请求加密
请求参数是通过加密之后,然后进行发送的,在测试中遇到过,步骤参考如下:
1、用fidder抓包,得到加密后的请求参数
2、和开发沟通系统中用到 请求参数解密 处理过程,自己把相应的jar,导入到eclips,然后写个main函数,进行调用
import com.cucu.mncv.pub.util.ZipUtils;
import com.cucu.mncv.pub.util.encrypt.DESede;
public class Test {
public static void main(String[] args) throws Exception{
String secretKey="rCE6270cmud5PG1tUX3mE65J84u8QEg";
String encryptReq = "*********";
String req = DESede.decrypt(encryptReq, secretKey);
req = ZipUtils.uncompress(req);
System.out.println(req);
}
}
3、将解密后的请求参数,写到请求中的 BeanShell PreProcessor,然后调用 加密处理,这样获得加密的请求参数
import com.cucu.mncv.pub.util.ZipUtils;
import com.cucu.mncv.pub.util.encrypt.DESede;
import com.cucu.mncv.pub.util.EncryptUtils;
String param = "{"password":"593368a6-11dd-4f98-aa6b-b4b77ccd0a7a","userId":4214834,"policyId":0,"proposalCover":"01","proposalPersonal":"对${seq_no}","proposalVO":{"holder":{"birthday":"1993-12-08","customerId":0,"gender":"M","realName":"土${seq_no}","jobCode":"1501006","jobName":"工厂、企业一般内勤"},"insured":{"birthday":"1992-07-10","customerId":0,"gender":"F","hasMedic":"Y","realName":"杨${seq_no}","jobCode":"0901001","jobName":"教师","relation":"4"},"policy1":{"prem":0.0}}}";
String serviceCode = "7403";
param = ZipUtils.compress(param);
param = DESede.encrypt(param, "${secretKey}");
String req = "{"body":{"param":"" + param + ""},"header":{"appToken":"${appToken}","appVersion":${appVersion},"clientType":"01","serviceCode":"" + serviceCode + "","sign":"${sign}","checkByUserToken":true}}";
vars.put("req", req);
String digest = EncryptUtils.hash("${appToken}" + req + "${appToken}");
vars.put("digest", digest);
4、在请求中这么写