aliyunRestfulapiV3版本身份验证构造

aliyun Rest ful api V3版本身份验证构造

参考官网： help.aliyun /zh/sdk/product-overview/v3-request-structure-and-signature?spm=a2c4g.11186623.0.0.787951e7lHcjZb 构造代码 ：使用GET请求进行构造，算法使用sha256 使用postman进行验证 代码如下，linux环境运行，先安装openssl库：

#include <iostream> #include <sstream> #include <iomanip> #include <cstring> #include <random> #include <chrono> #include <cctype> #include <iomanip> #include <openssl/hmac.h> #include <openssl/sha.h> // HMAC-SHA256 calculation using OpenSSL library //build，在Linux下编译 : g++ -o a.out awsSignature.cpp -std=c++11 -lssl -lcrypto std::string HMAC_SHA256(const std::string& key, const std::string& data) { unsigned char result[EVP_MAX_MD_SIZE]; unsigned int result_len; HMAC(EVP_sha256(), key.c_str(), key.length(), reinterpret_cast<const unsigned char*>(data.c_str()), data.length(), result, &result_len); std::stringstream ss; for (unsigned int i = 0; i < result_len; i++) { ss << std::hex << std::setw(2) << std::setfill('0') << static_cast<int>(result[i]); } return ss.str(); } // AWS Signature Version 4 calculation std::string CalculateAWSV4Signature(const std::string& secretAccessKey, const std::string& region, const std::string& service, const std::string& timestamp, const std::string& payloadHash, const std::string& canonicalRequest) { // Step 1: Derive signing key std::string kDate = HMAC_SHA256("AWS4" + secretAccessKey, timestamp.substr(0, 8)); std::string kRegion = HMAC_SHA256(kDate, region); std::string kService = HMAC_SHA256(kRegion, service); std::string kSigning = HMAC_SHA256(kService, "aws4_request"); // Step 2: Calculate signature std::string stringToSign = "AWS4-HMAC-SHA256\n" + timestamp + "\n" + timestamp.substr(0, 8) + "/" + region + "/" + service + "/aws4_request\n" + HMAC_SHA256(kSigning, canonicalRequest + "\n" + payloadHash); std::string signature = HMAC_SHA256(kSigning, stringToSign); return signature; } std::string calculateHash(const std::string& data) { unsigned char hash[SHA256_DIGEST_LENGTH]; SHA256_CTX sha256; SHA256_Init(&sha256); SHA256_Update(&sha256, data.c_str(), data.length()); SHA256_Final(hash, &sha256); std::stringstream ss; for (int i = 0; i < SHA256_DIGEST_LENGTH; i++) { ss << std::hex << std::setw(2) << std::setfill('0') << static_cast<int>(hash[i]); } return ss.str(); } std::string CanonicalizeRequest(const std::string& HTTPMethod, const std::string& CanonicalUri, const std::string& CanonicalQueryString, const std::string& CanonicalHeaders, const std::string& SignedHeaders, const std::string& payload) { std::string canonicalize_string= HTTPMethod + "\n" + "/"+CanonicalUri + "\n" + CanonicalQueryString + "\n" + CanonicalHeaders + "\n" + SignedHeaders + "\n" + payload; return canonicalize_string; } std::string generateSignatureNonce() { // 使用 std::random_device 获取真正的随机数种子 std::random_device rd; // 使用 std::mt19937 作为伪随机数生成器引擎 std::mt19937 gen(rd()); // 使用 std::uniform_int_distribution 来生成范围内的随机数 std::uniform_int_distribution<> dis(0, 999999); // 生成随机数 int nonceValue = dis(gen); // 将随机数转换为字符串 std::ostringstream oss; oss << nonceValue; return oss.str(); } std::string GetDate(int t){ std::chrono::system_clock::time_point now_time = std::chrono::system_clock::now(); std::time_t now_t = std::chrono::system_clock::to_time_t(now_time); std::tm gm_time = *std::gmtime(&now_t); char buf[128]; if(t==1) std::strftime(buf, sizeof(buf), "%a, %d %b %Y %H:%M:%S GMT", &gm_time); else { std::strftime(buf, sizeof(buf), "%FT%TZ", &gm_time); } std::string time(buf); return time; } std::string UrlEncode(std::string& url){ std::ostringstream encoded; encoded << std::hex << std::uppercase << std::setfill('0'); for (char ch : url) { if (std::isalnum(ch) || ch == '-' || ch == '_' || ch == '.' || ch == '~') { // 字母数字字符和"- _ ."波浪符号保持不变 encoded << ch; } else { // 其他字符进行百分号编码 encoded << '%' << std::setw(2) << static_cast<int>(static_cast<unsigned char>(ch)); } } return encoded.str(); } int main() { // AWS credentials and request details std::string accessKeyId = "你们密钥id"; std::string secretAccessKey = "你的密钥"; std::string region = "cn-shanghai"; std::string param = "RegionId"; std::string version="2014-05-26"; std::string timestamp =GetDate(2); std::cout<<"timestamp: "<<timestamp<<std::endl; std::string canonicalRequest = ""; std::string GMTime=GetDate(1);//GMT=1 std::cout<<"GMTime"<<GMTime<<std::endl; //规范化请求构建参数 std::string signature_nonce=generateSignatureNonce(); std::cout<<signature_nonce<<std::endl; std::string HTTPRequestMethod="GET"; std::string CanonicalURI =""; std::string CanonicalQueryString=UrlEncode(param)+"="+UrlEncode(region);//升序 url编码 std::string CanonicalHeaders="host:ecs -shanghai.aliyuncs \nx-acs-action:DescribeInstances\nx-acs-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855\nx-acs-date:"+timestamp+"\nx-acs-signature-nonce:"+signature_nonce+"\nx-acs-version:"+version+"\n"; std::string SignedHeaders="host;x-acs-action;x-acs-content-sha256;x-acs-date;x-acs-signature-nonce;x-acs-version"; std::string HashedRequestPayload="e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"; //获取规范化请求值 std::string CanonicalRequestString=CanonicalizeRequest(HTTPRequestMethod,CanonicalURI,CanonicalQueryString,CanonicalHeaders,SignedHeaders,HashedRequestPayload); std::cout<<CanonicalRequestString<<std::endl; //计算规范化请求的hash值 std::string hashCanonicalRequest=calculateHash(CanonicalRequestString); std::string StringToSign="ACS3-HMAC-SHA256\n"+hashCanonicalRequest; //. 计算signature std::string signature = HMAC_SHA256(secretAccessKey,StringToSign); std::cout << "signature: " << signature << std::endl; return 0; }

然后打开postman： 将算出来的信息在这里赋值，包含唯一随机数、时间、还有signature 然后 over