一、加密的方法有很多,我目前知道的几个java对应的python加密方法有下列这几个:
1.RSA/ECB/PKCS1Padding(java加密方法) 对应的是 encrypt(python加密方法) 模式
encrypt.py
# -*- coding:utf-8-*- python的加密方法
import base64
import json
from config import *
import requests
from Crypto.Hash import MD5
from Crypto.Cipher import PKCS1_v1_5 as Cipher_pkcs1_v1_5
from Crypto.Signature import PKCS1_v1_5 as Signature_pkcs1_v1_5
from Crypto.PublicKey import RSA
proxies = {'http': 'http://localhost:8888', 'https': 'http://localhost:8888'} #可以同步到fiddler抓包软件上
def get_encrypt_data(params):
"""分段加密"""
params = json.dumps(params)
params = params.encode("utf-8")
length = len(params)
print(f"加密内容为{params},加密的长度为:{length}")
default_length = 117
if length < default_length:
# print(base64.b64encode(encrypt_data(params)))
return base64.b64encode(encrypt_data(params))
offset = 0
params_lst = []
while length - offset > 0:
if length - offset > default_length:
params_lst.append(encrypt_data(params[offset:offset + default_length]))
else:
params_lst.append(encrypt_data(params[offset:]))
offset += default_length
new_str = params_lst[0] + params_lst[1]
return base64.b64encode(new_str).decode("utf-8")
def encrypt_data(params):
"""使用公钥对数据加密"""
# 测试环境
publickey = securityCode()
key = f"""-----BEGIN RSA PUBLIC KEY-----\n{publickey}
\n-----END RSA PUBLIC KEY-----\n""" #publickey 密钥
# 海外
# key = f"""-----BEGIN RSA PUBLIC KEY-----\n{public}
# \n-----END RSA PUBLIC KEY-----\n"""
rakes = RSA.importKey(key)
cipher = Cipher_pkcs1_v1_5.new(rakes)
text = cipher.encrypt(params)
return text
密钥
#
# def sign_data(params): #另外一种加密方式
# """对数据签名(加密)"""
# key = private_key
# rsakey = RSA.importKey(base64.b64decode(key))
# signer = Signature_pkcs1_v1_5.new(rsakey)
# digest = MD5.new(params)
# sign = signer.sign(digest)
# return base64.b64encode(sign)
def auth_login():
"""
测试环境登录接口
:return:
"""
url = "https://account-sit.tcljd.com/auth/auth/login?tenantId=f3M/A/aIDuv7VltXYaTbA0U4KhTbs4AgsVvYyz08EhqG3uofh+/eXYtaFoFhS3ip5yQr0z3PrRoH+7xFkEMvbWxconHFG8cqFsnnfaKn2sI/FhjlD/depaZGzSbeE9gOnhQyalwBzrj0grnndEqHYUTiz9i9sp20y2O+DXTu9LY%3D&appId=Ha+u1jzW8g9cMmS/wBhwYGuobJhgJNY+nLeqFlJX5RIzsaKNH5O1b0l2Ov1N1CI41TpN7bwABJEwBxXKb8R2+PM4OCo74xQsCAS37xEZpVKMbHGzvIx7mKTTQgFqrtZNcQLzb7euAyIXgBcU6iCkTXVsvYkR+o60fy/IFd3Amks%3D&appSecret=PnXr2qWbUge2cEwMX7Lp2/MCn1eIT/5xVoiDDvr49GYSf9kK5S729j9s+Jt6pD61t5yQxg6ZR4CY3HqEdQ+8rA6+S+irfFcnpGFep7T+SamXjEwQniDBmTpQglW+W3oM32ygWzBVAfSCACgcOBUWhdt1Y+TcgIVd28f+/bvU5DI%3D"
header = {
"Content-Type": "application/json;charset=utf-8",
"Encrypt": 'true',
"EncryptVersion": "2.0",
"t-store-uuid": 'TCL+',
"t-app-version": "1.6.1.24",
"t-platform-type": "Android"
}
data = {"channel": "app",
"deviceId": "android--4707706256531588119-1639619498082",
"password": "fd7ede4cc9f45afbe00acd31e4056a3d",
"username": "13720140009"}
res = requests.post(url=url, data=get_encrypt_data(data), headers=header, verify=False)
print(res.json())
def encrypt(mess):
url = "http://127.0.0.1:8899/test/encrypt"
body = {
"name": mess
}
res = requests.post(url=url, data=body)
print(res.text)
return res.text
def logoutByPassword():
"""
海外 登出
:return:
"""
base_url = 'https://account-sg-dev.tcljd.com'
url = f"{base_url}/account/logoutByPassword?clientId=99999999&username=guopeng4321@qq.com&token=eyJhbGciOiJSUzI1NiJ9" \
f".eyJleHAiOjE2NDIyMzU1MjIsImlhdCI6MTYzOTY0MzUyMiwidXNlcm5hbWUiOiI2ODg0NDIyNzIifQ" \
f".sUmF8Nh5c7ALEJKhpCb_dUNENuvygafAQ0h6i0I6YyC2DkkWmYLy-AJEbeZYbzAei2WSkH" \
f"-nhFbAuI2JBSs_Bkvgwk7zW7S8ssXQ82STqDb_ROdcX8gndI1ZpM082oR2pfCjsRZC50ds_BSfHbQEgkZ9OUAk4bXCojgOJe_rv7U"
data = {
# "encryptPwd": get_encrypt_data("16d7a4fca7442dda3ad93c9a726597e4").decode("utf-8")
"encryptPwd": encrypt("16d7a4fca7442dda3ad93c9a726597e4")
# "encryptPwd":"SogxeFPdMOMzqUJ7RJUTMOSAEIrClGW/WkuhmDilia83B6rG2LAyCGgOTT6MH3LDnUs8evqAacmJsYXTdr55WxC/dGGRmiNH3fcMzcv4E4l2euWnrzsEGtcfOIDQlxZbTNB+TkaW0QShEO17kqUZz1mhEoVAqjFzljecI/iF1YE="
}
res = requests.post(url=url, json=data, verify=False)
print(f"请求的{url}")
print(res.json())
def logining():
url = "http://teststore.tclo2o.cn/rest/sysmanager/login"
body = {"account": get_encrypt_data("tclplus"), "password": get_encrypt_data("kuyu@123"),
"systemType": "shop_store", "tenantId": "TCL"}
header = {"t-id": "TCL"}
res = requests.post(url=url, json=body, headers=header, verify=False, proxies=proxies)
print(f"请求的{url}")
print(res.json())
if __name__ == '__main__':
# get_encrypt_data("123456")
# auth_login()
# logoutByPassword()
# encrypt("16d7a4fca7442dda3ad93c9a726597e4")
# securityCode()
logining()
2.RSA(java加密方法) 对应的是nopadding(python加密方法) 模式
# -*- coding: utf-8 -*-
import base64
import requests
import rsa
from Crypto.PublicKey import RSA
from config import *
def padding(s):
b = bytes(s.encode())
for i in range(128 - len(b)):
b = b'\x00' + b
# print(b)
return b
#
# def encrypt(mess):
# url = "http://127.0.0.1:8899/test/encrypt"
# body = {
# "name": mess
# }
# res = requests.post(url=url, data=body)
# # print(res.text)
# return res.text
class RsaNodding:
def __init__(self):
public = securityCode()
key = f"""-----BEGIN RSA PUBLIC KEY-----\n{public}
\n-----END RSA PUBLIC KEY-----\n""" #密钥同上
self.pubkey = RSA.importKey(key)
def encrypt(self, message):
kLen = rsa.common.byte_size(self.pubkey.n)
msg = padding(message)
_b = rsa.transform.bytes2int(msg)
_i = rsa.core.encrypt_int(_b, self.pubkey.e, self.pubkey.n)
result = rsa.transform.int2bytes(_i, kLen)
result = (base64.b16decode(result.hex().upper()))
# print(base64.b64encode(result))
return base64.b64encode(result)
def logoutByPassword():
"""
海外 登出
:return:
"""
base_url = 'https://account-sg-dev.tcljd.com'
url = f"{base_url}/account/logoutByPassword?clientId=99999999&username=guopeng4321@qq.com&token" \
f"=eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE2NDIyMzg3OTQsImlhdCI6MTYzOTY0Njc5NCwidXNlcm5hbWUiOiI2ODg0NDIyNzIifQ" \
f".uM32m4Di3FdYdVx3CG2g17wn5f3tVN9rSxOoGY0EHmIvnxUKLzDSFB8GmlIKyozGOXsb6bGpceDvSAzED37IaJMlzkE9XwM0TYoLaimBB_h4CKkJyPWAuW1GiRTDDOG9b-gS6P3K8ietMInKft17EM6HzwkAPm59_soitu9_uEI"
data = {
"encryptPwd": RsaNodding().encrypt("16d7a4fca7442dda3ad93c9a726597e4").decode("utf-8")
}
print(f"请求参数为:{data}")
print(url)
res = requests.post(url=url, json=data, verify=False)
print(res.json())
def logining():
url = "http://teststore.tclo2o.cn/rest/sysmanager/login"
body = {"account": RsaNodding().encrypt("tclplus").decode("utf-8"), "password": RsaNodding().encrypt("kuyu@123").decode("utf-8"),
"systemType": "shop_store", "tenantId": "TCL"}
header = {"t-id": "TCL"}
res = requests.post(url=url, json=body, headers=header, verify=False, proxies=proxies)
print(f"请求的{url}")
print(res.json())
# def comprise(args):
# """
# 对比
# :return:
# """
# result = encrypt(args)
# result1 = RsaNodding().encrypt(args).decode("utf-8")
# if result == result1:
# print(f"java的加密结果和python的加密结果一样:\n加密结果为{result}")
# 解密
if __name__ == '__main__':
# logoutByPassword()
# RsaNodding().encrypt("16d7a4fca7442dda3ad93c9a726597e4")
# comprise("16d7a4fca7442dda3ad93c9a726597e4")
logining()
3.RSA/ECB/PKCS1OAEPPadding(java加密方法) 对应的是 RSA.pkcs1_oaep_padding(python加密方法)模式