JMeter参数签名——Groovy脚本形式

2020-05-01 18:24:53 浏览数 (1)

发现JMeter系列写了不少文章,干脆整个全套加强版,把剩下的Demo也发一下,旧文如下:

  • 用Groovy处理JMeter断言和日志
  • 用Groovy处理JMeter变量
  • 用Groovy在JMeter中执行命令行
  • 用Groovy处理JMeter中的请求参数
  • 用Groovy在JMeter中使用正则提取赋值
  • JMeter吞吐量误差分析
  • Groovy在JMeter中处理cookie
  • Groovy在JMeter中处理header

本期继续Groovy在JMeter中应用的话题。如何在JMeter中对参数进行签名?

相比这个情况接口测试中是经常遇到的,接口的某个参数是由其他参数(包括校验token)决定的,在我的经验中,常见于PHP后端服务中。下面分享一下如何用Groovy脚本处理这种情况。大部分的代码都是开发提供的,只是做了一些调整。有兴趣的可以翻看以前的文章:从Java到Groovy的八级进化论

  • 首先新建一个简单的线程组和一个简单的请求:
  • 添加JSR223 预处理程序

脚本内容:

代码语言:javascript复制
import org.apache.commons.codec.binary.Base64;

import javax.crypto.Cipher;
import java.io.ByteArrayOutputStream;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.HashMap;
import java.util.Map;
import java.util.TreeMap;

/**
 * RSA最大加密明文大小
 */
int MAX_ENCRYPT_BLOCK = 117;

/**
 * RSA最大解密密文大小
 */
int MAX_DECRYPT_BLOCK = 128;

/**
 * RSA私钥
 */
String RSA_PRIVATE_KEY = "保密信息";
/**
 * RSA公钥
 */
String RSA_PUBLIC_KEY = "保密信息";

/**
 * 不参与签名参数
 */
String excludeKey = "sign";


/**
 * 获取私钥
 *
 * @param privateKey 私钥字符串
 * @return
 */
public PrivateKey getPrivateKey(String privateKey) throws Exception {
    KeyFactory keyFactory = KeyFactory.getInstance("RSA");
    byte[] decodedKey = Base64.decodeBase64(privateKey.getBytes());
    PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(decodedKey);
    return keyFactory.generatePrivate(keySpec);
}

/**
 * 获取公钥
 *
 * @param publicKey 公钥字符串
 * @return
 */
public PublicKey getPublicKey(String publicKey) throws Exception {
    KeyFactory keyFactory = KeyFactory.getInstance("RSA");
    byte[] decodedKey = Base64.decodeBase64(publicKey.getBytes());
    X509EncodedKeySpec keySpec = new X509EncodedKeySpec(decodedKey);
    return keyFactory.generatePublic(keySpec);
}

/**
 * RSA加密
 *
 * @param data 待加密数据
 * @param publicKey 公钥
 * @return
 */
String encrypt(String data, PublicKey publicKey) throws Exception {
    Cipher cipher = Cipher.getInstance("RSA");
    cipher.init(Cipher.ENCRYPT_MODE, publicKey);
    int inputLen = data.getBytes().length;
    ByteArrayOutputStream out = new ByteArrayOutputStream();
    int offset = 0;
    byte[] cache;
    int i = 0;
    // 对数据分段加密
    while (inputLen - offset > 0) {
        if (inputLen - offset > MAX_ENCRYPT_BLOCK) {
            cache = cipher.doFinal(data.getBytes(), offset, MAX_ENCRYPT_BLOCK);
        } else {
            cache = cipher.doFinal(data.getBytes(), offset, inputLen - offset);
        }
        out.write(cache, 0, cache.length);
        i  ;
        offset = i * MAX_ENCRYPT_BLOCK;
    }
    byte[] encryptedData = out.toByteArray();
    out.close();
    // 获取加密内容使用base64进行编码,并以UTF-8为标准转化成字符串
    // 加密后的字符串
    return new String(Base64.encodeBase64String(encryptedData));
}

/**
 * RSA解密
 *
 * @param data 待解密数据
 * @param privateKey 私钥
 * @return
 */
public String decrypt(String data, PrivateKey privateKey) throws Exception {
    Cipher cipher = Cipher.getInstance("RSA");
    cipher.init(Cipher.DECRYPT_MODE, privateKey);
    byte[] dataBytes = Base64.decodeBase64(data);
    int inputLen = dataBytes.length;
    ByteArrayOutputStream out = new ByteArrayOutputStream();
    int offset = 0;
    byte[] cache;
    int i = 0;
    // 对数据分段解密
    while (inputLen - offset > 0) {
        if (inputLen - offset > MAX_DECRYPT_BLOCK) {
            cache = cipher.doFinal(dataBytes, offset, MAX_DECRYPT_BLOCK);
        } else {
            cache = cipher.doFinal(dataBytes, offset, inputLen - offset);
        }
        out.write(cache, 0, cache.length);
        i  ;
        offset = i * MAX_DECRYPT_BLOCK;
    }
    byte[] decryptedData = out.toByteArray();
    out.close();
    // 解密后的内容
    return new String(decryptedData, "UTF-8");
}

/**
 * 签名
 *
 * @param data 待签名数据
 * @param privateKey 私钥
 * @return 签名
 */
public String sign(String data, PrivateKey privateKey) throws Exception {
    byte[] keyBytes = privateKey.getEncoded();
    PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyBytes);
    KeyFactory keyFactory = KeyFactory.getInstance("RSA");
    PrivateKey key = keyFactory.generatePrivate(keySpec);
    Signature signature = Signature.getInstance("MD5withRSA");
    signature.initSign(key);
    signature.update(data.getBytes());
    return new String(Base64.encodeBase64(signature.sign()));
}

/**
 * 验签
 *
 * @param srcData 原始字符串
 * @param publicKey 公钥
 * @param sign 签名
 * @return 是否验签通过
 */
public boolean verify(String srcData, PublicKey publicKey, String sign) throws Exception {
    byte[] keyBytes = publicKey.getEncoded();
    X509EncodedKeySpec keySpec = new X509EncodedKeySpec(keyBytes);
    KeyFactory keyFactory = KeyFactory.getInstance("RSA");
    PublicKey key = keyFactory.generatePublic(keySpec);
    Signature signature = Signature.getInstance("MD5withRSA");
    signature.initVerify(key);
    signature.update(srcData.getBytes());
    return signature.verify(Base64.decodeBase64(sign.getBytes()));
}

/**
 * 对map进行签名
 * @param mapData
 * @param privateKey
 * @return
 * @throws Exception
 */
public String sign(Map<String, String> mapData, PrivateKey privateKey) throws Exception {
    return sign(getStr(mapData), privateKey);
}

/**
 * 签名验证
 * @param mapData 参数map
 * @param publicKey 公钥
 * @return
 * @throws Exception
 */
public static boolean verify(Map<String, String> mapData, PublicKey publicKey) throws Exception {
    String sign = mapData.remove("sign");
    if (sign == null || sign.length() < 1) {
        throw new RuntimeException("参数缺少签名");
    }
    return verify(getStr(mapData), publicKey, sign);
}

/**
 * 接口请求参数转字符串
 * @param parms
 * @return
 */
public String getStr(Map<String, String> parms) {
    parms.remove("sign");
    TreeMap<String, String> sortParms = new TreeMap<>();
    sortParms.putAll(parms);
    StringBuilder builder = new StringBuilder();
    for (Map.Entry<String, String> entry : parms.entrySet()) {
        builder.append(entry.getKey());
        builder.append("=");
        builder.append(String.valueOf(entry.getValue()));
        builder.append("&");
    }
    if (builder.length() > 1) {
        builder.setLength(builder.length() - 1);
    }
    return builder.toString();
}

vars.put("MY1","flow")
props.put("MY","ewewewerr")
log.info(props.get("MY"))
sampler.addArgument("name","funteddster")
sampler.addArgument("pwd","funtddester")

def args = sampler.getArguments()
def ss = [:]
log.info(sampler.getArguments().toString())
args.getArgumentCount().times{
 def a = args.getArgument(it)
 ss.put(a.ARG_NAME,a.VALUE)
}

def my_var = sign(ss,getPrivateKey(RSA_PRIVATE_KEY)) as String;

log.warn "输出参数-------- ${vars} console"
log.info("222222 "   my_var);

sampler.addArgument("sign", my_var)
  • 控制台输出:
代码语言:javascript复制
2020-04-16 23:01:28,653 INFO o.a.j.e.StandardJMeterEngine: Running the test!
2020-04-16 23:01:28,654 INFO o.a.j.s.SampleEvent: List of sample_variables: []
2020-04-16 23:01:28,655 INFO o.a.j.g.u.JMeterMenuBar: setRunning(true, *local*)
2020-04-16 23:01:28,774 INFO o.a.j.e.StandardJMeterEngine: Starting ThreadGroup: 1 : 线程组
2020-04-16 23:01:28,774 INFO o.a.j.e.StandardJMeterEngine: Starting 1 threads for group 线程组.
2020-04-16 23:01:28,774 INFO o.a.j.e.StandardJMeterEngine: Thread will continue on error
2020-04-16 23:01:28,774 INFO o.a.j.t.ThreadGroup: Starting thread group... number=1 threads=1 ramp-up=0 perThread=0.0 delayedStart=false
2020-04-16 23:01:28,775 INFO o.a.j.t.ThreadGroup: Started thread group number 1
2020-04-16 23:01:28,775 INFO o.a.j.e.StandardJMeterEngine: All thread groups have been started
2020-04-16 23:01:28,775 INFO o.a.j.t.JMeterThread: Thread started: 线程组 1-1
2020-04-16 23:01:28,867 INFO o.a.j.m.J.JSR223 参数签名 groovy脚本: ewewewerr
2020-04-16 23:01:28,867 INFO o.a.j.m.J.JSR223 参数签名 groovy脚本: t=flow()&s=ewewewerr()&name=funteddster()&pwd=funtddester()
2020-04-16 23:01:28,871 WARN o.a.j.m.J.JSR223 参数签名 groovy脚本: 输出参数-------- org.apache.jmeter.threads.JMeterVariables@43b2b076 console
2020-04-16 23:01:28,871 INFO o.a.j.m.J.JSR223 参数签名 groovy脚本: 222222 DV1UC0RF7y7FWArtYJP8LaUYwWZm7Mc5P8vmx5e4cGqQstaW3LlfR o5mSiBTTxLY3NSvsr5EHLkLzPcfJ3YCmjJnneZj lCb7fR7XA5snwGHJNbeDejn6x3oNVEZF8i4MR/vPO9I1lawA6pEuO5t7kW21IizQdEyxAc2pxLcj8=
2020-04-16 23:01:29,034 INFO o.a.j.t.JMeterThread: Thread is done: 线程组 1-1
2020-04-16 23:01:29,035 INFO o.a.j.t.JMeterThread: Thread finished: 线程组 1-1
2020-04-16 23:01:29,035 INFO o.a.j.e.StandardJMeterEngine: Notifying test listeners of end of test
2020-04-16 23:01:29,035 INFO o.a.j.g.u.JMeterMenuBar: setRunning(false, *local*)
  • 查看结果树
  • 可以清楚看到,签名字段sign已经写到参数里面了。

0 人点赞