def make_sign(data, sign_key): """ 根据传入的字典数据data,根据data中的sign_type生成sign,并放置到data中。 :param dict data: 需要计算签名的字典数据,需要包含sign_type :return str: 根据data['sign_type']计算产生的签名 """ sorted_keys = data.keys() sorted_keys.sort() data_list = [ smart_utf8(key) + '=' + smart_utf8(data[key]) for key in sorted_keys if key not in ['sign'] and data[key] ] # ATTENTION: 包含sign_type,但不包含sign, 且不能包含空字段 _log_alipay_codec_v2.debug('data_list is: %s', str(data_list)) unsigned_data = _ALIPAY_SEPORATOR.join(data_list) pri_key = RSA.importKey( rsa.pem.save_pem(contents=(base64.decodestring(sign_key)), pem_marker='RSA PRIVATE KEY')) # signer = PK.new(key_obj) # sign_str = SHA.new(unsigned_data) # sign_raw = signer.sign(sign_str) # sign = base64.b64encode(sign_raw) # pri_key = rsa.PrivateKey.load_pkcs1(sign_key) # if verify_key is start_with '----BEGIN...' sign = rsa.sign(unsigned_data, pri_key, 'SHA-1') sign = base64.b64encode(sign) _log_alipay_codec_v2.debug("sign: %s", sign) return sign
def sign(params, baifubao_key, sign_method=SIGN_METHOD_MD5, charset=CHARSET_GBK): keys = params.keys() keys.sort() sign_data = '' for k in keys: sign_data += smart_utf8(k) + '=' + smart_utf8(params[k]) + '&' sign_data += 'key' + '=' + smart_utf8(baifubao_key) sign = '' sign_data = transcoding(sign_data, charset) print "sign_data: %r" % sign_data if sign_method == SIGN_METHOD_MD5: md5 = hashlib.md5() md5.update(sign_data) sign = md5.hexdigest().upper() elif sign_method == SIGN_METHOD_SHA_1: sha1 = hashlib.sha1() sha1.update(sign_data) sign = sha1.hexdigest().upper() else: err_msg = 'sign undefine sign_method:"%d"' % sign_method raise BaiFuBaoException(err_msg) print 'sign result: %s' % sign return sign
def sign(self, data, sign_key): '''push_entry 签名''' md5 = hashlib.md5() try: keys = sorted(data.keys()) values = [] for key in keys: values.append('%s=%s' % (key, smart_utf8(data[key]))) str_v = '&'.join(values) md5.update(str_v + smart_utf8(sign_key)) return md5.hexdigest().upper() except: log.error(traceback.format_exc()) raise ParamError('签名错误')
def transcoding(orig_str, charset): if charset == CHARSET_GBK: charset_name = 'gbk' else: err_msg = 'sign undefine charset:"%d"' % charset raise BaiFuBaoException(err_msg) return smart_utf8(orig_str).decode('utf8').encode(charset_name)
def create_direct(self, subject, out_trade_no, total_fee, out_user=''): '''预下单获取令牌''' if not isinstance(subject, types.UnicodeType): subject = subject.decode('utf-8') req_data_dict = { 'direct_trade_create_req': { 'subject': subject, 'out_trade_no': out_trade_no, 'total_fee': total_fee, 'seller_account_name': self.account, 'call_back_url': self.callback_url, 'notify_url': self.notify_url, 'out_user': out_user, 'merchant_url': self.merchant_url, 'pay_expire': '3600', #'agent_id':'', } } req_data = self.serialize_xml(req_data_dict) time_str = datetime.datetime.now().strftime('%Y%m%d%H%M%S') param = { 'service': ALIPAY_WAP_SERVICE_CREATE_DIRECY, 'format': self.format, 'v': self.v, 'partner': self.pid, 'req_id': out_trade_no + '_' + time_str, 'sec_id': self.sign_type, 'req_data': smart_utf8(req_data), '_input_charset': self.charset, } param = AlipayWap.add_sign(param, self.key) return param
def make_sign(data, sign_key, sign_type=''): """ 根据传入的字典数据data,根据sign_type或data中的sign_type生成并返回sign(优先使用 参数sign_type),不修改data。 :param dict data: 需要计算签名的字典数据,可以包含sign_type :param str sign_key: 签名使用的key :param str sign_type: 签名方法, 优先使用传入的sign_type,其次才是data中的sign_type :return str: 根据sign_type或data['sign_type']计算产生的签名 """ unsigned_data = Alipay._make_pre_signed_str(data) _log_alipay_codec_v2.debug('presigned data_str is: %s', unsigned_data) if not sign_type: sign_type = data.get('sign_type', '') if sign_type == SIGN_TYPE_MD5: unsigned_data += smart_utf8(sign_key) md5 = hashlib.md5() md5.update(unsigned_data.decode('utf-8').encode(_ALIPAY_CHARSET)) sign = md5.hexdigest() elif sign_type == SIGN_TYPE_RSA: pri_key = RSA.importKey( rsa.pem.save_pem( contents=(base64.decodestring(sign_key)), pem_marker='RSA PRIVATE KEY' ) ) sign = rsa.sign(unsigned_data, pri_key, 'SHA-1') sign = base64.b64encode(sign) else: raise AlipayNotSupportSignTypeError('{sign_type} is not implement.'.format(sign_type=sign_type)) _log_alipay_codec_v2.debug("sign: %s", sign) return sign
def _make_pre_signed_str(data): data_list = [] # '_input_charset' 必须位于第一个位置。 这里做特殊处理,防止有数字开头的key时,排序不能位于第一个。 input_charset = data.get('_input_charset', _ALIPAY_CHARSET) if '_input_charset' in data: input_charset_str = '_input_charset=' + input_charset data_list.append(input_charset_str) sorted_keys = data.keys() sorted_keys.sort() other_data_list = [smart_utf8(key)+'='+smart_utf8(data[key]) for key in sorted_keys if key not in ['sign', 'sign_type', '_input_charset'] and data[key]] data_list.extend(other_data_list) return _ALIPAY_SEPORATOR.join(data_list)
def add_sign(params, alikey, charset='utf-8'): keys = params.keys() keys.sort() unsigned_data = '' for key in keys: unsigned_data += smart_utf8(key) + '=' + smart_utf8(params[key]) if key != keys[-1]: unsigned_data += '&' unsigned_data += smart_utf8(alikey) md5 = hashlib.md5() md5.update(unsigned_data.decode('utf-8').encode(charset)) sign = md5.hexdigest() params['sign'] = sign return params
def check_sign(params, alikey, charset='utf-8'): if 'sign' in params: keys = params.keys() keys.sort() query = [] for key in keys: if key not in ('sign', 'sign_type'): query.append('%s=%s' % (smart_utf8(key), smart_utf8(params[key]))) data = '&'.join(query) + smart_utf8(alikey) md5 = hashlib.md5() md5.update(data) return params['sign'].upper() == md5.hexdigest().upper() return False
def send_sms(mobile, code): '''发送验证码''' sms = PreSms(PRESMS_SERVER) content = CAPTCHA_CONTENT % code ret, msg = sms.sendSms(mobile, smart_utf8(content), PRESMS_TAG, CAPTCHA_SRC, CAPTCHA_TARGET) log.info('func=send_sms|mobile=%s|code=%s|ret=%s|msg=%s', mobile, code, ret, unicode(msg, 'utf-8')) return ret, msg
def check_sign(params, key): '''检查签名''' if 'sign' in params: keys = params.keys() keys.sort() query = [] for k in keys: if k not in ('sign') and params[k]: query.append('%s=%s' % (smart_utf8(k), smart_utf8(params[k]))) data = '&'.join(query) data += "&%s=%s" % ("key", smart_utf8(key)) md5 = hashlib.md5() md5.update(data) return params['sign'] == md5.hexdigest().upper() return False
def _sign_(self, indata, not_include=["sign"]): ''' 发送请求数据签名 ''' keys = indata.keys() keys.sort() tmp = [] for key in keys: if key not in not_include and indata[key]: tmp.append("%s=%s" % (smart_utf8(key), smart_utf8(indata[key]))) tmp.append("%s=%s" % ("key", smart_utf8(self.key))) tmpStr = '&'.join(tmp) md5 = hashlib.md5() md5.update(tmpStr.decode('utf-8').encode(self.charset)) indata['sign'] = md5.hexdigest().upper() return md5.hexdigest().upper()
def sign(cls, params, field_not_sign = ['merchantSign', 'version', 'token']): ''' 签名方法 ''' keys = params.keys() keys = filter(lambda k : k not in field_not_sign, keys) keys.sort() sign_str = ["%s=%s" % (smart_utf8(k), smart_utf8(params.get(k, ''))) for k in keys] sign_str = smart_utf8('&'.join(sign_str)) log.debug('sign_str:%s', sign_str) h = hashlib.sha256(sign_str) log.debug("hash:%s", h.hexdigest()) sign_bytes = cls.PRIVATE_KEY.private_encrypt(h.hexdigest().lower(), M2Crypto.RSA.pkcs1_padding) sign = base64.b64encode(sign_bytes) log.debug('merchantSign:%s', sign) params['merchantSign'] = sign # 参数des加密 for key in params.keys(): if key in cls.PAY_ENC_FIELDS and params.get(key): des = base64.b64decode(cls.DES_KEY) des_cipher = M2Crypto.EVP.Cipher(alg='des_ecb', op=1, iv='123456', padding=1, key=des) v = des_cipher.update(str(params[key])) v += des_cipher.final() params[key] = base64.b64encode(v) return params
def __init__(self, pid, key, account, callback_url='', notify_url='', merchant_url=''): self.pid = pid self.key = smart_utf8(key) self.account = account self.callback_url = callback_url self.notify_url = notify_url self.merchant_url = merchant_url self.charset = 'utf-8' self.sign_type = 'MD5' self.format = 'xml' self.v = '2.0'
def auth_and_execute(self, request_token): '''令牌生成url''' req_data_dict = { 'auth_and_execute_req': { 'request_token': request_token, } } req_data = self.serialize_xml(req_data_dict) param = { 'service': ALIPAY_WAP_SERVICE_AUTH_AND_EXECUTE, 'format': self.format, 'v': self.v, 'partner': self.pid, 'sec_id': self.sign_type, 'req_data': smart_utf8(req_data), '_input_charset': self.charset, } param = AlipayWap.add_sign(param, self.key) return param
def set_headers(self, headers={}): if headers: for k,v in headers.iteritems(): self.resp.headers[k] = smart_utf8(v)
def __init__(self, appid, key, mch_id): self.appid = appid self.key = smart_utf8(key) self.mch_id = mch_id self.charset = 'utf-8'
def common_create(self, service, out_trade_no, subject=None, total_fee=None, product_code=None, notify_url=None, return_url=None, price=None, quantity=None, body=None, show_url=None, seller_id=None, seller_email=None, buyer_id=None, buyer_email=None, operator_type=None, operator_id=None, goods_detail=None, extend_params=None, it_b_pay='1c', royalty_type=None, royalty_parameters=None, channel_parameters=None, currency=None, alipay_ca_request=None, dynamic_id_type=None, dynamic_id=None, ref_ids=None, refund_amount=None, trade_no=None, out_request_no=None, refund_reason=None, payment_type=None): params = {} params['service'] = service params['partner'] = self.pid params['out_trade_no'] = out_trade_no if subject: params['subject'] = subject if total_fee: params['total_fee'] = '%.2f' % total_fee if product_code: params['product_code'] = product_code if notify_url: params['notify_url'] = notify_url if return_url: params['return_url'] = return_url if show_url: params['show_url'] = show_url if total_fee and price and quantity and price * quantity == total_fee: params['price'] = '%.2f' % price params['quantity'] = quantity if body: params['body'] = body if seller_id: params['seller_id'] = seller_id elif seller_email: params['seller_email'] = seller_email elif service == ALIPAY_SERVICE_PRECREATE or service == ALIPAY_SERVICE_CREATEANDPAY: params['seller_id'] = self.pid if buyer_id: params['buyer_id'] = buyer_id if buyer_email: params['buyer_email'] = buyer_email if operator_type: params['operator_type'] = operator_type if operator_id: params['operator_id'] = operator_id if goods_detail: params['goods_detail'] = goods_detail if extend_params: params['extend_params'] = extend_params if it_b_pay: params['it_b_pay'] = it_b_pay if royalty_type: params['royalty_type'] = royalty_type if royalty_parameters: params['royalty_parameters'] = royalty_parameters if channel_parameters: params['channel_parameters'] = channel_parameters if currency: params['currency'] = currency if alipay_ca_request: params['alipay_ca_request'] = alipay_ca_request if dynamic_id_type: params['dynamic_id_type'] = dynamic_id_type if dynamic_id: params['dynamic_id'] = dynamic_id if ref_ids: params['ref_ids'] = ref_ids if refund_amount: params['refund_amount'] = '%.2f' % refund_amount if trade_no: params['trade_no'] = trade_no if out_request_no: params['out_request_no'] = out_request_no if refund_reason: params['refund_reason'] = refund_reason if payment_type: params['payment_type'] = payment_type params['_input_charset'] = self.charset params['charset'] = self.charset param_keys = params.keys() param_keys.sort() unsigned_data = '' for key in param_keys: unsigned_data += smart_utf8(key) + '=' + smart_utf8(params[key]) if key != param_keys[-1]: unsigned_data += '&' unsigned_data += smart_utf8(self.key) if self.sign_type == 'MD5': md5 = hashlib.md5() md5.update(unsigned_data) sign = md5.hexdigest() else: # 其它签名方式未实现 sign = '' params['sign'] = sign params['sign_type'] = self.sign_type #for key in params: # params[key] = str(params[key]).decode('utf-8').encode(self.charset) return params