Postman深入使用之对参数进行SHA1WithRSA数字签名

一、时间有限,直接show code
参考大牛文章https://www.jianshu.com/p/61b0d37a85b4

// path 为/v3/merchants/201808060000021001/payments
let path = pm.request.url.getPath();
console.log("path", path);
const merchantId = path.substring(14, 32);
console.log("merchant_id", merchantId);
const allKey = pm.globals.get("allKey");
const keyJson = JSON.parse(allKey);
// console.log('allKey',allKey);
// console.log('allKey--private,public',keyJson[merchantId]);
const pubKey = keyJson[merchantId].publicPem;
const priKey = keyJson[merchantId].privatePem;
const privatePem =
  "-----BEGIN PRIVATE KEY-----\n" + priKey + "\n-----END PRIVATE KEY-----";
const publicPem =
  "-----BEGIN PUBLIC KEY-----\n" + pubKey + "\n-----END PUBLIC KEY-----";

// 加签方法
const _toString = Object.prototype.toString;
function toRawType(value) {
  return _toString.call(value).slice(8, -1);
}

let newObj = "";
//排序的函数
function objKeySort(arys) {
  //先用Object内置类的keys方法获取要排序对象的属性名数组,再利用Array的sort方法进行排序
  if (arys === null) {
    return;
  }
  const newkey = Object.keys(arys).sort();
  for (let i = 0; i < newkey.length; i++) {
    const newArrKey = newkey[i];
    const newArrOne = arys[newkey[i]];
    //遍历newkey数组
    if (toRawType(newArrOne) === "Array") {
      for (let j = 0; j < newArrOne.length; j++) {
        objKeySort(newArrOne[j]);
      }
    } else if (toRawType(newArrOne) === "Object") {
      objKeySort(newArrOne);
    } else {
      newObj += [newArrKey] + "=" + newArrOne + "&";
    }
  }
  return newObj.substring(0, newObj.length - 1);
}

console.log(pm.globals.has("forgeJS"));
if (!pm.globals.has("forgeJS")) {
  pm.sendRequest("https://gacashier.lianlianpay-inc.com/forge.js", function(
    err,
    res
  ) {
    if (err) {
      console.log(err);
    } else {
      pm.globals.set("forgeJS", res.text());
    }
    // console.log(pm.globals.has("forgeJS"));
  });
}

var date = new Date();
var time = date.getTime(); // 1622443055162
var year = date.getFullYear() + "";
var month = date.getMonth() + 1 + "";
if (month < 10) {
  month = 0 + month;
}
var day = date.getDate() + "";
if (day < 10) {
  day = 0 + day;
}
// var time = date.getTime()+'';
// var timestamp = year +month + day + time.substr(0,6);
var hour = date.getHours();
if (hour < 10) {
  hour = "0" + hour;
}
var hours = hour + "0000";
var timestamp = year + month + day + hours;
console.log("timestamp", timestamp);
pm.environment.set("timestampHeader", timestamp);
var merchantTransactionId = timestamp + time.toString().substr(-4);
console.log("merchantTransactionId", merchantTransactionId);
pm.environment.set("merchantTransactionId", merchantTransactionId);
pm.environment.set("merchantId", merchantId);
pm.environment.set("timestampV4", Math.round(new Date().getTime()));

eval(pm.globals.get("forgeJS"));
// console.log('forge',forge);
let param = request.data;
let newParam = JSON.parse(param);
newParam.merchant_transaction_id = merchantTransactionId;
newParam.merchant_id = merchantId;

console.log("param", newParam);
// 签名方法获取buffer
const buffer = objKeySort(newParam);
// console.log('buffer',buffer);
// 开始签名
let privKey = forge.pki.privateKeyFromPem(privatePem);
const md = forge.md.sha1.create();
md.update(buffer, "utf8");
let sig = privKey.sign(md);
let erg = forge.util.encode64(sig);
// 开始验证签名
let publKey = forge.pki.publicKeyFromPem(publicPem);
var verified = publKey.verify(md.digest().bytes(), sig);

console.log("verified is: " + verified);
console.log("Signature is: " + erg);
pm.environment.set("signature", erg);

推荐阅读更多精彩内容