postman签名md5跟rsa - xiaogardenz/Work GitHub Wiki
md5与rsa签名
规则:
一、将非空参数值的参数按照参数名ASCII码从小到大排序(字典序),使用URL键值对的格式(即key1=value1&key2=value2…)拼接成字符串stringA。
特别注意以下重要规则:
◆ 参数名ASCII码从小到大排序(字典序); ◆ 如果参数的值为空或为null不参与签名; ◆ 参数名区分大小写;
二、再使用RSA加密规则,把拼接成字符串stringA加密,得到RSA加密后的值rsaValue。
三、最后值rsaValue,使用base64_encode编码所得最后sign参数值signValue;
var data = request.data;
function getStr(){
var data = request.data;
delete data['sign'];
var keys = [];
for(var k in data) {
keys.push(k);
}
keys.sort();
var kv = [];
for (var v of keys) {
kv.push(v + '=' + data[v]);
}
var kvStr = kv.join('&');
return kvStr;
}
var kvStr = getStr();
if(data.sign_type=='MD5'){
pm.globals.set('signkey','ca726fd39c3e64657fd44adcdbacef38');
kvStr = kvStr+pm.globals.get('signkey');
var sign_value = CryptoJS.MD5(kvStr).toString();
}else{
pm.sendRequest('http://api.wanxun.com/jsrsasign-rsa-min.js', function (err, res) {
if (err) {
console.log(err);
} else {
pm.globals.set("forgeJS", res.text());//设置好
}
});
eval(postman.getGlobalVariable("forgeJS"));//初始化,然后下面就可以调用方法
const private_key = '-----BEGIN RSA PRIVATE KEY-----'+
'MIICXgIBAAKBgQCTsYpXiOEbHTLW7IdhxUD5UV+5m9BPuJQCV0sp8677oN2ahYaB'+
'IYoAZego7JdytGKDotU/L/+WshjBhi2kdf5QQsc6VdXGpcpcm3Eb55Xzm8HbH2rt'+
'IwSk0U/O+OYT/N7dnkI47suoqHaLkoF5Z1RgnpZcOG8CeHn65uJEafmlrwIDAQAB'+
'AoGBAINIao96tZYTc1CGeaTX4PR9d9iV/yoOCUq3a7HD0YQMr08eZ7w7It9NtntC'+
'KzEj1Pnr8SA0uz2p28WSTtoEpGQ795Vk0l7pmn8Q/XwJbxQ/EJb7n2Df5AMgKa8i'+
'+hcUKA+dmhUFysmNARvYvKfPSee3RsmtMDXZ0H3ePH808e+BAkEAwrafxbJ7naPS'+
'5Fd/PRl3oH/kxDcOWb+DRVi9mFatSihTWQmOZzbOPt1xJOuWvPqX4BRA6nvW4noc'+
'k5occOOXbwJBAMIuNS5HRHUztIqoBOYYxm6XYKK5uCT5cel+VlP0sGoPAZlxV+Ih'+
'YeveinvARafTPRLoAGJRmlgX0dnBaS9dtcECQH5xFWPOOZPu1H5Pi2Lj7Nke9DGv'+
'BvSk9tvLeqM4diOX+DfzirPf1SLhrh2plyN1H7b1sAoVDT/YyEHZa+qrAKUCQQC/'+
'w0RPtJ/dordMK0vTNGpacvJDIWfCU/lz3olAlifWRYWN1Eo3DkKW3goi1imz6D+r'+
'OSSP9AiZsMRT6NaIqWHBAkEAim6hH4kVudPcNSNb/tTGBZDX2UBJLIgE4IjLQTop'+
'tI7fOglrgC3SUs1WzPoc59ndSFDDmEY0PxTarPD+JqLBIg=='+
'-----END RSA PRIVATE KEY-----';
var rsa = new RSAKey();
rsa.readPrivateKeyFromPEMString(private_key);
var hSig = rsa.sign(kvStr,'sha1');
var sign_value = hextob64(hSig);
}
pm.globals.unset('sign');
pm.globals.set("sign",sign_value);
//console.log(sign_value);