请求加密
请求参数是通过加密之后,然后进行发送的,在测试中遇到过,步骤参考如下:
1、用fidder抓包,得到加密后的请求参数
2、和开发沟通系统中用到 请求参数解密 处理过程,自己把相应的jar,导入到eclips,然后写个main函数,进行调用
import com.cucu.mncv.pub.util.ZipUtils;
import com.cucu.mncv.pub.util.encrypt.DESede;
public class Test {
public static void main(String[] args) throws Exception{
String secretKey="rCE6270cmud5PG1tUX3mE65J84u8QEg";
String encryptReq = "*********";
String req = DESede.decrypt(encryptReq, secretKey);
req = ZipUtils.uncompress(req);
System.out.println(req);
}
}
3、将解密后的请求参数,写到请求中的 BeanShell PreProcessor,然后调用 加密处理,这样获得加密的请求参数
import com.cucu.mncv.pub.util.ZipUtils;
import com.cucu.mncv.pub.util.encrypt.DESede;
import com.cucu.mncv.pub.util.EncryptUtils;
String param = "{\"password\":\"593368a6-11dd-4f98-aa6b-b4b77ccd0a7a\",\"userId\":4214834,\"policyId\":0,\"proposalCover\":\"01\",\"proposalPersonal\":\"对${seq_no}\",\"proposalVO\":{\"holder\":{\"birthday\":\"1993-12-08\",\"customerId\":0,\"gender\":\"M\",\"realName\":\"土${seq_no}\",\"jobCode\":\"1501006\",\"jobName\":\"工厂、企业一般内勤\"},\"insured\":{\"birthday\":\"1992-07-10\",\"customerId\":0,\"gender\":\"F\",\"hasMedic\":\"Y\",\"realName\":\"杨${seq_no}\",\"jobCode\":\"0901001\",\"jobName\":\"教师\",\"relation\":\"4\"},\"policy1\":{\"prem\":0.0}}}";
String serviceCode = "7403";
param = ZipUtils.compress(param);
param = DESede.encrypt(param, "${secretKey}");
String req = "{\"body\":{\"param\":\"" + param + "\"},\"header\":{\"appToken\":\"${appToken}\",\"appVersion\":${appVersion},\"clientType\":\"01\",\"serviceCode\":\"" + serviceCode + "\",\"sign\":\"${sign}\",\"checkByUserToken\":true}}";
vars.put("req", req);
String digest = EncryptUtils.hash("${appToken}" + req + "${appToken}");
vars.put("digest", digest);
4、在请求中这么写
原文:https://www.cnblogs.com/xiaofeng91/p/13299283.html