An interface test method, device, equipment and storage medium
By dynamically loading encryption and decryption rules into the interface testing tool, the problem that existing tools cannot test encryption and decryption systems is solved, enabling flexible, efficient and secure interface testing, and reducing development costs and risks.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- CCB FINTECH CO LTD
- Filing Date
- 2022-09-08
- Publication Date
- 2026-07-03
AI Technical Summary
Existing interface testing tools cannot directly test systems with encryption and decryption processes, resulting in cumbersome and inefficient testing operations, failure to cover complete scenarios, and risks associated with production deployment.
By dynamically loading encryption and decryption rules in the interface testing tool, and using the Java Virtual Machine to generate encryption and decryption utility classes and dependent class objects in memory, the encryption of plaintext request messages and the decryption of response messages can be achieved, avoiding modifications to the code of the system under test.
It enables flexible, efficient, and secure interface testing, covering a full range of scenarios and reducing development costs and deployment risks.
Smart Images

Figure CN115629959B_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of software testing technology, and in particular to an interface testing method, apparatus, device and storage medium. Background Technology
[0002] When performing interface testing, API testing tools send request messages to the backend and receive response messages from the backend. During this process, the messages are always in plaintext. However, in actual testing, it was found that some systems encrypt and decrypt messages sent from the frontend at the system gateway. Therefore, it is necessary to encrypt the request messages sent to the gateway and decrypt the messages returned from the gateway, extracting information for verification to achieve the testing objective of validating the interface functionality.
[0003] However, because API testing tools process messages in plaintext, testers cannot directly use these tools to test systems with encrypted / decrypted message processing. Developers must temporarily comment out the encryption / decryption steps in the client code within the test version. Alternatively, configuring the target address for message sending directly to the system service address in the API testing tool bypasses the system gateway and allows direct plaintext message interaction with the backend service. This is cumbersome and inefficient.
[0004] In addition, this testing method cannot verify certain application scenarios, such as login authentication, and cannot truly achieve end-to-end testing. Furthermore, it is highly intrusive to the code, and if the commented-out code is not restored after the test, it can easily lead to deployment risks. Summary of the Invention
[0005] This application provides an interface testing method, apparatus, device, and storage medium to achieve flexible, efficient, and secure interface testing.
[0006] In a first aspect, one embodiment of this application provides an interface testing method applied to a testing tool server, comprising:
[0007] Receive encryption and decryption rules pre-configured from the test tool client, wherein the encryption and decryption rules are determined by the test tool client based on the system characteristics of the system under test;
[0008] Dynamically load encryption and decryption rules;
[0009] Receive test information for the interfaces of the system under test from the test tool client;
[0010] The plaintext request message in the test information is encrypted by dynamically calling the encryption function associated with the interface to be tested and the encryption key associated with the interface to be tested.
[0011] The system receives the response message returned by the system under test after encrypting the plaintext request message into a ciphertext request message, performs business processing on the ciphertext request message, and applies the decryption function associated with the interface under test and the decryption key to decrypt the response message.
[0012] The above embodiments, through flexible dynamic configuration, enable automatic configuration of different encryption and decryption systems. This allows for rapid integration with testing tools to complete interface testing without requiring modifications to the test code on the system under test, thus improving interface testing efficiency. Furthermore, it overcomes the limitation of existing testing methods that only allow plaintext interaction, resulting in insufficient coverage of complete scenarios. This achieves flexible, efficient, and secure testing.
[0013] In one possible embodiment, dynamically loading encryption / decryption rules includes:
[0014] The bytecode files generated during the compilation phase and the bytecode files in the dependent JAR packages of the encryption / decryption rules are loaded into the Java Virtual Machine (JVM) so that the JVM can generate encryption / decryption utility classes and corresponding dependent class objects in memory, thereby completing the dynamic loading of the encryption / decryption rules.
[0015] In one possible embodiment, the bytecode file for the Java Virtual Machine is generated as follows:
[0016] Write the custom encryption and decryption functions from the encryption and decryption rules into the encryption and decryption utility class;
[0017] Generate the corresponding encryption / decryption utility class file in the classpath of the encryption / decryption utility class;
[0018] Use the current system's compiler to create a compilation task for encryption / decryption utility class files;
[0019] Perform a compilation task to compile the encryption / decryption utility class files and generate bytecode files for the Java Virtual Machine.
[0020] In one possible embodiment, loading the bytecode file for the Java Virtual Machine generated during the compilation phase and the bytecode files in the dependent JAR packages in the configuration information into the Java Virtual Machine includes:
[0021] The bytecode files generated during the compilation phase and the bytecode files in the dependent JAR packages in the configuration information are loaded into the Java Virtual Machine through the URLClassLoader of the java.net package in the JDK.
[0022] In one possible embodiment, before receiving the response message returned by the system under test after processing the ciphertext request message (encrypted from the plaintext request message), the method further includes:
[0023] Identify the request URL in the test information;
[0024] The encrypted ciphertext request message, obtained by encrypting the plaintext request message according to the request address, is sent to the system gateway of the system under test so that the system gateway can decrypt the ciphertext request message.
[0025] In one possible embodiment, the system receives a response message returned by the system under test after processing the encrypted ciphertext request message (which is then processed by the system under test), and decrypts the response message using the decryption function associated with the interface under test and the decryption key, including:
[0026] Receive a response message returned by the system gateway after encrypting the first message; wherein, the first message is a processing result group of the server of the system under test after performing business processing on the plaintext request message obtained by decrypting from the system gateway;
[0027] The response message is decrypted using the decryption function associated with the interface to be tested and the decryption key.
[0028] In one possible embodiment, after decrypting the response message using the decryption function associated with the interface to be tested and the decryption key, the method further includes:
[0029] The plaintext response message obtained by decrypting the response message will be parsed.
[0030] The parsing results are sent to the test tool client for display.
[0031] In one possible embodiment, the interface to be tested includes a plaintext request message body, a request address, and a network protocol; the request address is the system gateway address of the system under test.
[0032] Secondly, embodiments of this application provide an interface testing method applied to a testing tool client, the method comprising:
[0033] Pre-configure encryption and decryption rules based on the system characteristics of the system under test;
[0034] The encryption / decryption rules are sent to the test tool server so that the test tool server can dynamically load the encryption / decryption rules.
[0035] The test information of the interface to be tested of the system under test is sent to the test tool server, so that the test tool server can dynamically call the encryption function associated with the interface to be tested to encrypt the plaintext request message in the test information according to the interface to be tested and the encryption key associated with the interface to be tested.
[0036] Receive the parsing results of the plaintext response message from the test tool server;
[0037] The plaintext response message is obtained by the system under test encrypting the plaintext request message into a ciphertext request message, processing the ciphertext request message, and returning it to the test tool server. The test tool server then decrypts the response message using the decryption function associated with the interface under test and the decryption key.
[0038] The above embodiments, through flexible dynamic configuration, enable automatic configuration of different encryption and decryption systems. This allows for rapid integration with testing tools to complete interface testing without requiring modifications to the test code on the system under test, thus improving interface testing efficiency. Furthermore, it overcomes the limitation of existing testing methods that only allow plaintext interaction, resulting in insufficient coverage of complete scenarios. This achieves flexible, efficient, and secure testing.
[0039] Thirdly, one embodiment of this application provides an interface testing method, including:
[0040] Pre-configured encryption and decryption rules, wherein the encryption and decryption rules are determined by the test tool client based on the system characteristics of the system under test;
[0041] Dynamically load encryption and decryption rules;
[0042] Obtain test information for the interface to be tested;
[0043] The plaintext request message in the test information is encrypted by dynamically calling the encryption function associated with the interface to be tested and the encryption key associated with the interface to be tested.
[0044] The system receives the response message returned by the system under test after encrypting the plaintext request message into a ciphertext request message, performs business processing on the ciphertext request message, and applies the decryption function associated with the interface under test and the decryption key to decrypt the response message.
[0045] The above embodiments, through flexible dynamic configuration, enable automatic configuration of different encryption and decryption systems. This allows for rapid integration with testing tools to complete interface testing without requiring modifications to the test code on the system under test, thus improving interface testing efficiency. Furthermore, it overcomes the limitation of existing testing methods that only allow plaintext interaction, resulting in insufficient coverage of complete scenarios. This achieves flexible, efficient, and secure testing.
[0046] Fourthly, one embodiment of this application provides an interface testing apparatus applied to a testing tool server, the apparatus comprising:
[0047] The receiving module is used to receive encryption and decryption rules pre-configured from the test tool client. The encryption and decryption rules are determined by the test tool client based on the system characteristics of the system under test.
[0048] The loading module is used to dynamically load encryption and decryption rules.
[0049] The receiving module is also used to receive test information of the interface to be tested from the test tool client of the system under test;
[0050] The encryption module is used to dynamically call the encryption function associated with the interface under test based on the interface under test and the encryption key associated with the interface under test to encrypt the plaintext request message in the test information;
[0051] The decryption module is used to receive the response message returned by the system under test after encrypting the plaintext request message into a ciphertext request message, performing business processing, and decrypting the response message using the decryption function associated with the interface under test and the decryption key.
[0052] Fifthly, one embodiment of this application provides an interface testing apparatus applied to a testing tool client, the method comprising:
[0053] The rule configuration module is used to pre-configure encryption and decryption rules based on the system characteristics of the system under test;
[0054] The sending module is used to send the encryption and decryption rules to the test tool server so that the test tool server can dynamically load the encryption and decryption rules;
[0055] The sending module is also used to send the test information of the interface to be tested of the system under test to the test tool server, so that the test tool server can dynamically call the encryption function associated with the interface to be tested to encrypt the plaintext request message in the test information according to the interface to be tested and the encryption key associated with the interface to be tested;
[0056] The receiving module is used to receive the parsing results of plaintext response messages from the test tool server;
[0057] The plaintext response message is obtained by the system under test encrypting the plaintext request message into a ciphertext request message, processing the ciphertext request message, and returning it to the test tool server. The test tool server then decrypts the response message using the decryption function associated with the interface under test and the decryption key.
[0058] Sixthly, one embodiment of this application provides an interface testing apparatus applied to an interface testing device, the apparatus comprising:
[0059] The rule configuration module is used for pre-configured encryption and decryption rules, wherein the encryption and decryption rules are determined based on the system characteristics of the system under test;
[0060] The loading module is used to dynamically load the encryption and decryption rules;
[0061] The information acquisition module is used to acquire test information for the interface to be tested.
[0062] An encryption module is used to dynamically call an encryption function associated with the interface under test to encrypt the plaintext request message in the test information based on the interface under test and the encryption key associated with the interface under test.
[0063] The decryption module is used to receive the response message returned by the system under test after encrypting the plaintext request message into a ciphertext request message and performing business processing on the ciphertext request message, and to decrypt the response message using the decryption function associated with the interface under test and the decryption key.
[0064] Seventhly, this application provides an electronic device, comprising:
[0065] Memory, used to store program instructions;
[0066] A processor for calling program instructions stored in memory and executing the steps included in any of the methods in the first aspect according to the obtained program instructions.
[0067] Eighthly, this application provides a computer-readable storage medium storing a computer program, the computer program including program instructions, which, when executed by a computer, cause the computer to perform the method of any one of the first aspects.
[0068] Ninthly, this application provides a computer program product comprising: computer program code, which, when run on a computer, causes the computer to perform the method of any one of the first aspects. Attached Figure Description
[0069] Figure 1 An architecture diagram of an interface testing system provided in one embodiment of this application;
[0070] Figure 2 A flowchart illustrating an interface testing method provided in one embodiment of this application;
[0071] Figure 3 A flowchart illustrating a method for generating bytecode files for a Java Virtual Machine, provided as an embodiment of this application;
[0072] Figure 4 A flowchart illustrating another interface testing method provided in an embodiment of this application;
[0073] Figure 5 A flowchart illustrating another interface testing method provided in an embodiment of this application;
[0074] Figure 6 A flowchart illustrating another interface testing method provided in an embodiment of this application;
[0075] Figure 7A signaling flowchart of an interface testing method provided in an embodiment of this application;
[0076] Figure 8 A schematic diagram illustrating an interface testing process provided in an embodiment of this application;
[0077] Figure 9 This is a schematic diagram of the structure of an interface testing device provided in one embodiment of this application;
[0078] Figure 10 This is a schematic diagram of the structure of an interface testing device provided in one embodiment of this application;
[0079] Figure 11 This is a schematic diagram of the structure of an interface testing device provided in one embodiment of this application;
[0080] Figure 12 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application. Detailed Implementation
[0081] To make the objectives, technical solutions, and advantages of this application clearer, the technical solutions in the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only a part of the embodiments of this application, and not all of them. Based on the embodiments of this application, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this application. Unless otherwise specified, the embodiments and features in the embodiments of this application can be arbitrarily combined with each other. Furthermore, although a logical order is shown in the flowchart, in some cases, the steps shown or described may be performed in a different order than that shown here.
[0082] The terms "first" and "second" in the specification, claims, and accompanying drawings of this application are used to distinguish different objects, not to describe a specific order. Furthermore, the term "comprising" and any variations thereof are intended to cover non-exclusive protection. For example, a process, method, system, product, or device that includes a series of steps or units is not limited to the listed steps or units, but may optionally include steps or units not listed, or may optionally include other steps or units inherent to these processes, methods, products, or devices. The term "multiple" in this application can mean at least two, for example, two, three, or more, and the embodiments of this application do not impose limitations.
[0083] The data collection, dissemination, and use in this application all comply with relevant national laws and regulations.
[0084] Before introducing the interface testing method provided in the embodiments of this application, for ease of understanding, the technical background of the embodiments of this application will be described in detail below.
[0085] When performing interface testing, API testing tools send request messages to the backend and receive response messages from the backend. During this process, the messages are always in plaintext. However, in actual testing, it was found that some systems encrypt and decrypt messages sent from the frontend at the system gateway. Therefore, it is necessary to encrypt the request messages sent to the gateway and decrypt the messages returned from the gateway, extracting information for verification to achieve the testing objective of validating the interface functionality.
[0086] However, because API testing tools process messages in plaintext, testers cannot directly use these tools to test systems with encrypted / decrypted message processing. Developers must temporarily comment out the encryption / decryption steps in the client code within the test version. Alternatively, configuring the target address for message sending directly to the system service address in the API testing tool bypasses the system gateway and allows direct plaintext message interaction with the backend service. This is cumbersome and inefficient.
[0087] In addition, this testing method cannot verify certain application scenarios, such as login authentication, and cannot truly achieve end-to-end testing. Furthermore, it is highly intrusive to the code, and if the commented-out code is not restored after the test, it can easily lead to deployment risks.
[0088] In addition, there is another existing interface testing method, which involves customizing the interface testing tool's source code based on the encryption / decryption mechanism and key of the system under test, hardcoding the key and rules into the tool. However, while this approach can temporarily achieve the purpose of interface testing of encrypted messages for a given system under test, the tool will be forced to adjust the key or encryption rules in the code under the following circumstances.
[0089] Scenario 1: The encryption algorithm or key of the system has changed.
[0090] Scenario 2: A new system needs to be integrated with the testing tool, and the encryption mechanism of the new system is different from that of the old system; each adjustment to the tool code will bring certain development costs, and the uncertainty of the development cycle will also affect the efficiency of the system integration testing tool to some extent.
[0091] Therefore, this application provides an interface testing method to achieve flexible, efficient and secure interface testing.
[0092] Before describing the embodiments of this application, for ease of understanding, the terms used in the embodiments of this application are explained below:
[0093] (1) Interface testing: Based on the interface specification and message protocol, design test scripts for message interaction scenarios, and run the test scripts through interface testing tools to send request messages to the backend service and parse and assert response messages in order to verify the interface function.
[0094] (2) Message encryption: To ensure the information security of interface messages and the security of network transmission, a mechanism is used to encrypt plaintext messages into ciphertext using encryption keys of different encryption algorithms.
[0095] (3) Message decryption: A mechanism that uses a decryption key to decrypt ciphertext into plaintext messages when plaintext messages are encrypted with encryption keys of different encryption algorithms.
[0096] (4) Dynamic compilation: Generate Java classes during Java program runtime and compile them into class files.
[0097] (5) JAVA reflection mechanism: During the execution of a Java program, dynamically compiled class classes are loaded to achieve the mechanism of dynamically obtaining the class object and dynamically calling the methods of its instance object.
[0098] (6) Gateway: A unified entry point for receiving client message requests, used for unified processing of clients such as flow control, authentication, and authorization, and then distributes messages to backend services according to load balancing strategies.
[0099] (7) JDK: Java Development Kit, a software development kit for the Java language.
[0100] (8) JVM: Java Virtual Machine, used to load Java bytecode files (.class files) generated by JDK compilation and interpret the bytecode into machine code for specific platforms for execution.
[0101] refer to Figure 1 This is an architecture diagram of an interface testing system provided in an embodiment of this application. The system includes a test tool client, a test tool server, a gateway for the system under test, and a server for the system under test.
[0102] Throughout the testing process, the testing tool acts as the client. For ease of explanation, the testing tool client can be called the tool front-end, the testing tool server can be called the tool back-end, the gateway of the system under test can be called the system gateway, and the server of the system under test can be called the system back-end.
[0103] The process involves several steps: First, the tool's front-end configures custom encryption / decryption rules. The back-end dynamically compiles these rules. The front-end inputs an interface example and associates it with the encryption / decryption rules, then sends a plaintext request to the back-end. The back-end encrypts the message and sends an ciphertext request to the system gateway. The system gateway decrypts the message and sends it back to the back-end in plaintext. The back-end processes the message, generates a response group, and returns plaintext to the gateway. The gateway then encrypts the message, returns ciphertext to the back-end, and finally decrypts it, returning plaintext to the front-end. This allows testers to parse and perform assertions based on the plaintext received by the front-end, completing the entire testing process.
[0104] The entire process is non-intrusive to the code of the system under test, requiring no temporary processing such as commenting out code. Personalized encryption and decryption mechanisms are injected through dynamic configuration, reducing coupling and increasing flexibility. It also allows for rapid integration into the system under test, enabling end-to-end testing of the entire transaction path.
[0105] refer to Figure 2 The flowchart below illustrates an interface testing method provided in this application embodiment. The method is applied to a testing tool server and includes at least the following steps.
[0106] S201. The test tool server receives encryption and decryption rules pre-configured from the test tool client. The encryption and decryption rules are determined by the test tool client based on the system characteristics of the system under test.
[0107] S202, The test tool server dynamically loads encryption and decryption rules.
[0108] S203. The test tool server receives test information from the test tool client regarding the interface to be tested in the system under test.
[0109] S204. The test tool server dynamically calls the encryption function associated with the interface under test to encrypt the plaintext request message in the test information based on the interface under test and the encryption key associated with the interface under test.
[0110] S205. The test tool server receives the response message returned by the system under test after encrypting the plaintext request message into a ciphertext request message, performs business processing, and applies the decryption function associated with the interface under test and the decryption key to decrypt the response message.
[0111] The above embodiments, through flexible dynamic configuration, enable automatic configuration of different encryption and decryption systems. This allows for rapid integration with testing tools to complete interface testing without requiring modifications to the test code on the system under test, thus improving interface testing efficiency. Furthermore, it overcomes the limitation of existing testing methods that only allow plaintext interaction, resulting in insufficient coverage of complete scenarios. This achieves flexible, efficient, and secure testing.
[0112] Regarding S201, the test tool client pre-configures encryption and decryption rules and sends these rules to the test tool server, which then receives them. During the configuration of these rules, the test tool client determines the rules based on the characteristics of the system under test.
[0113] For example, configuration personnel can configure the system under test (SUT) using a test tool client (such as a configuration interface) according to its characteristics and bind the encryption / decryption rules to the SUT. This allows them to directly invoke the corresponding encryption / decryption rules when testing the SUT's test interfaces. By customizing the encryption / decryption methods and keys through the interface, there is no need to modify the tool to accommodate changes in the system's encryption / decryption mechanism or for different systems.
[0114] In a specific example, the encryption / decryption rules include the function name, function body, parameter list, associated system under test, and dependent JAR files of the encryption / decryption function. The function name, function body, and parameter list are all user-defined.
[0115] This involves S202 and the dynamic loading of encryption and decryption rules by the test tool server.
[0116] During the dynamic configuration of encryption and decryption rules, the bytecode files (e.g., .class files) generated during the compilation phase and the bytecode files (e.g., .class files) in the dependent JAR packages of the encryption and decryption rules are loaded into the JVM (Java Virtual Machine). This loading can be achieved, for example, through the URLClassLoader class loader in the JDK's java.net package.
[0117] Then, the Java Virtual Machine generates encryption / decryption utility classes and corresponding dependency class objects in memory. This completes the dynamic loading of encryption / decryption rules, meaning that the encryption / decryption rules are loaded onto the test tool server.
[0118] The above embodiments utilize Java's dynamic compilation and reflection mechanisms to achieve dynamic loading and processing of encryption and decryption rules at runtime.
[0119] During the process of dynamically loading encryption and decryption rules, combined with Figure 3 This section explains the process of generating bytecode files for the Java Virtual Machine. Figure 3 It should include at least the following steps:
[0120] S301. Write the custom encryption / decryption functions from the encryption / decryption rules into the encryption / decryption utility class.
[0121] The test tool server writes the encryption / decryption tool class (MsgSafeTool.java) based on the custom encryption / decryption functions (encryptData, decryptData).
[0122] S302. Generate the corresponding encryption / decryption tool class file in the classpath of the encryption / decryption tool class.
[0123] For example, a corresponding encryption / decryption utility class file, such as a Java class file, is generated in the classpath of the encryption / decryption utility class.
[0124] S303. Use the current system's compiler to create a compilation task for encryption / decryption utility class files.
[0125] During the test tool's execution, the compiler of the current system is obtained using the JDK's javax.tools package, and then a compilation task compilerTsk for that class file is created.
[0126] S304. Execute the compilation task to complete the compilation of the encryption / decryption utility class files and generate bytecode files for the Java Virtual Machine.
[0127] By executing the compilation task, the encryption / decryption tool class files are compiled, generating bytecode files for the Java Virtual Machine, such as .class files.
[0128] In the case of S203, after the encryption and decryption rules are dynamically loaded, the test system server receives test information from the test system client regarding the interface to be tested in the system under test.
[0129] For example, the testing tool client can display a demonstration interface to the user, allowing the user to input test information by operating corresponding controls on the interface. For instance, the interface to be tested can also be called an interface case, and the corresponding test information may include a plaintext request message body, a request address (the system gateway address of the system under test), and network protocol information. Furthermore, since the interface to be tested is associated with a custom function in the encryption / decryption rules, the encryption / decryption functions for the messages and the decryption functions for the response messages can be explicitly defined, and the encryption / decryption keys can be written into the parameters, thereby enabling the execution of the interface case.
[0130] In the case of S204, the test tool server dynamically calls the encryption function associated with the interface under test to encrypt the plaintext request message in the test information based on the interface under test and the encryption key associated with the interface under test.
[0131] Additionally, the test tool server identifies the request address in the test information and then sends a ciphertext request message, encrypted from the plaintext request message, to the system gateway of the system under test based on the request address. In this way, the system gateway of the system under test can decrypt the ciphertext request message.
[0132] The plaintext request message obtained after decryption by the system gateway of the system under test (S205) is processed to produce a processing result packet. For ease of description, this result packet is referred to as the first message. The system gateway encrypts the first message and returns the corresponding message to the test tool server. The test tool server uses the decryption function associated with the interface under test and the decryption key to decrypt the response message.
[0133] In addition, to improve testing effectiveness, after the testing tool server decrypts the response message, it parses the resulting plaintext message and sends the parsing result to the testing tool client for display. This allows testers to perform assertion verification based on the displayed results.
[0134] The above describes the interface testing methods from the server-side of the testing tool. The following explanation will focus on the client-side of the testing tool. (References) Figure 4 It includes at least the following steps:
[0135] S401. Pre-configure encryption and decryption rules according to the system characteristics of the system under test.
[0136] S402. Send the encryption / decryption rules to the test tool server so that the test tool server can dynamically load the encryption / decryption rules.
[0137] S403. Send the test information of the interface to be tested of the system under test to the test tool server, so that the test tool server can dynamically call the encryption function associated with the interface to be tested to encrypt the plaintext request message in the test information according to the interface to be tested and the encryption key associated with the interface to be tested.
[0138] S404. Receive the parsing result of the plaintext response message from the test tool server.
[0139] The plaintext response message is obtained by the system under test encrypting the plaintext request message into a ciphertext request message, processing the ciphertext request message, and returning it to the test tool server. The test tool server then decrypts the response message using the decryption function associated with the interface under test and the decryption key.
[0140] The implementation process of each step in this embodiment is described in the foregoing embodiment and will not be repeated here.
[0141] Furthermore, to further improve the technical solution of this application, a complete flowchart is provided below to illustrate the interface testing method of this application's embodiments. See also... Figure 5 In this example, the test tool server and the test tool client are implemented together.
[0142] S501, The test tool client pre-configures encryption and decryption rules and sends the encryption and decryption rules to the test tool server. The encryption and decryption rules are determined by the test tool client based on the system characteristics of the system under test.
[0143] S502, The test tool server dynamically loads encryption and decryption rules.
[0144] S503, the test tool client sends the test information of the interface to be tested to the test tool server.
[0145] S504. The test tool server dynamically calls the encryption function associated with the interface under test to encrypt the plaintext request message in the test information based on the interface under test and the encryption key associated with the interface under test.
[0146] S505 The test tool server receives the response message returned by the system under test after encrypting the plaintext request message into a ciphertext request message, performs business processing, and applies the decryption function associated with the interface under test and the decryption key to decrypt the response message.
[0147] Alternatively, in practical applications, the functionality of the test tool server and test tool client can be integrated into a single system or device. In this case, each step can be implemented independently by the system or device. See also Figure 6 The interface testing method in this example will be explained.
[0148] S601. Pre-configured encryption and decryption rules, wherein the encryption and decryption rules are determined by the test tool client based on the system characteristics of the system under test.
[0149] S602, Dynamically load encryption and decryption rules.
[0150] S603. Obtain test information for the interface to be tested.
[0151] S604. Based on the interface to be tested and the encryption key associated with the interface to be tested, dynamically call the encryption function associated with the interface to be tested to encrypt the plaintext request message in the test information.
[0152] S605. Receive the response message returned by the system under test after encrypting the plaintext request message into a ciphertext request message and performing business processing on it, and use the decryption function associated with the interface under test and the decryption key to decrypt the response message.
[0153] Additionally, refer to Figure 7 The diagram shows a signaling flowchart for an interface testing method.
[0154] S701, the test tool client is pre-configured with encryption and decryption rules.
[0155] S702, the test tool client sends the encryption / decryption rules to the test tool server.
[0156] The encryption and decryption rules are determined by the testing tool client based on the system characteristics of the system under test.
[0157] S703, the test tool server dynamically loads encryption and decryption rules.
[0158] S704, the test tool client sends the test information of the interface to be tested to the test tool server.
[0159] S705 The test tool server dynamically calls the encryption function associated with the interface under test to encrypt the plaintext request message in the test information based on the interface under test and the encryption key associated with the interface under test.
[0160] S706. The test tool server sends the encrypted ciphertext request message, which is the result of encrypting the plaintext request message, to the system gateway of the system under test based on the request address in the test information.
[0161] S707, the system gateway decrypts the received encrypted request message.
[0162] S708: The system gateway sends the decrypted plaintext request message to the system server.
[0163] S709. The system server processes the received plaintext request message and obtains the processing result group message.
[0164] S710: The system server sends the processing result group report in plaintext to the system gateway.
[0165] S711, the system gateway encrypts the processing result group report.
[0166] S712, the system gateway sends the encrypted response message to the test tool server.
[0167] S713, the test tool server uses the decryption function associated with the interface to be tested and the decryption key to decrypt the response message.
[0168] To make the technical solution of this application easier to understand, Figure 8This diagram illustrates an interface testing process. The example describes four sub-processes: custom configuration of encryption / decryption rules, dynamic compilation, Java reflection mechanism, and interface case execution. For detailed execution procedures, please refer to the descriptions in the preceding embodiments; they will not be repeated here.
[0169] Based on the same inventive concept, embodiments of this application provide an interface testing device applied to a testing tool server, see reference. Figure 9 The device 900 includes:
[0170] The receiving module 901 is used to receive encryption and decryption rules pre-configured from the test tool client, wherein the encryption and decryption rules are determined by the test tool client according to the system characteristics of the system under test;
[0171] Load module 902 is used to dynamically load encryption and decryption rules;
[0172] The receiving module 901 is also used to receive test information of the interface to be tested of the system under test from the test tool client;
[0173] The encryption module 903 is used to dynamically call the encryption function associated with the interface under test based on the interface under test and the encryption key associated with the interface under test to encrypt the plaintext request message in the test information;
[0174] The decryption module 904 is used to receive the response message returned by the system under test after encrypting the plaintext request message into a ciphertext request message and performing business processing on it, and to decrypt the response message using the decryption function associated with the interface under test and the decryption key.
[0175] In some exemplary embodiments, the loading module 902 is specifically used for:
[0176] The bytecode files generated during the compilation phase and the bytecode files in the dependent JAR packages of the encryption / decryption rules are loaded into the Java Virtual Machine (JVM) so that the JVM can generate encryption / decryption utility classes and corresponding dependent class objects in memory, thereby completing the dynamic loading of the encryption / decryption rules.
[0177] In some example implementations, a file generation module is also included for generating bytecode files for the Java Virtual Machine in the following manner:
[0178] Write the custom encryption and decryption functions from the encryption and decryption rules into the encryption and decryption utility class;
[0179] Generate the corresponding encryption / decryption utility class file in the classpath of the encryption / decryption utility class;
[0180] Use the current system's compiler to create a compilation task for encryption / decryption utility class files;
[0181] Perform a compilation task to compile the encryption / decryption utility class files and generate bytecode files for the Java Virtual Machine.
[0182] In some exemplary embodiments, the loading module 902 is specifically used for:
[0183] The bytecode files generated during the compilation phase and the bytecode files in the dependent JAR packages in the configuration information are loaded into the Java Virtual Machine through the URLClassLoader of the java.net package in the JDK.
[0184] In some exemplary embodiments, a sending module is also included, which is configured to: before receiving a response message returned by the system under test after processing the ciphertext request message (which is encrypted from the plaintext request message):
[0185] Identify the request URL in the test information;
[0186] The encrypted ciphertext request message, obtained by encrypting the plaintext request message according to the request address, is sent to the system gateway of the system under test so that the system gateway can decrypt the ciphertext request message.
[0187] In some exemplary implementations, the decryption module is specifically used for:
[0188] Receive a response message returned by the system gateway after encrypting the first message; wherein, the first message is a processing result group of the server of the system under test after performing business processing on the plaintext request message obtained by decrypting from the system gateway;
[0189] The response message is decrypted using the decryption function associated with the interface to be tested and the decryption key.
[0190] In some exemplary implementations, a parsing module is also included, used to decrypt the response message after applying the decryption function associated with the interface to be tested and the decryption key:
[0191] The plaintext response message obtained by decrypting the response message will be parsed.
[0192] The parsing results are sent to the test tool client for display.
[0193] In some exemplary implementations, the test information for the interface to be tested includes a plaintext request message body, a request address, and a network protocol; the request address is the system gateway address of the system under test.
[0194] Based on the same inventive concept, embodiments of this application provide an interface testing device, applied to a testing tool client, see reference. Figure 10 The device 1000 includes:
[0195] Rule configuration module 1001 is used to pre-configure encryption and decryption rules according to the system characteristics of the system under test;
[0196] The sending module 1002 is used to send the encryption and decryption rules to the test tool server so that the test tool server can dynamically load the encryption and decryption rules.
[0197] The sending module 1002 is also used to send the test information of the interface to be tested of the system under test to the test tool server, so that the test tool server can dynamically call the encryption function associated with the interface to be tested to encrypt the plaintext request message in the test information according to the interface to be tested and the encryption key associated with the interface to be tested;
[0198] The receiving module 1003 is used to receive the parsing results of the plaintext response message from the test tool server;
[0199] The plaintext response message is obtained by the system under test encrypting the plaintext request message into a ciphertext request message, processing the ciphertext request message, and returning it to the test tool server. The test tool server then decrypts the response message using the decryption function associated with the interface under test and the decryption key.
[0200] Based on the same inventive concept, embodiments of this application provide an interface testing apparatus, applied to interface testing equipment, see reference. Figure 11 The device 1100 includes:
[0201] The rule configuration module 1101 is used to pre-configure encryption and decryption rules and send the encryption and decryption rules to the test tool server. The encryption and decryption rules are determined by the test tool client based on the system characteristics of the system under test.
[0202] Loading module 1102 is used to dynamically load encryption and decryption rules;
[0203] The sending module 1103 is used to send the obtained test information of the interface to be tested to the test tool server;
[0204] The encryption module 1104 is used to dynamically call the encryption function associated with the interface under test to encrypt the plaintext request message in the test information according to the interface under test and the encryption key associated with the interface under test;
[0205] The decryption module 1105 is used to receive the response message returned by the system under test after encrypting the plaintext request message into a ciphertext request message and performing business processing on it, and to decrypt the response message using the decryption function associated with the interface under test and the decryption key.
[0206] Based on the same inventive concept, this application provides an electronic device that can implement the interface testing method described above. Please refer to... Figure 12 The device includes a processor 1201 and a memory 1202.
[0207] The processor 1201 can be a general-purpose processor, such as a central processing unit (CPU), digital signal processor (DSP), application-specific integrated circuit (ASIC), field-programmable gate array (FPGA), or other programmable logic device, discrete gate or transistor logic device, or discrete hardware component, capable of implementing or executing the methods, steps, and logic block diagrams disclosed in the embodiments of this application. The general-purpose processor can be a microprocessor or any conventional processor. The steps of the methods disclosed in the embodiments of this application can be directly manifested as being executed by a hardware processor, or executed by a combination of hardware and software modules within the processor.
[0208] Memory 1202, as a non-volatile computer-readable storage medium, can be used to store non-volatile software programs, non-volatile computer-executable programs, and modules. Memory may include at least one type of storage medium, such as flash memory, hard disk, multimedia card, card-type memory, random access memory (RAM), static random access memory (SRAM), programmable read-only memory (PROM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), magnetic memory, magnetic disk, optical disk, etc. Memory is any other medium capable of carrying or storing desired program code in the form of instructions or data structures that can be accessed by a computer, but is not limited thereto. Memory 1202 in the embodiments of this application may also be a circuit or any other device capable of implementing storage functions for storing program instructions and / or data.
[0209] Based on the same inventive concept, embodiments of this application provide a computer-readable storage medium. The computer program product includes computer program code, which, when executed on a computer, causes the computer to perform any of the interface testing methods discussed above. Since the principle by which the above-described computer-readable storage medium solves the problem is similar to that of the interface testing methods, the implementation of the above-described computer-readable storage medium can be found in the implementation of the methods, and repeated details will not be elaborated further.
[0210] Based on the same inventive concept, this application also provides a computer program product, which includes computer program code. When the computer program code is run on a computer, it causes the computer to execute any of the interface testing methods discussed above. Since the principle by which the above computer program product solves the problem is similar to that of the interface testing method, the implementation of the above computer program product can be referred to the implementation of the method, and repeated details will not be repeated.
[0211] Those skilled in the art will understand that embodiments of this application can be provided as methods, systems, or computer program products. Therefore, this application can take the form of a completely hardware embodiment, a completely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, this application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.
[0212] This application is described with reference to flowchart illustrations and / or block diagrams of methods, apparatus (systems), and computer program products according to this application. It should be understood that each block of the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, generate instructions for implementing the flowchart illustrations. Figure 1 One or more processes and / or boxes Figure 1 A device that provides the functions specified in one or more boxes.
[0213] These computer program instructions may also be stored in a computer-readable storage medium that can direct a computer or other programmable data processing device to function in a particular manner, such that the instructions stored in the computer-readable storage medium produce an article of manufacture including instruction means, which are implemented in a process Figure 1 One or more processes and / or boxes Figure 1 The function specified in one or more boxes.
[0214] These computer program instructions may also be loaded onto a computer or other programmable data processing equipment to cause a series of user-operated steps to be executed on the computer or other programmable equipment to produce a computer-implemented process, thereby providing instructions that execute on the computer or other programmable equipment for implementing the process. Figure 1 One or more processes and / or boxes Figure 1 The steps of the function specified in one or more boxes.
[0215] Obviously, those skilled in the art can make various modifications and variations to this application without departing from the spirit and scope of this application. Therefore, if such modifications and variations fall within the scope of the claims of this application and their equivalents, this application also intends to include such modifications and variations.
Claims
1. An interface testing method, characterized in that, Applied to a test tool server, the method is used to test an interface to be tested of a system under test, wherein the interface to be tested is any one of a plurality of interfaces of the system under test; the method includes: Receive encryption and decryption rules pre-configured from the test tool client, wherein the encryption and decryption rules are determined by the test tool client based on the system characteristics of the system under test; By utilizing Java's dynamic compilation and reflection mechanisms, the bytecode files generated during the compilation phase and the bytecode files in the dependent JAR packages of the encryption and decryption rules are loaded into the Java Virtual Machine, so that the Java Virtual Machine generates encryption and decryption utility classes and corresponding dependent class objects in memory, thereby completing the dynamic loading of the encryption and decryption rules. Receive test information of the interface to be tested from the client of the test tool; The plaintext request message in the test information is encrypted by dynamically calling the encryption function associated with the interface to be tested and the encryption key associated with the interface to be tested. Identify the request address in the test information; send the encrypted ciphertext request message to the system gateway of the system under test according to the request address, so that the system gateway decrypts the ciphertext request message and receives the response message returned by the system gateway after encrypting the first message; apply the decryption function and decryption key associated with the interface under test to decrypt the response message; wherein, the first message is the processing result group of the server of the system under test after performing business processing on the plaintext request message obtained from the system gateway after decryption.
2. The method according to claim 1, characterized in that, The bytecode file for the Java Virtual Machine is generated in the following way: Write the custom encryption and decryption functions from the encryption and decryption rules into an encryption and decryption utility class; Generate the corresponding encryption / decryption tool class file in the classpath of the encryption / decryption tool class; The compiler of the current system is used to create a compilation task for the encryption / decryption tool class file; The compilation task is executed to compile the encryption / decryption utility class file and generate bytecode files for the Java Virtual Machine.
3. The method according to claim 1, characterized in that, The process of loading the bytecode files generated during the compilation phase and the bytecode files from the dependent JAR packages in the configuration information into the Java Virtual Machine includes: The bytecode files generated during the compilation phase and the bytecode files in the dependent JAR packages in the configuration information are loaded into the Java Virtual Machine through the URLClassLoader of the java.net package in the JDK.
4. The method according to claim 1, characterized in that, After decrypting the response message using the decryption function and decryption key associated with the interface under test, the method further includes: The plaintext response message obtained by decrypting the response message will be parsed. The analysis results are sent to the test tool client for display.
5. The method according to any one of claims 1 to 4, characterized in that, The test information for the interface to be tested includes a plaintext request message body, a request address, and a network protocol; the request address is the system gateway address of the system under test.
6. An interface testing method, characterized in that, Applied to a testing tool client, the method is used to test the interface to be tested of the system under test, wherein the interface to be tested is any one of a plurality of interfaces of the system under test; the method includes: Encryption and decryption rules are pre-configured based on the system characteristics of the system under test; The encryption / decryption rules are sent to the test tool server, so that the test tool server uses Java's dynamic compilation and reflection mechanism to load the bytecode file for the Java Virtual Machine generated during the compilation stage and the bytecode file in the dependent JAR package of the encryption / decryption rules into the Java Virtual Machine, so that the Java Virtual Machine generates encryption / decryption utility classes and corresponding dependent class objects in memory to complete the dynamic loading of the encryption / decryption rules. The test information of the interface to be tested of the system under test is sent to the test tool server, so that the test tool server dynamically calls the encryption function associated with the interface to be tested according to the interface to be tested and the encryption key associated with the interface to be tested to encrypt the plaintext request message in the test information; and so that the test tool server identifies the request address in the test information; and sends the ciphertext request message after encrypting the plaintext request message to the system gateway of the system under test according to the request address, so that the system gateway decrypts the ciphertext request message; Receive the parsing results of the plaintext response message from the test tool server; The plaintext response message is the plaintext request message returned by the system under test after encrypting the plaintext request message into a ciphertext request message, processing it, and then returning it to the test tool server. The parsing result is the response message returned by the test tool server after receiving the first message from the system gateway, encrypting it, and then decrypting the response message using the decryption function associated with the interface under test and the decryption key. The first message is the processing result group of the plaintext request message obtained by the server of the system under test after decrypting it from the system gateway.
7. An interface testing method, characterized in that, Used to test the interface to be tested of the system under test, wherein the interface to be tested is any one of a plurality of interfaces of the system under test; The method, applied to interface testing equipment, includes: Encryption and decryption rules are pre-configured, wherein the encryption and decryption rules are determined based on the system characteristics of the system under test; By utilizing Java's dynamic compilation and reflection mechanisms, the bytecode files generated during the compilation phase and the bytecode files in the dependent JAR packages of the encryption and decryption rules are loaded into the Java Virtual Machine, so that the Java Virtual Machine generates encryption and decryption utility classes and corresponding dependent class objects in memory, thereby completing the dynamic loading of the encryption and decryption rules. The test tool server obtains the test information of the interface to be tested, enabling it to identify the request address in the test information. Based on the request address, it encrypts the plaintext request message in the test information into a ciphertext request message and sends it to the system gateway of the system under test, so that the system gateway can decrypt the ciphertext request message. The test tool server then receives a response message returned by the system gateway after encrypting the first message. The server applies the decryption function and decryption key associated with the interface to be tested to decrypt the response message. The first message is a processing result packet generated by the server of the system under test after processing the plaintext request message decrypted from the system gateway. The plaintext request message in the test information is encrypted by dynamically calling the encryption function associated with the interface to be tested and the encryption key associated with the interface to be tested. The system receives a response message returned by the system under test after processing the encrypted ciphertext request message obtained from the plaintext request message. The system then uses the decryption function associated with the interface under test and the decryption key to decrypt the response message.
8. An interface testing device, characterized in that, An application in a test tool server, used to test the interface to be tested of a system under test, wherein the interface to be tested is any one of a plurality of interfaces of the system under test; the device includes: The receiving module is used to receive encryption and decryption rules pre-configured from the test tool client, wherein the encryption and decryption rules are determined by the test tool client based on the system characteristics of the system under test; The loading module is used to utilize Java's dynamic compilation and reflection mechanisms to load the bytecode files generated during the compilation phase for the Java Virtual Machine and the bytecode files in the dependent JAR packages of the encryption and decryption rules into the Java Virtual Machine, so that the Java Virtual Machine generates encryption and decryption utility classes and corresponding dependent class objects in memory to complete the dynamic loading of the encryption and decryption rules. The receiving module is also used to receive test information of the interface to be tested of the system under test from the test tool client; An encryption module is used to dynamically call an encryption function associated with the interface under test to encrypt the plaintext request message in the test information based on the interface under test and the encryption key associated with the interface under test. The decryption module is used to identify the request address in the test information; send the encrypted ciphertext request message of the plaintext request message to the system gateway of the system under test according to the request address, so that the system gateway decrypts the ciphertext request message and receives the response message returned by the system gateway after encrypting the first message; and decrypt the response message using the decryption function and decryption key associated with the interface under test; wherein, the first message is the processing result group of the server of the system under test after performing business processing on the plaintext request message obtained from the system gateway after decryption.
9. An interface testing device, characterized in that, An application for a testing tool client, used to test the interface to be tested of the system under test, wherein the interface to be tested is any one of a plurality of interfaces of the system under test; the device includes: The rule configuration module is used to pre-configure encryption and decryption rules based on the system characteristics of the system under test; The sending module is used to send the encryption and decryption rules to the test tool server, so that the test tool server uses Java's dynamic compilation and reflection mechanism to load the bytecode file for the Java Virtual Machine generated during the compilation stage and the bytecode file in the dependent JAR package of the encryption and decryption rules into the Java Virtual Machine, so that the Java Virtual Machine generates encryption and decryption tool classes and corresponding dependent class objects in memory to complete the dynamic loading of the encryption and decryption rules; The sending module is further configured to send the test information of the interface to be tested of the system under test to the test tool server, so that the test tool server dynamically calls the encryption function associated with the interface to be tested according to the interface to be tested and the encryption key associated with the interface to be tested to encrypt the plaintext request message in the test information; and so that the test tool server identifies the request address in the test information; and sends the ciphertext request message after encrypting the plaintext request message to the system gateway of the system under test according to the request address, so that the system gateway decrypts the ciphertext request message; The receiving module is used to receive the parsing results of plaintext response messages from the test tool server; The plaintext response message is the plaintext request message returned by the system under test after encrypting the plaintext request message into a ciphertext request message, processing it, and then returning it to the test tool server. The parsing result is the response message returned by the test tool server after receiving the first message from the system gateway, encrypting it, and then decrypting the response message using the decryption function associated with the interface under test and the decryption key. The first message is the processing result group of the plaintext request message obtained by the server of the system under test after decrypting it from the system gateway.
10. An interface testing device, characterized in that, Applications in interface testing equipment include: The rule configuration module is used for pre-configured encryption and decryption rules, wherein the encryption and decryption rules are determined based on the system characteristics of the system under test; The loading module is used to dynamically load the encryption and decryption rules; The information acquisition module is used to acquire test information of the interface to be tested, so that the test tool server can identify the request address in the test information; according to the request address, it sends the encrypted ciphertext request message from the plaintext request message in the test information to the system gateway of the system under test, so that the system gateway can decrypt the ciphertext request message; and so that the test tool server receives the response message returned by the system gateway after encrypting the first message; and applies the decryption function and decryption key associated with the interface to be tested to decrypt the response message; wherein, the first message is a processing result group of the server of the system under test after performing business processing on the plaintext request message obtained after decryption from the system gateway; An encryption module is used to dynamically call an encryption function associated with the interface under test to encrypt the plaintext request message in the test information based on the interface under test and the encryption key associated with the interface under test. The decryption module is used to receive the response message returned by the system under test after encrypting the plaintext request message into a ciphertext request message and performing business processing on the ciphertext request message, and to decrypt the response message using the decryption function associated with the interface under test and the decryption key.
11. An electronic device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, characterized in that, When the processor executes the computer program, it implements the steps of the method according to any one of claims 1 to 7.
12. A computer-readable storage medium having computer program instructions stored thereon, characterized in that, When executed by a processor, the computer program instructions implement the steps of the method according to any one of claims 1 to 7.
13. A computer program product, characterized in that, The computer program product includes: computer program code, which, when run on a computer, causes the computer to perform the method of any one of claims 1-7.