PyCrypto
PyCrypto是一个免费的加密算法库, 支持常见的DES、AES加密以及MD5、SHA等各种HASH运算
被测代码
"""AES加密算法"""
BS
= 16
unpad
= lambda s
: s
[0: - ord(s
[-1])]
def decryptBase64(src
):
return base64
.urlsafe_b64decode
(src
)
def decryptAES(src
):
"""
解析AES密文
"""
src
= decryptBase64
(src
)
key
= b
'W7v4D60fds2Cmk2U'
iv
= b
"1172311105789011"
cryptor
= AES
.new
(key
, AES
.MODE_CBC
, iv
)
text
= cryptor
.decrypt
(src
).decode
()
return unpad
(text
)
def aes_encryption(request
):
if request
.method
== 'POST':
data
= request
.POST
.get
("data", "")
else:
return "error"
if data
== "":
return "data null"
decode
= decryptAES
(data
)
dict_data
= json
.loads
(decode
)
return dict_data
def get_guest_list(request
):
dict_data
= aes_encryption
(request
)
if dict_data
== "data null":
return JsonResponse
({'status':10010,'message':'data null'})
if dict_data
== "error":
return JsonResponse
({'status':10011,'message':'request error'})
try:
eid
= dict_data
['eid']
phone
= dict_data
['phone']
except KeyError
:
return JsonResponse
({'status':10012,'message':'parameter error'})
if eid
== '':
return JsonResponse
({'status':10021,'message':'eid cannot be empty'})
if eid
!= '' and phone
== '':
datas
= []
results
= Guest
.objects
.filter(event_id
=eid
)
if results
:
for r
in results
:
guest
= {}
guest
['realname'] = r
.realname
guest
['phone'] = r
.phone
guest
['email'] = r
.email
guest
['sign'] = r
.sign
datas
.append
(guest
)
return JsonResponse
({'status':200, 'message':'success', 'data':datas
})
else:
return JsonResponse
({'status':10022, 'message':'query result is empty'})
if eid
!= '' and phone
!= '':
guest
= {}
try:
result
= Guest
.objects
.get
(phone
=phone
,event_id
=eid
)
except ObjectDoesNotExist
:
return JsonResponse
({'status':10022, 'message':'query result is empty'})
else:
guest
['realname'] = result
.realname
guest
['phone'] = result
.phone
guest
['email'] = result
.email
guest
['sign'] = result
.sign
return JsonResponse
({'status':200, 'message':'success', 'data':guest
})
接口文档
测试用例
from Crypto
.Cipher
import AES
import base64
import requests
import unittest
import json
class AESTest(unittest
.TestCase
):
def setUp(self
):
BS
= 16
self
.pad
= lambda s
: s
+ (BS
- len(s
) % BS
) * chr(BS
- len(s
) % BS
)
self
.base_url
= "http://127.0.0.1:8000/api/sec_get_guest_list/"
self
.app_key
= 'W7v4D60fds2Cmk2U'
def encryptBase64(self
,src
):
return base64
.urlsafe_b64encode
(src
)
def encryptAES(self
,src
, key
):
"""
生成AES密文
"""
iv
= b
"1172311105789011"
cryptor
= AES
.new
(key
, AES
.MODE_CBC
, iv
)
ciphertext
= cryptor
.encrypt
(self
.pad
(src
))
return self
.encryptBase64
(ciphertext
)
def test_aes_interface(self
):
'''test aes interface'''
payload
= {'eid': '1', 'phone': '13800138000'}
encoded
= self
.encryptAES
(json
.dumps
(payload
), self
.app_key
).decode
()
r
= requests
.post
(self
.base_url
, data
={"data": encoded
})
result
= r
.json
()
self
.assertEqual
(result
['status'], 200)
self
.assertEqual
(result
['message'], "success")
def test_get_guest_list_eid_null(self
):
''' eid 参数为空 '''
payload
= {'eid': '','phone': ''}
encoded
= self
.encryptAES
(json
.dumps
(payload
), self
.app_key
).decode
()
r
= requests
.post
(self
.base_url
, data
={"data": encoded
})
result
= r
.json
()
self
.assertEqual
(result
['status'], 10021)
self
.assertEqual
(result
['message'], 'eid cannot be empty')
def test_get_event_list_eid_error(self
):
''' 根据 eid 查询结果为空 '''
payload
= {'eid': '901','phone': ''}
encoded
= self
.encryptAES
(json
.dumps
(payload
), self
.app_key
).decode
()
r
= requests
.post
(self
.base_url
, data
={"data": encoded
})
result
= r
.json
()
self
.assertEqual
(result
['status'], 10022)
self
.assertEqual
(result
['message'], 'query result is empty')
def test_get_event_list_eid_success(self
):
''' 根据 eid 查询结果成功 '''
payload
= {'eid': '1','phone': ''}
encoded
= self
.encryptAES
(json
.dumps
(payload
), self
.app_key
).decode
()
r
= requests
.post
(self
.base_url
, data
={"data": encoded
})
result
= r
.json
()
self
.assertEqual
(result
['status'], 200)
self
.assertEqual
(result
['message'], 'success')
self
.assertEqual
(result
['data'][0]['realname'],'张三')
self
.assertEqual
(result
['data'][0]['phone'],'13800138000')
def test_get_event_list_eid_phone_null(self
):
''' 根据 eid 和phone 查询结果为空 '''
payload
= {'eid':2,'phone':'10000000000'}
encoded
= self
.encryptAES
(json
.dumps
(payload
), self
.app_key
).decode
()
r
= requests
.post
(self
.base_url
, data
={"data": encoded
})
result
= r
.json
()
self
.assertEqual
(result
['status'], 10022)
self
.assertEqual
(result
['message'], 'query result is empty')
def test_get_event_list_eid_phone_success(self
):
''' 根据 eid 和phone 查询结果成功 '''
payload
= {'eid':1,'phone':'18633003301'}
encoded
= self
.encryptAES
(json
.dumps
(payload
), self
.app_key
).decode
()
r
= requests
.post
(self
.base_url
, data
={"data": encoded
})
result
= r
.json
()
self
.assertEqual
(result
['status'], 200)
self
.assertEqual
(result
['message'], 'success')
self
.assertEqual
(result
['data']['realname'],'alen')
self
.assertEqual
(result
['data']['phone'],'18633003301')
if __name__
== '__main__':
unittest
.main
()
