| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748 |
- # -*- coding: UTF-8 -*-
- import hmac
- from _sha256 import sha256
- import esigntool
- from esigntool import esign_run_print_outer
- # 回调通知验证签名方法:通过对返回参数计算签名,并和回调中的签名对比,如一致则验证成功
- config = esigntool.config() # 初始化配置类
- @esign_run_print_outer
- def signatureCheck():
- # notifyUrl = "http://saledemo.tsign.cn:9090/asyn/notify?belong=tianyin" 例:异步通知请求地址
- scert = config.scert # 项目密钥
- signture = "0e437d238*********8b3d72d6a7393af9f7e947" # 异步通知获取到的签名值
- time_stamp = "1661****383" # 回调header的X-Tsign-Open-TIMESTAMP
- query_param = "" # 客户设置的回调地址可能包含query数据,例如callback?accountId=aaa&orderNo=001。(e签宝平台不会追加任何参数)
- receive_body = "{\"action\":\"SIGN_MISSON_COMPLETE\",\"timestamp\":1661941631789," \
- "\"signFlowId\":\"227b71ae3*********e612a12a1\",\"customBizNum\":\"202200001111\"," \
- "\"signOrder\":1,\"operateTime\":166*****31000,\"signResult\":2,\"resultDescription\":\"签署完成\"," \
- "\"organization\":{\"orgId\":\"f0fee875*****00885a66d83\",\"orgName\":\"**测试企业\"}}"
- # 即通知实际内容,按照整体的字节流来处理
- sign_body = time_stamp + query_param + receive_body # 最终参与验签的请求参数
- print(sign_body)
- req_signature = doSignature(sign_body, config.scert)
- print(req_signature)
- if req_signature == signture:
- return print("验签成功")
- else:
- return print("验签失败")
- def doSignature(message, secret):
- """
- 根据待签字符串计算签名值
- :param message: 待签名字符串
- :param secret:密钥
- :return:
- """
- key = secret.encode('utf-8') # sha256加密的key
- message = message.encode('utf-8') # 待sha256加密的内容
- sign = hmac.new(key, message, digestmod=sha256).hexdigest()
- return sign
- if __name__ == '__main__':
- signatureCheck() # 执行验签
|
