CN115858395A - Password function testing method and device, electronic equipment and storage medium - Google Patents
Password function testing method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN115858395A CN115858395A CN202310042943.XA CN202310042943A CN115858395A CN 115858395 A CN115858395 A CN 115858395A CN 202310042943 A CN202310042943 A CN 202310042943A CN 115858395 A CN115858395 A CN 115858395A
- Authority
- CN
- China
- Prior art keywords
- password
- calling
- test case
- module
- condition
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012360 testing method Methods 0.000 title claims abstract description 161
- 238000000034 method Methods 0.000 claims abstract description 28
- 230000006870 function Effects 0.000 claims description 48
- 238000004891 communication Methods 0.000 claims description 19
- 238000004590 computer program Methods 0.000 claims description 13
- 238000011990 functional testing Methods 0.000 abstract description 6
- 238000012986 modification Methods 0.000 abstract description 4
- 230000004048 modification Effects 0.000 abstract description 4
- 230000008569 process Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 230000002159 abnormal effect Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 230000004927 fusion Effects 0.000 description 2
- 238000013522 software testing Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000012806 monitoring device Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The embodiment of the invention provides a password function testing method and device, electronic equipment and a storage medium. The method comprises the following steps: and obtaining a corresponding test case based on the calling parameters of each interface of the password module and the preset password conditions, and performing functional test on each target interface according to the test case. The real calling environment can be simulated by calling the parameter calling password module, and meanwhile, because the test case contains the password meeting the preset password condition and the password not meeting the preset password condition, whether the password meeting the preset password condition can be normally created and modified or not can be accurately tested based on the test case, and whether the password not meeting the preset password condition can be rejected by the test password module, the modification and the like can be seen. The function test of the crypto module by simulating a real calling environment can be realized based on the test case, the platform equipment and the like do not need to be manually configured, and then the test based on the actual platform and the equipment is carried out, so that the test efficiency is improved.
Description
Technical Field
The present invention relates to the field of software testing technologies, and in particular, to a method and an apparatus for testing a cryptographic function, an electronic device, and a storage medium.
Background
As technology has developed, the security of data has become more of a concern. At present, a password is usually set for data, such as a platform account, a device, and the like, to ensure the security of the data.
In the related art, a separate cryptographic module is provided to perform cryptographic creation, modification, and the like. A separate cryptographic SDK (Software Development Kit) may also be developed, and relevant platforms, devices, etc. may call the SDK to implement operations such as creating, modifying, and verifying a password.
Generally, platform devices calling a cryptographic module and the like are more, and before formal use, the cryptographic module generally needs to be subjected to function test aiming at each platform device so as to detect whether the cryptographic module can normally work. Specifically, whether the password module can create and modify the passwords meeting the password conditions of the platforms and the equipment or not is tested, and whether the passwords meeting the password conditions of the platforms and the equipment are created and modified is refused. In the related art, a method for performing a function test on a cryptographic module is generally that a tester manually configures cryptographic conditions and a calling scenario, and then jumps to a platform or a device requiring password verification to call the cryptographic module to perform a related test. This process often needs to be repeated many times, and various switching debugs need to be performed repeatedly, which wastes a lot of time and has extremely low efficiency.
Disclosure of Invention
Embodiments of the present invention provide a method and an apparatus for testing a cryptographic function, an electronic device and a storage medium, so as to improve the efficiency of testing the cryptographic function. The specific technical scheme is as follows:
the embodiment of the invention provides a password function testing method, which comprises the following steps:
acquiring each target interface of a password module to be tested;
aiming at each target interface, generating a test case corresponding to each calling parameter and a preset password condition based on the calling parameter and the preset password condition of the target interface; at least one test case corresponds to a password which meets the preset password condition, and at least one test case corresponds to a password which does not meet the preset password condition;
and calling the cryptographic module based on the calling parameters corresponding to the test cases to perform functional test on the target interfaces.
In a possible embodiment, the generating a test case corresponding to each of the call parameters and the preset password condition based on the call parameters and the preset password condition of the target interface includes:
generating a test case corresponding to each calling parameter and a preset password condition based on the calling parameter of each target calling party calling the target interface and the preset password condition aiming at each target calling party; the target caller comprises a platform and/or a device.
In one possible embodiment, the cryptographic condition comprises: password type, password length, first character and password score;
the method further comprises the following steps:
and changing the password type and/or the password length and/or the first character and/or the password score every time to obtain the test case of the target interface until each password condition has a corresponding test case.
In a possible embodiment, the obtaining target interfaces of the to-be-tested cryptographic module includes:
acquiring each target interface of the password module from the interface document of the password module to be tested; or the like, or, alternatively,
and capturing the packets of the to-be-tested password module to obtain each target interface of the password module.
The embodiment of the invention also provides a device for testing the password function, which comprises:
the target interface acquisition module is used for acquiring each target interface of the password module to be tested;
the test case acquisition module is used for generating test cases corresponding to the calling parameters and the preset password conditions of the target interfaces based on the calling parameters and the preset password conditions of the target interfaces; at least one test case corresponds to a password meeting the preset password condition, and at least one test case corresponds to a password not meeting the preset password condition;
and the interface testing module is used for calling the cryptographic module based on the calling parameters corresponding to the test cases and carrying out functional test on the target interfaces.
In a possible embodiment, the generating a test case corresponding to each of the call parameters and the preset password condition based on the call parameters and the preset password condition of the target interface includes:
generating a test case corresponding to each calling parameter and a preset password condition based on the calling parameter of each target calling party calling the target interface and the preset password condition aiming at each target calling party; the target caller comprises a platform and/or a device.
In one possible embodiment, the cryptographic condition comprises: password type, password length, first character and password score;
the test case obtaining module is further configured to:
and changing the password type and/or the password length and/or the first character and/or the password score every time to obtain the test case of the target interface until each password condition has a corresponding test case.
In a possible embodiment, the obtaining target interfaces of the to-be-tested cryptographic module includes:
acquiring each target interface of the password module from the interface document of the password module to be tested; or the like, or, alternatively,
and capturing the packets of the to-be-tested password module to obtain each target interface of the password module.
The embodiment of the invention also provides electronic equipment which comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete mutual communication through the communication bus;
a memory for storing a computer program;
and the processor is used for realizing any one of the steps of the password function testing method when executing the program stored in the memory.
An embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium, and when the computer program is executed by a processor, the steps of the above-mentioned cryptographic function testing method are implemented.
Embodiments of the present invention further provide a computer program product containing instructions, which when run on a computer, cause the computer to execute any one of the above described cryptographic function testing methods.
The embodiment of the invention has the following beneficial effects:
the password function testing method provided by the embodiment of the invention obtains each target interface of the password module to be tested; aiming at each target interface, generating a test case corresponding to each calling parameter and a preset password condition based on the calling parameter of the target interface and the preset password condition; at least one test case corresponds to a password which meets the preset password condition, and at least one test case corresponds to a password which does not meet the preset password condition; and calling the cryptographic module based on the calling parameters corresponding to the test cases to perform functional test on the target interfaces. By applying the embodiment of the invention, the corresponding test case is obtained through the calling parameters of each interface based on the password module and the preset password condition, and the function test is carried out on each target interface according to the test case. The real calling environment can be simulated by calling the parameter calling password module, and meanwhile, because the test case contains the password meeting the preset password condition and the password not meeting the preset password condition, whether the password meeting the preset password condition can be normally created and modified or not can be accurately tested based on the test case, and whether the password not meeting the preset password condition can be rejected by the test password module or not can be accurately tested. Therefore, the function test of the crypto module by simulating a real calling environment can be realized based on the test case, the platform equipment and the like do not need to be configured manually, and then the repeated test based on the actual platform and the equipment is carried out, so that the test efficiency is improved.
Of course, it is not necessary for any product or method to achieve all of the above-described advantages at the same time for practicing the invention.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other embodiments can be obtained by referring to these drawings.
Fig. 1 is a schematic flow chart of a cryptographic function testing method according to an embodiment of the present invention;
FIG. 2 is a diagram illustrating a cryptographic function testing method according to an embodiment of the present invention;
FIG. 3 is a diagram illustrating a method for testing cryptographic functions according to an embodiment of the present invention;
FIG. 4 is a schematic structural diagram of a cryptographic function testing apparatus according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments obtained by those of ordinary skill in the art based on the embodiments of the present invention are within the scope of the present invention.
In order to improve the password function testing efficiency, the invention provides a password function testing method, a password function testing device, electronic equipment and a storage medium. First, the password function testing method provided by the present invention is exemplarily explained as follows:
the password function testing method provided by the invention can be applied to any electronic equipment with the password function testing function. The electronic device may be a computer, a server, a mobile terminal, etc.
As shown in fig. 1, fig. 1 is a schematic flow chart of a cryptographic function testing method provided by the present invention, which may specifically include the following steps:
s101, acquiring each target interface of a password module to be tested;
step S102, aiming at each target interface, generating a test case corresponding to each calling parameter and a preset password condition based on the calling parameter and the preset password condition of the target interface; at least one test case corresponds to a password which meets the preset password condition, and at least one test case corresponds to a password which does not meet the preset password condition;
step S103, calling the cryptographic module based on the calling parameters corresponding to the test cases, and performing functional test on the target interfaces.
By applying the embodiment of the invention, the corresponding test case is obtained through the calling parameters of each interface based on the password module and the preset password condition, and the function test is carried out on each target interface according to the test case. The real calling environment can be simulated by calling the parameter calling password module, and meanwhile, because the test case contains the password meeting the preset password condition and the password not meeting the preset password condition, whether the password meeting the preset password condition can be normally created and modified or not can be accurately tested based on the test case, and whether the password not meeting the preset password condition can be rejected by the test password module, the modification and the like can be realized. Therefore, the function test of the crypto module by simulating a real calling environment can be realized based on the test case, the platform equipment and the like do not need to be configured manually, and then the test based on the actual platform and the equipment is carried out, so that the test efficiency is improved.
The following is an exemplary description of the above steps S101-S103:
the to-be-tested cryptographic module may be an independent software module or an SDK, which is not specifically limited in the embodiment of the present invention. In step S101, each target interface of the cryptographic module may be obtained from the interface document of the cryptographic module to be tested, or the cryptographic module to be tested may be subjected to packet capture to obtain each target interface of the cryptographic module. The target interfaces are software interfaces of the cryptographic module. And each acquired target interface comprises information of each target interface. The information of the target interface may include an identifier of the target interface, a call parameter, and the like. And the calling parameters of the target interfaces are set in the process of developing the target interfaces. For example, the data type and the data number of the interface may be called, and the setting may be specifically performed according to actual needs.
In step S102, for each target interface, a test case of the target interface may be obtained based on a call parameter of the target interface and a preset password condition.
For example, the variable may be assigned based on variables included in the call parameter of the target interface itself, such as a data type, a data number, and the like, and the password may be set according to a preset password condition, so as to obtain the test case of the target interface. The variable assignments can be set according to actual needs. The password condition can be set according to actual needs.
In one possible embodiment, the password condition may include a password type, a password length, a first character, a character type included in the password, a password score, and the like. The above password types include a strong password and a weak password. The strong password is the password with higher safety. If the password is a password with low security, the password includes a fixed number combination, repeated numbers, and the like. Such as 123456, 0000, etc., and can be specifically obtained from a preset weak cipher table. The password score may be based on the length of the password, the type of characters included in the password, and the like.
In a possible embodiment, the above password conditions may be specially tested, specifically, the password type and/or the password length and/or the first character and/or the password score may be changed each time, so as to obtain the test case of the target interface, until each password condition has a corresponding test case.
In this embodiment, a new test case may be obtained by changing one condition each time, or a new test case may be obtained by changing a plurality of conditions each time. As long as the test case satisfying the password condition exists for each password condition in the finally obtained test case. Such as satisfying various password length conditions, various first character conditions, etc.
As shown in fig. 2, fig. 2 is a schematic diagram of a cryptographic function testing method provided by the present invention, and specifically includes the following parts:
and independently starting the weak password, determining whether the interface test case is successfully executed, if so, indicating that the interface function is normal, and creating or modifying the weak password, otherwise, indicating that the interface function is abnormal.
And independently starting the strong password, determining whether the interface test case is successfully executed, if so, indicating that the interface function is normal, and creating or modifying the strong password, otherwise, indicating that the interface function is abnormal.
And starting the strong password and the weak password at the same time, determining whether the interface test case is successfully executed, if so, indicating that the interface function is normal, and creating or modifying the strong password and the weak password, otherwise, indicating that the interface function is abnormal.
Therefore, single test and comprehensive test can be performed on the strong and weak passwords, and the reliability of the obtained test result is high.
After the test is finished, the password conditions set in the test process can be cleared so as to avoid influencing the next automatic test.
In a possible implementation manner, a test case of the target interface may also be obtained based on a calling parameter of each target calling party calling the target interface and a preset password condition for each target calling party; the target caller comprises a platform and/or a device.
As described above, there are generally a plurality of callers who call a cryptographic module. Such as may include third party platforms, devices, and the like. For example, video platforms, access cards, monitoring devices, and the like may be included. The calling party has different types, and the calling target interface and the calling parameter of the calling target interface are different. In addition, the cryptographic conditions applicable to different callers are also different.
For example, some platform restricted passwords need to contain numbers and letters, some platform restricted passwords cannot contain special symbols, and some platforms have no limitation on the passwords, i.e., the password length, the first character and the like can be arbitrary.
In the embodiment of the invention, the password condition can be preset for each calling party, and the password of each calling party is set based on the password condition, so that the test case is obtained based on the calling parameter of each calling party calling the target interface and the password of the calling party. The caller may be a third party platform, device, channel, etc. The channel refers to displaying the platform device picture on a third-party device.
The password condition set for the above-described platform, device, etc. may be a password length, a top character, etc. condition set for the platform, device, etc.
And obtaining the test cases corresponding to the platform and the equipment based on the calling parameters of the platform and the equipment and the password conditions set for the platform and the equipment. Specifically, the password is obtained based on the calling parameters of the platform and the equipment and the passwords set for the platform and the equipment. The call parameters of the platform and the device may include a value assigned to a variable in the interface call parameter when the platform and the device call the target interface, and parameters of the platform and the device, such as an IP address of the platform and the device. The password set for the platform and the device may be obtained from a preset password table based on the password condition set for the platform and the device. The password table stores passwords under different password conditions, and the passwords can be preset according to actual needs.
As an embodiment, a Jmeter (an open source software testing tool) may be used to obtain a test case based on the calling parameters of the platform, the device, and the like and the password conditions set for the platform, the device, and the like. Of course, the present invention may also be obtained in other possible ways, and the present invention is not limited in this respect.
The test case may include a password that meets a preset password condition, or may include a password that does not meet the preset password condition. The test case containing the password which does not meet the preset password condition is a reverse case. As a specific embodiment, an error code library may be built to provide test reaction cases. And the error password library stores passwords which do not accord with the password conditions of the platform and the equipment.
In one possible embodiment, the calling parameters and passwords of the platform, the device and the like can also be set as variables to improve the convenience of module maintenance.
After the test case is obtained, the interface function can be tested based on the test case. Specifically, the cryptographic module may be called based on a calling parameter corresponding to the test case, and for a test case containing a password meeting a preset password condition, whether the password of the target interface of the cryptographic module can be created or modified may be verified based on the test case. For a test anti-case, whether the target interface of the cryptographic module can refuse to create or modify the password may be tested based on the test case.
As shown in fig. 3, fig. 3 is a schematic diagram of a cryptographic function testing method provided by the present invention. The method specifically comprises the following steps: and performing cross fusion on the strong password condition and the strong password application scene. Specifically, the strong password condition includes a password length, a first character, a contained character type, a password score, and the like. The strong password using scenario includes a third party platform, a device, a channel, and the like, which use the strong password. The cross fusion means setting passwords for the platform, the equipment and the like based on the password rules of the platform, the equipment and the like, and obtaining a test case based on the calling parameters of the platform and the equipment and the passwords set for the platform and the equipment. If the execution result of the test case is successful, the interface function is normal, and if the execution fails, the interface function is abnormal.
An embodiment of the present invention further provides a device for testing a cryptographic function, as shown in fig. 4, where the device may include:
a target interface obtaining module 401, configured to obtain each target interface of the cryptographic module to be tested;
a test case obtaining module 402, configured to generate, for each target interface, a test case corresponding to each calling parameter and a preset password condition based on the calling parameter and the preset password condition of the target interface; at least one test case corresponds to a password which meets the preset password condition, and at least one test case corresponds to a password which does not meet the preset password condition;
and the interface test module 403 is configured to invoke the cryptographic module based on the call parameter corresponding to each test case, and perform a function test on each target interface.
In a possible embodiment, the generating a test case corresponding to each of the call parameters and the preset password condition based on the call parameters and the preset password condition of the target interface includes:
generating a test case corresponding to each calling parameter and a preset password condition based on the calling parameter of each target calling party calling the target interface and the preset password condition aiming at each target calling party; the target caller comprises a platform and/or a device.
In one possible embodiment, the cryptographic condition comprises: password type, password length, first character and password score;
the test case obtaining module is further configured to:
and changing the password type and/or the password length and/or the first character and/or the password score every time to obtain the test case of the target interface until each password condition has a corresponding test case.
In a possible embodiment, the obtaining target interfaces of the to-be-tested cryptographic module includes:
acquiring each target interface of the password module from the interface document of the password module to be tested; or the like, or, alternatively,
and capturing the packets of the to-be-tested password module to obtain each target interface of the password module.
An embodiment of the present invention further provides an electronic device, as shown in fig. 5, which includes a processor 501, a communication interface 502, a memory 503 and a communication bus 504, where the processor 501, the communication interface 502 and the memory 503 complete mutual communication through the communication bus 504,
a memory 503 for storing a computer program;
the processor 501, when executing the program stored in the memory 503, implements the following steps:
acquiring each target interface of a password module to be tested;
aiming at each target interface, generating a test case corresponding to each calling parameter and a preset password condition based on the calling parameter and the preset password condition of the target interface; at least one test case corresponds to a password which meets the preset password condition, and at least one test case corresponds to a password which does not meet the preset password condition;
and calling the cryptographic module based on the calling parameters corresponding to the test cases to perform functional test on the target interfaces.
The communication bus mentioned in the electronic device may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface is used for communication between the electronic equipment and other equipment.
The Memory may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), application Specific Integrated Circuits (ASICs), field Programmable Gate Arrays (FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
In another embodiment of the present invention, a computer-readable storage medium is further provided, in which a computer program is stored, and the computer program, when executed by a processor, implements the steps of any of the above-mentioned cryptographic function testing methods.
In yet another embodiment, a computer program product containing instructions is provided, which when run on a computer, causes the computer to perform any of the above described cryptographic function testing methods.
In the above embodiments, all or part of the implementation may be realized by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, cause the processes or functions described in accordance with the embodiments of the invention to occur, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored in a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, from one website site, computer, server, or data center to another website site, computer, server, or data center via wired (e.g., coaxial cable, fiber optic, digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer-readable storage medium can be any available medium that can be accessed by a computer or a data storage device, such as a server, a data center, etc., that incorporates one or more of the available media. The usable medium may be a magnetic medium (e.g., floppy Disk, hard Disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid State Disk (SSD)), among others.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising one of 8230; \8230;" 8230; "does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the apparatus, the electronic device, the storage medium, and the program product embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and for the relevant points, reference may be made to the partial description of the method embodiments.
The above description is only for the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.
Claims (10)
1. A method for testing cryptographic functions, the method comprising:
acquiring each target interface of a to-be-tested cryptographic module;
generating a test case corresponding to each calling parameter and a preset password condition based on the calling parameter and the preset password condition of the target interface aiming at each target interface; at least one test case corresponds to a password which meets the preset password condition, and at least one test case corresponds to a password which does not meet the preset password condition;
and calling the cryptographic module based on the calling parameters corresponding to the test cases to perform function test on the target interfaces.
2. The method according to claim 1, wherein the generating a test case corresponding to each of the call parameters and the preset cryptographic conditions based on the call parameters and the preset cryptographic conditions of the target interface comprises:
generating a test case corresponding to each calling parameter and a preset password condition based on the calling parameter of each target calling party calling the target interface and the preset password condition aiming at each target calling party; the target caller comprises a platform and/or a device.
3. The method of claim 1, wherein the cryptographic condition comprises: password type, password length, first character and password score;
the method further comprises the following steps:
and changing the password type and/or the password length and/or the first character and/or the password score every time to obtain the test case of the target interface until each password condition has a corresponding test case.
4. The method of claim 1, wherein obtaining each target interface of the cryptographic module under test comprises:
acquiring each target interface of the password module from the interface document of the password module to be tested; or the like, or, alternatively,
and capturing the packet of the password module to be tested to obtain each target interface of the password module.
5. A cryptographic function testing apparatus, the apparatus comprising:
the target interface acquisition module is used for acquiring each target interface of the password module to be tested;
the test case acquisition module is used for generating test cases corresponding to the calling parameters and the preset password conditions of the target interfaces based on the calling parameters and the preset password conditions of the target interfaces; at least one test case corresponds to a password which meets the preset password condition, and at least one test case corresponds to a password which does not meet the preset password condition;
and the interface testing module is used for calling the cryptographic module based on the calling parameters corresponding to the test cases and carrying out function testing on the target interfaces.
6. The apparatus of claim 5, wherein generating the test case corresponding to each of the call parameters and the preset cryptographic conditions based on the call parameters and the preset cryptographic conditions of the target interface comprises:
generating a test case corresponding to each calling parameter and a preset password condition based on the calling parameter of each target calling party calling the target interface and the preset password condition aiming at each target calling party; the target caller comprises a platform and/or a device.
7. The apparatus of claim 5, wherein the cryptographic condition comprises: password type, password length, first character and password score;
the test case obtaining module is further configured to:
and changing the password type and/or the password length and/or the first character and/or the password score every time to obtain the test case of the target interface until each password condition has a corresponding test case.
8. The apparatus of claim 5, wherein the obtaining of each target interface of the cryptographic module under test comprises:
acquiring each target interface of the password module from the interface document of the password module to be tested; or the like, or, alternatively,
and capturing the packets of the to-be-tested password module to obtain each target interface of the password module.
9. An electronic device is characterized by comprising a processor, a communication interface, a memory and a communication bus, wherein the processor and the communication interface are used for realizing mutual communication by the memory through the communication bus;
a memory for storing a computer program;
a processor for implementing the method steps of any of claims 1 to 4 when executing a program stored in the memory.
10. A computer-readable storage medium, characterized in that a computer program is stored in the computer-readable storage medium, which computer program, when being executed by a processor, carries out the method steps of any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310042943.XA CN115858395A (en) | 2023-01-28 | 2023-01-28 | Password function testing method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310042943.XA CN115858395A (en) | 2023-01-28 | 2023-01-28 | Password function testing method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115858395A true CN115858395A (en) | 2023-03-28 |
Family
ID=85657308
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310042943.XA Pending CN115858395A (en) | 2023-01-28 | 2023-01-28 | Password function testing method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115858395A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109388561A (en) * | 2018-09-18 | 2019-02-26 | 深圳壹账通智能科技有限公司 | Interface testing case generation method, device, computer equipment and storage medium |
| CN111444096A (en) * | 2020-03-25 | 2020-07-24 | 北京市信息技术研究所 | Interface test case generation method and device |
| CN113342689A (en) * | 2021-07-01 | 2021-09-03 | 中诚信征信有限公司 | Automatic testing method and device for interface, electronic equipment and storage medium |
| CN115509918A (en) * | 2022-09-28 | 2022-12-23 | 北京奇艺世纪科技有限公司 | Software testing method and device, electronic equipment and storage medium |
-
2023
- 2023-01-28 CN CN202310042943.XA patent/CN115858395A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109388561A (en) * | 2018-09-18 | 2019-02-26 | 深圳壹账通智能科技有限公司 | Interface testing case generation method, device, computer equipment and storage medium |
| CN111444096A (en) * | 2020-03-25 | 2020-07-24 | 北京市信息技术研究所 | Interface test case generation method and device |
| CN113342689A (en) * | 2021-07-01 | 2021-09-03 | 中诚信征信有限公司 | Automatic testing method and device for interface, electronic equipment and storage medium |
| CN115509918A (en) * | 2022-09-28 | 2022-12-23 | 北京奇艺世纪科技有限公司 | Software testing method and device, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109062809B (en) | Online test case generation method and device and electronic equipment | |
| CN108933713B (en) | Method and device for realizing sandbox debugging based on shadow link and business server | |
| CN108984389B (en) | Application program testing method and terminal equipment | |
| CN109033772B (en) | Verification information input method and device | |
| CN109683997B (en) | Method for accessing application program interface through sandbox, sandbox and sandbox equipment | |
| CN111163067B (en) | Safety testing method and device and electronic equipment | |
| CN106330458A (en) | Method and device for processing verification code | |
| CN116595542B (en) | Vulnerability scanning method and system | |
| CN111382077B (en) | Application program crash reason positioning method and device, electronic equipment and storage medium | |
| CN106412975A (en) | Content charging vulnerability test methods, and apparatuses | |
| CN110287700B (en) | iOS application security analysis method and device | |
| CN109522723B (en) | POC script generation method and device, electronic equipment and storage medium | |
| CN104965701B (en) | Obtain the method and device of application message | |
| CN112685745A (en) | Firmware detection method, device, equipment and storage medium | |
| CN111324539A (en) | Account switching test method and system | |
| CN115858395A (en) | Password function testing method and device, electronic equipment and storage medium | |
| CN111708712A (en) | User behavior test case generation method, flow playback method and electronic equipment | |
| CN111538994A (en) | System security detection and repair method, device, storage medium and terminal | |
| CN110704307A (en) | Application product testing method and device, user equipment and computer storage medium | |
| CN114282221B (en) | Injection type vulnerability detection method, system, terminal and storage medium | |
| CN110752933A (en) | Verification code input method and device, electronic equipment and storage medium | |
| CN108959931B (en) | Vulnerability detection method and device, information interaction method and equipment | |
| CN106844186B (en) | Offline test method of application and terminal equipment | |
| CN107291618B (en) | Application storage method and device and terminal equipment | |
| CN113297628A (en) | Modification behavior auditing method, device, equipment and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20230328 |
|
| RJ01 | Rejection of invention patent application after publication |