3RlbV92ZXJzaW9uX25hbWUiOiI0LjEuMSIsImFwcF92ZXJzaW9uX25hbWUiOiIxLjAuMiIsImNoYW5uZWwiOiIyMDAiLCJsYW5nIjoiemgiLCJwaG9uZV9tb2RlbCI6IlNhbXN1bmcgR2FsYXh5IFMyIC0gNC4xLjEgLSBBUEkgMTYgLSA0ODB4ODAwIiwiY291bnRyeSI6IlVTIn0=&size=50&last_seen_pos=×tamp=1508382408763"; pay= "" secret_key = s.encode(encoding='utf-8') message = (p+m+q+m+qs+m+pay).encode(encoding='utf-8') print('p+m+q+m+qs+m+pay:', p+m+q+m+qs+m+pay) print('byte_secret_key:', secret_key) print('byte_message:', message) digest = hmac.new(secret_key, message, digestmod=hashlib.sha256).digest() print('digest:', digest) sig = base64.urlsafe_b64encode(digest).decode() print('sig', sig) sig = sig.rstrip('=') print('sig去除末尾=号', sig)
编码结果:
user_MD5: 14c4b06b824ec593239362517f538b29 pwd_MD5: 9be40402f45736bcb9502225fad5ec9b 张三as: fd137303d7f65f2bc84d0dd7bd90fbd6 a小四a: 4c76a06c7c2c0cd2bc61ca1f6e5e81a2 hello word:md5 = 13574ef0d58b50fab38ec841efe39df4 hello word:sha1 = e0738b87e67bbfc9c5b77556665064446430e81c hello word:sha224 = 52d3bd5b2f649ba2689a7d31973a99a8f9e46fc2a65a10dc32bbefd3 hello word:sha256 = f0da559ea59ced68b4d657496bee9753c0447d70702af1a351c7577226d97723 hello word:sha384 = a58d27ee06211edc7a64f199b7da55fd0fe31d98b2c949f83fbb95bc7fc3114d7957ca5a3ec4b489a026356135681782 hello word:sha512 = 86dfecbd488d84481bdfc5d54f52734fd40298ef68da014095a52889a35a596a3e64a9ea64f005caaa4b4d2b11d9a69f12214a31b79bbddc0872fa7561200bd2 base64String : b'aGVsbG9Xb3Jk' base64String.decode : aGVsbG9Xb3Jk decodestr: b'helloWord' decodestr.decode: helloWord b'123456' sha256str: 8D969EEF6ECAD3C29A3A629280E686CF0C3F5D5A86AFF3CA12020C923ADC6C92 p+m+q+m+qs+m+pay: PUT /api/v1/t11104_1502526876337/status timestamp=1502526886275 {"device":{"app_version_number":12,"dtype":1,"did":"2c6e2d7594e49a4a","net_type":"WIFI","system_version_name":"4.1.1","app_version_name":"1.0.2","channel":"200","lang":"zh","phone_model":"Samsung Galaxy S2 - 4.1.1 - API 16 - 480x800","country":"US"}},"previous_status":"CREATED","status_to_change":"LIVING" byte_secret_key: b'api_sign_key' byte_message: b'PUT\n/api/v1/t11104_1502526876337/status\ntimestamp=1502526886275\n{"device":{"app_version_number":12,"dtype":1,"did":"2c6e2d7594e49a4a","net_type":"WIFI","system_version_name":"4.1.1","app_version_name":"1.0.2","channel":"200","lang":"zh","phone_model":"Samsung Galaxy S2 - 4.1.1 - API 16 - 480x800","country":"US"}},"previous_status":"CREATED","status_to_change":"LIVING"' digest: b'j\xac\x15\x82\x00\xe9\x07K\xe5\x86\xdf\x1e\x05=+\x82a\x11b\xe6\x11\xde\xf4\x19\xfe\xa3\x08\x9d\x8eK[\xba' sig aqwVggDpB0vlht8eBT0rgmERYuYR3vQZ_qMInY5LW7o= sig去除末尾=号 aqwVggDpB0vlht8eBT0rgmERYuYR3vQZ_qMInY5LW7o p+m+q+m+qs+m+pay: GET /api/v1/discovery device=eyJhcHBfdmVyc2lvbl9udW1iZXIiOi0xMDAwLCJkdHlwZSI6MSwiZGlkIjoiMmM2ZTJkNzU5NGU0OWE0YSIsIm5ldF90eXBlIjoiV0lGSSIsInN5c3RlbV92ZXJzaW9uX25hbWUiOiI0LjEuMSIsImFwcF92ZXJzaW9uX25hbWUiOiIxLjAuMiIsImNoYW5uZWwiOiIyMDAiLCJsYW5nIjoiemgiLCJwaG9uZV9tb2RlbCI6IlNhbXN1bmcgR2FsYXh5IFMyIC0gNC4xLjEgLSBBUEkgMTYgLSA0ODB4ODAwIiwiY291bnRyeSI6IlVTIn0=&size=50&last_seen_pos=×tamp=1508382408763 byte_secret_key: b'api_sign_key' byte_message: b'GET\n/api/v1/discovery\ndevice=eyJhcHBfdmVyc2lvbl9udW1iZXIiOi0xMDAwLCJkdHlwZSI6MSwiZGlkIjoiMmM2ZTJkNzU5NGU0OWE0YSIsIm5ldF90eXBlIjoiV0lGSSIsInN5c3RlbV92ZXJzaW9uX25hbWUiOiI0LjEuMSIsImFwcF92ZXJzaW9uX25hbWUiOiIxLjAuMiIsImNoYW5uZWwiOiIyMDAiLCJsYW5nIjoiemgiLCJwaG9uZV9tb2RlbCI6IlNhbXN1bmcgR2FsYXh5IFMyIC0gNC4xLjEgLSBBUEkgMTYgLSA0ODB4ODAwIiwiY291bnRyeSI6IlVTIn0=&size=50&last_seen_pos=×tamp=1508382408763\n' digest: b'Sh\xcf{\xf6z\x84{\x07"\x91.\x1a\x1c\x8a\xc4|\xcfp\x1aW\x00v\x15\x11\xb3\xd1\xb0[\xd3\x1ee' sig U2jPe_Z6hHsHIpEuGhyKxHzPcBpXAHYVEbPRsFvTHmU= sig去除末尾=号 U2jPe_Z6hHsHIpEuGhyKxHzPcBpXAHYVEbPRsFvTHmU Process finished with exit code 0