ADD - 加密解密

aecd254e · RobertDing · aecd254e · aecd254e · aecd254e · aecd254e
Commit aecd254e authored Jun 13, 2016 by RobertDing
8 changed files
--- a/gmei_private_key.pem
+++ b/gmei_private_key.pem
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpQIBAAKCAQEAtFGHIApNeLNn4vnokHhhyckk3HC0mpo1BKJbQDtN7P50H/2r
+0hdjvWSBdl3mpUglEWepN9pIN+LoX49ysJ7Zo0gz/23aEKITDrGITOKDfji1F5sN
+71MK0Jlvci5USbRn4sVkjpBrqtYbWyrYLkZ3zqC+cZ/ejDKUGKgVGyiyn9ZmMeI7
+Ac+3IGyl536SSk6ec47JjuYv0lIsKecpTRAVVjGabtgE6eg0BIIeUo6MRDxzy5UT
+x5EaBd2N8kp48qyWrqFfRhoK+mcvngEs8KtGRiFcjDseCsVEA2znnxRVkoMaHVa/
+MWhpBl14jmLKoyckLZQ8LY4Z8rn4F6ly/uSuKQIDAQABAoIBAGINNzIoCAqLXAFj
+rZ/pphso4n9wVfT/x7a2ZnJeDTjDAPhoY2dByr2xCmkIFKRpv6ZgPPcfHkgtffiA
+s3fxWR1d5NCPtpV23HAP/7L3NVOMmIS2jvRFrsrRtHVdVf4iOJ9qgQy44aMq/AMu
+IBHBxeI5LHXy3fxUgI2L0LZNAhzBek/+e/RyaGjIq3UWecrR/NCVOByQLoS8VPu/
+nPbje/CD5UECvehvW6rDnDydACo2sreVTFdl25FxjRDMxDi972Hyzfnnp0H7b+SI
+ma0zSIUhfQkn5AQm5z+eXTJa41h+EjZ2NA//sonj1c7Wh1iDY7V4MYojODEgyEcV
+QyVpjtECgYEA3oc6zLaStfzxTERauqtoXp/AKMzfLn4x3wk3tyKdHFyZNOwY28Fp
+qvdSAk/N3byEGhEe1v1hEItpKXn+Nylc7JlgZ0bCVIJOFojg7cNEBUDeSkXW4Gkn
+Z80FZ+P3IaGbXlMLmht9sXnObRRL3N7OB08zFJxr7vAszxunLGcL4P0CgYEAz3Dz
+N7TmAWywU7oZXpjudJ9RFVWEjwDKe0KD+vriNgN5TswKW9RjLf/Luf8x8kFNAd1J
+nvoHU/+OxiKHDdwsjrjDqNY73kEU2niQcfAOX73Zri6Xz2gc6aYwsm80dyIYWpmm
+mEW18Vumh67JH1rNWvUCJRnAegMY+HQOcWqmb50CgYEAjzvsFSjPdmTBzJ2S6OS7
+4Wxie+CjJ4IDB9UfD7ov9rmDxBTUS19LbMiU+Pf1Quy8+ypZ93hQqh2SKyhjAY6W
+SZTQAKoDG/Jj4Q1p+qDdf6QpcRVTIk+NFbtZ521M/VDQeP5rUV6woTQOMxgFXL3t
+T7ci4fltX/coYIckK+iINOECgYEAj50nBV4cDshsmsqwXamLDPpvbFG0YDyv8f3u
+2YdvrO1iwobIdSLpNyNsq+xda9aBtdS573IyOJkpA0tMLPBNeNG5w93tvMVZ5pap
+ifgkO2x4k/p154Ww3qHL/Py4WfIk4jSV/b3lZJ+K/0ymuSpoGZyeS4k0lEQouXm/
+tg2cBJECgYEA0LiszbX+CG2PR33Ku1sQe9Cij+o79Vgdvj71C8wevjgP60Ts7NGQ
+ExaD7aoWrAsnkypiF9at1ckXVqAZBdLgO8XFUi8UUVHn7T1qi3PHIwLSwRH3rcd3
+X6Gf0o0oXMRfxWGnScWeuHPi37Y0KMGrfP4xOcVmCG3Rd6mAtVXuzlo=
+-----END RSA PRIVATE KEY-----
--- a/gmei_private_key_pkcs8.pem
+++ b/gmei_private_key_pkcs8.pem
+-----BEGIN PRIVATE KEY-----
+MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC0UYcgCk14s2fi
+eiQeGHJySTccLSamjUEoltAO03s/nQf/avSF2O9ZIF2XealSCURZ6k32kg34uhf
+j3KwntmjSDP/bdoQohMOsYhM4oN+OLUXmw3vUwrQmW9yLlRJtGfixWSOkGuq1htb
+KtguRnfOoL5xn96MMpQYqBUbKLKf1mYx4jsBz7cgbKXnfpJKTp5zjsmO5i/SUiwp
+5ylNEBVWMZpu2ATp6DQEgh5SjoxEPHPLlRPHkRoF3Y3ySnjyrJauoV9GGgr6Zy+e
+ASzwq0ZGIVyMOx4KxUQDbOefFFWSgxodVr8xaGkGXXiOYsqjJyQtlDwtjhnyufgX
+qXL+5K4pAgMBAAECggEAYg03MigICotcAWOtn+mmGyjif3BV9P/HtrZmcl4NOMMA
+GhjZ0HKvbEKaQgUpGm/pmA89x8eSC19+ICzd/FZHV3k0I+2lXbccA//svc1U4yY
+hLaO9EWuytG0dV1V/iI4n2qBDLjhoyr8Ay4gEcHF4jksdfLd/FSAjYvQtk0CHMF6
+T/579HJoaMirdRZ5ytH80JU4HJAuhLxU+7+c9uN78IPlQQK96G9bqsOcPJ0AKjay
+t5VMV2XbkXGNEMzEOL3vYfLN+eenQftv5IiZrTNIhSF9CSfkBCbnP55dMlrjWH4S
+NnY0D/+yiePVztaHWINjtXgxiiM4MSDIRxVDJWmO0QKBgQDehzrMtpK1/PFMRFq6
+q2hen8AozN8ufjHfCTe3Ip0cXJk07BjbwWmq91ICT83dvIQaER7W/WEQi2kpef43
+KVzsmWBnRsJUgk4WiODtw0QFQN5KRdbgaSdnzQVn4/choZteUwuaG32xec5tFEvc
+3s4HTzMUnGvu8CzPG6csZwvg/QKBgQDPcPM3tOYBbLBTuhlemO50n1EVVYSPAMp7
+QoP6+uI2A3lOzApb1GMt/8u5/zHyQU0B3Ume+gdT/47GIocN3CyOuMOo1jveQRTa
+eJBx8A5fvdmuLpfPaBzppjCybzR3IhhamaaYRbXxW6aHrskfWs1a9QIlGcB6Axj4
+dA5xaqZvnQKBgQCPO+wVKM92ZMHMnZLo5LvhbGJ74KMnggMH1R8Pui/2uYPEFNRL
+X0tsyJT49/VC7Lz7Kln3eFCqHZIrKGMBjpZJlNAAqgMb8mPhDWn6oN1/pClxFVMi
+T40Vu1nnbUz9UNB4/mtRXrChNA4zGAVcve1PtyLh+W1f9yhghyQr6Ig04QKBgQCP
+nScFXhwOyGyayrBdqYsM+m9sUbRgPK/x/e7Zh2+s7WLChsh1Iuk3I2yr7F1r1oG1
+1LnvcjI4mSkDS0ws8E140bnD3e28xVnmlqmJ+CQ7bHiT+nXnhbDeocv8/LhZ8iTi
+NJX9veVkn4r/TKa5KmgZnJ5LiTSURCi5eb+2DZwEkQKBgQDQuKzNtf4IbY9Hfcq7
+WxB70KKP6jv1WB2+PvULzB6+OA/rROzs0ZATFoPtqhasCyeTKmIX1q3VyRdWoBkF
+0uA7xcVSLxRRUeftPWqLc8cjAtLBEfetx3dfoZ/SjShcxF/FYadJxZ64c+LftjQo
+wat8/jE5xWYIbdF3qYC1Ve7OWg==
+-----END PRIVATE KEY-----
--- a/public.pem
+++ b/public.pem
+-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFGHIApNeLNn4vnokHhh
+yckk3HC0mpo1BKJbQDtN7P50H/2r0hdjvWSBdl3mpUglEWepN9pIN+LoX49ysJ7Z
+o0gz/23aEKITDrGITOKDfji1F5sN71MK0Jlvci5USbRn4sVkjpBrqtYbWyrYLkZ3
+zqC+cZ/ejDKUGKgVGyiyn9ZmMeI7Ac+3IGyl536SSk6ec47JjuYv0lIsKecpTRAV
+VjGabtgE6eg0BIIeUo6MRDxzy5UTx5EaBd2N8kp48qyWrqFfRhoK+mcvngEs8KtG
+RiFcjDseCsVEA2znnxRVkoMaHVa/MWhpBl14jmLKoyckLZQ8LY4Z8rn4F6ly/uSu
+KQIDAQAB
+-----END PUBLIC KEY-----
--- a/request.py
+++ b/request.py
+#!/usr/bin/env python
+# -*- coding:utf-8 -*-
+#
+#   Author  :   RobertDing
+#   E-mail  :   robertdingx@gmail.com
+#   Date    :   16/06/12 19:34:08
+#   Desc    :   加密解密请求
+#
+
+import json
+import base64
+import hashlib
+
+from Crypto import Random
+from Crypto.PublicKey import RSA
+from Crypto.Cipher import ARC4
+from Crypto.Cipher import PKCS1_v1_5
+import requests
+
+import settings
+
+
+class Request(object):
+
+    URL = settings.BASE_URL
+
+    def __init__(self):
+        yingtz_key = base64.b64decode(open(settings.YINGTZ_KEY_TEST).read())
+        self.yingtz_key = RSA.importKey(yingtz_key)
+        self.gmei_key = RSA.importKey(open(settings.GMEI_PRIVATE_KEY_PKCS8).read())
+        pass
+
+    def handler(self, endpoint):
+
+        def _fetch(**kwargs):
+            params = self.encrypt_param(kwargs)
+            resp = requests.post(self.URL+endpoint, data=params)
+            content = self.decrypt(resp.content)
+            return content
+        return _fetch
+
+    def encrypt_param(self, params):
+        one_time_key = Random.new().read(16)
+        rsa_cipher = PKCS1_v1_5.new(self.yingtz_key)
+        key = base64.b16encode(rsa_cipher.encrypt(one_time_key))
+
+        content = json.dumps(params)
+        r4_cipher = ARC4.new(one_time_key)
+        raw_content = r4_cipher.encrypt(content)
+        encoded_content = base64.b16encode(raw_content)
+
+        sign = hashlib.md5(raw_content+settings.MD5KEY).hexdigest()
+        return {
+            'key': str(key, encoding='utf8'),
+            'sign': sign,
+            'content': str(encoded_content, encoding='utf8'),
+            'partner': settings.PARTNER
+        }
+
+    def decrypt(self, raw):
+        resp = json.loads(str(raw, encoding='utf8'))
+        key = base64.b16decode(resp['key'].upper())
+        raw_content = base64.b16decode(resp['content'].upper())
+        self.check_sign(raw_content, resp['sign'])
+
+        sentinel = object()
+        cipher = PKCS1_v1_5.new(self.gmei_key)
+        key1 = cipher.decrypt(key[:256], sentinel)
+        key2 = cipher.decrypt(key[-256:], sentinel)
+        if key1 is sentinel or key2 is sentinel:
+            raise ValueError('Decrypt Error')
+        content = ARC4.new(key1+key2).decrypt(raw_content)
+        return content
+
+    def check_sign(self, content, sign):
+        if isinstance(content, str):
+            content = base64.b16decode(content.upper)
+
+        cal_sign = hashlib.md5(content+settings.MD5KEY).hexdigest()
+        if sign == cal_sign:
+            return
+        raise Exception('check sign error')
--- a/requirements.txt
+++ b/requirements.txt
+requests
+pycrypto
--- a/settings.py
+++ b/settings.py
+#!/usr/bin/env python
+# -*- coding:utf-8 -*-
+#
+#   Author  :   RobertDing
+#   E-mail  :   robertdingx@gmail.com
+#   Date    :   16/06/13 10:35:01
+#   Desc    :   
+#
+
+BASE_URL = 'http://www.xiaoying.com/api/apiBorrower/'
+
+MD5KEY = bytes('74ba4d7ad1d5bc705e6c96bbf599c3f1', encoding='utf8')
+PARTNER = 'WEI_ZHENG_FEN_QI'
+CHANNEL = 'WEI_ZHENG_FEN_QI'
+YINGTZ_KEY_TEST = 'yingtz_key_test.pem'
+YINGTZ_KEY_PROD = 'yingtz_key_prod.pem'
+GMEI_PRIVATE_KEY = 'gmei_private_key.pem'
+GMEI_PRIVATE_KEY_PKCS8 = 'gmei_private_key_pkcs8.pem'
--- a/yingtz_key_prod.pem
+++ b/yingtz_key_prod.pem
+GfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDGx57KKnwBW+6eSd9HafHAbuEUzr0bcaFrMmQ3GdrQ0ZDOsTeifAt+hBVOlFSOAzQQ0F2X9bBFDsUSNNFWSlycl7CsVHwH0kkCSFUrchgUPAqtbkOOxyZS8/xPt329Fvs6xK5W/Ds7xQ2tkX67MkW8Rc7ce0P7CpKNrENKZL6vTQIDAQAB
--- a/yingtz_key_test.pem
+++ b/yingtz_key_test.pem
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDvIfCQiQDG9Z3dLgZM2blsjZy/mrQcySryBu3rHA+OTg39AFiq/L0qi2dNRw/OvmuPegho7GnuhsmyvAtTKojEsGgLCL99Zyg+lPMRetOzD6w969pco8FJ5qgWWPvkeshTWM/WQ13HYsArnREkbF7pzyau83554JQrRB/qqlvP1QIDAQAB