def load_rsa_file(fn): key = None try: key = RSA.importKey(open(fn).read()) except Exception as err: show_exp('导入rsa的KEY文件出错', fn, err) return key
def rsa_key_str2std(skey): ret = None try: ret = RSA.importKey(skey) except Exception as err: show_exp('字符串密钥转rsa格式密钥错误', skey, err) return ret
def base64_dec(data): ret_data = b'' try: ret_data = base64.decodebytes(data) except Exception as err: show_exp('base64解码失败', '', err) return ret_data
def rsa_sign(data, rsa_key): signature = '' try: h = SHA256.new(data) signature = pkcs1_15.new(rsa_key).sign(h) except Exception as err: show_exp('RSA签名失败', '', err) return signature
def pkcs8_rsa_sign(data, rsa_key): signature = '' try: h = SHA1.new(data) signature = PKCS1_v1_5_sign.new(rsa_key).sign(h) except Exception as err: show_exp('RSA签名失败', '', err) return signature
def rsa_key_2std(skey): ret = None try: if type(skey) == RSA.RsaKey: ret = skey else: ret = RSA.importKey(skey) except Exception as err: show_exp('密钥转rsa格式错误', skey, err) return ret
def rsa_enc(data, rsa_key): ciphertext = b'' try: cipher = get_pkcs(rsa_key).new(rsa_key) for dat in block_data(data, rsa_key): cur_text = cipher.encrypt(dat) ciphertext += cur_text except Exception as err: show_exp('RSA加密失败', data, err) return ciphertext
def pkcs8_rsa_enc(data, rsa_key): ciphertext = b'' try: rsa_key = rsa_key_2std(rsa_key) cipher = PKCS1_v1_5.new(rsa_key) for dat in block_data(data, rsa_key): cur_text = cipher.encrypt(dat) ciphertext += cur_text except Exception as err: show_exp('RSA加密失败', data, err) return ciphertext
def pkcs8_rsa_dec(data, rsa_key): plaintext = b'' try: rsa_key = rsa_key_2std(rsa_key) cipher = PKCS1_v1_5.new(rsa_key) for dat in block_data(data, rsa_key): cur_text = cipher.decrypt(dat, "rsa加密出错") plaintext += cur_text except Exception as err: show_exp('RSA解密失败', '', err) return plaintext
def get_pkcs(rsa_key): if g_rsa_pkcs_type: return g_rsa_pkcs_type try: pkcs_type = PKCS1_OAEP key_size = rsa_key.size_in_bits() if key_size > 1024: pkcs_type = PKCS1_v1_5 except Exception as err: show_exp('获取RSA类型失败', rsa_key, err) return pkcs_type
def query(self, sql): try: rows = [] conn = sqlite3.connect(self.file) c = conn.cursor() cur = c.execute(sql) for r in cur: rows.append(r) conn.close() except Exception as err: slog.show_exp('SQL执行出错', sql, err) return rows
def exec(self, sql): try: conn = sqlite3.connect(self.file) c = conn.cursor() c.execute(sql) conn.commit() conn.close() ret = True except Exception as err: slog.show_exp('SQL执行出错', sql, err) ret = False return ret
def run_api_case(case_data): try: case_info = {} # 入参检查 need_para = ['para', 'addr', 'id', 'method', 'user_id'] for i in need_para: if i not in case_data: raise RuntimeError('缺少入参[' + i + '], 请检查') case_info.update({ 'case_id': case_data['id'], 'user_id': case_data['user_id'] }) # 针对接口请求前参数加密签名处理 # 请求参数加密签名预处理 para = case_data['para'] ret_ok, req_para = http_req_para_predeal(para) if not ret_ok: raise RuntimeError('参数预处理出错,请检查参数:' + para) # 需要对请求参数预处理,然后替换预处理后的请求参数 xldd = copy.deepcopy(case_data) xldd['para'] = req_para # print(req_para) # 执行测试用例 ret_ok, case_rsp = run_case.run_test_case(xldd) if not ret_ok: raise RuntimeError('测试用例执行失败:' + case_rsp['ret_msg']) # 请求结果解密,验证 rsp = case_rsp['rsp'] # 判断结果是否为合法json格式 if not util.is_json(rsp): case_rsp['ret_code'] = '1001' case_rsp['ret_msg'] = '数据结果非法,非合法json格式' else: ret_ok, text = http_rsp_para_predeal(rsp) case_rsp['rsp'] = text if ret_ok: case_rsp['ret_code'] = '0000' case_rsp['ret_msg'] = '接收应答成功' else: case_rsp['ret_code'] = '1001' case_rsp['ret_msg'] = '数据结果非法,解密验签失败' case_info.update(case_rsp) except Exception as err: slog.show_exp('接口测试不通过', req_para, err) if 'ret_msg' not in case_info: case_info['ret_code'] = '1000' case_info['ret_msg'] = '接口测试不通过' + str(err) return case_info
def rsa_dec(data, rsa_key): plaintext = b'' try: cipher = get_pkcs(rsa_key).new(rsa_key) for dat in block_data(data, rsa_key): if len(dat) > 117: cur_text = cipher.decrypt(dat, "rsa dec failed") else: cur_text = cipher.decrypt(dat) plaintext += cur_text plaintext = plaintext.decode() except Exception as err: show_exp('RSA解密失败', '', err) return plaintext
def db_insert(db_conn, tab_name, dd_item): try: ret = True # 组装SQL sql = 'insert into ' + tab_name + '(' sql_names = ', '.join([v for v in dd_item.keys()]) sql += sql_names + ') values(' sql += ', '.join([sql_value(v) for v in dd_item.values()]) sql += ')' # 执行SQL db_conn.exec(sql) except Exception as err: slog.show_exp('执行SQL插入语句失败', sql, err) ret = False return ret
def get_block_size(rsa_key): try: # RSA仅支持限定长度内的数据的加解密,需要分块 # 分块大小 reserve_size = g_rsa_reserve_size key_size = rsa_key.size_in_bits() if (key_size % 8) != 0: raise RuntimeError('RSA 密钥长度非法') # 密钥用来解密,解密不需要预留长度 if rsa_key.has_private(): reserve_size = 0 bs = 1024 / 8 - reserve_size bs = int(key_size / 8) - reserve_size except Exception as err: show_exp('计算加解密数据块大小出错', rsa_key, err) return bs
def http_req_para_predeal(para): try: ret_ok = True deal_data = {} ret_para = {} # 入参要求是json格式 if not util.is_json(para): raise RuntimeError('请求参数非法,为非合法json格式') # 读取请求参数并转成字典 para_dd = json.loads(para) # 流水号字段 lshTag = 'reqSerialNo' if lshTag in para_dd: para_dd[lshTag] = stime.get_id() # 选出需要处理的数据 for k, v in para_dd.items(): # 忽略不需要加密的直接 if k in ['insId', 'operId']: ret_para[k] = v else: deal_data[k] = v # 加密处理的数据 jpara = json.dumps(deal_data).encode() enc_para = hias_crypto.rsa_enc(jpara) ret_para['encrypt'] = enc_para.decode() # print('enc:', ret_para['encrypt']) # 数据签名 sign = hias_crypto.rsa_sign(jpara) ret_para['sign'] = sign.decode() # print('sign:', ret_para['sign']) json_para = json.dumps(ret_para) except Exception as err: slog.show_exp('参数加密签名出错', para, err) json_para = '{}' ret_ok = True return ret_ok, json_para
def http_rsp_para_predeal(rsp_data): try: plian_txt = rsp_data sign_ok = False # 解密处理的数据 para_dd = json.loads(rsp_data) enc_data = para_dd['encrypt'].encode() para_dd['plain_text'] = hias_crypto.rsa_dec(enc_data).decode() plian_txt = json.dumps(para_dd) # 数据签名 sign_data = para_dd['sign'].encode() sign_ok = hias_crypto.rsa_sign_verify(para_dd['plain_text'].encode(), sign_data) print('请求结果:', para_dd['plain_text']) except Exception as err: slog.show_exp('返回参数解密密验证签名失败', '', err) return sign_ok, plian_txt
def db_query(db_conn, tab_name, dd_cond, cols): try: ret = [] # 组装SQL sql = 'select ' + ','.join(cols) + ' from ' + tab_name if dd_cond: kvs = [] for k, v in dd_cond.items(): kvs.append(str(k) + '=' + sql_value(v)) sql += ' where ' + ' and '.join(kvs) # 执行SQL rows = db_conn.query(sql) for r in rows: cur = {} for i, v in enumerate(r): cur[cols[i]] = v ret.append(cur) except Exception as err: slog.show_exp('执行SQL查询语句失败', sql, err) return ret
def run_case_by_db(dd_conn): # 获取测试用例数据 case_datas = db.dd_query('t_test_case', dd_conn) if not case_datas: # slog.show('未找到符合条件的测试用例') return True case_data = case_datas for c in case_data: show_para = ['id', 'addr', 'para'] par = '' for p in show_para: par += p + '[' + str(c[p]) + '] ' slog.show('请求:', par) try: dd = run_api_case(c) if dd: # 结果写入数据库 db.dd_insert('t_test_case_rsp', dd) slog.show('结果', dd['ret_msg'], ' -> 测试结果已写入数据库') except Exception as err: slog.show_exp('执行测试用例失败', par, err)
def run_test_case(req_dd): try: ret_ok = True case_rsp = {'req': '', 'rsp': '', 'beg_time': '', 'ret_msg': '执行成功', 'end_time': '', 'update_time': stime.timestamp()} # url http_url = req_dd['addr'].strip() # 请求类型 http_method = req_dd['method'].upper() # 请求头 headers = http_util.g_headers if 'header' in req_dd: hd = req_dd['header'] if util.is_json(hd): headers = json.loads(hd) # 参数请求 http_para = req_dd['para'] http_para = json.loads(http_para) beg_time = stime.timestamp() if http_method == 'GET': http_url = http_util.make_http_get_url(http_url, http_para) rsp = http_util.http_get(http_url, headers) else: rsp = http_util.http_post(http_url, http_para, headers) end_time = stime.timestamp() # 返回结果处理 case_rsp = {'req': http_url, 'rsp': rsp, 'beg_time': beg_time, 'ret_msg': '执行成功', 'end_time': end_time, 'update_time': stime.timestamp()} except Exception as err: ret_ok = False case_rsp['req'] = http_url case_rsp['ret_msg'] = '执行异常:' + str(err) slog.show_exp('测试用例运行出错', req_dd, err) return ret_ok, case_rsp
def dd_query(tb, dd_cond): if tb in dd_col_name: return db_util.db_query(g_db_conn, tb, dd_cond, dd_col_name[tb]) else: slog.show_exp('数据查询失败', tb, '表配置不存在')