• aliyun Rest ful api V3版本身份验证构造

    aliyun Rest ful api V3版本身份验证构造

    参考官网:https://help.aliyun.com/zh/sdk/product-overview/v3-request-structure-and-signature?spm=a2c4g.11186623.0.0.787951e7lHcjZb
    构造代码 :使用GET请求进行构造,算法使用sha256 使用postman进行验证
    代码如下,linux环境运行,先安装openssl库:

    #include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
#include 
// HMAC-SHA256 calculation using OpenSSL library
//build,在Linux下编译 :  g++ -o a.out awsSignature.cpp -std=c++11 -lssl -lcrypto
std::string HMAC_SHA256(const std::string& key, const std::string& data) {
    unsigned char result[EVP_MAX_MD_SIZE];
    unsigned int result_len;

    HMAC(EVP_sha256(), key.c_str(), key.length(),
         reinterpret_cast<const unsigned char*>(data.c_str()), data.length(),
         result, &result_len);

    std::stringstream ss;
    for (unsigned int i = 0; i < result_len; i++) {
        ss << std::hex << std::setw(2) << std::setfill('0') << static_cast<int>(result[i]);
    }

    return ss.str();
}
// AWS Signature Version 4 calculation
std::string CalculateAWSV4Signature(const std::string& secretAccessKey, const std::string& region,
                                    const std::string& service, const std::string& timestamp,
                                    const std::string& payloadHash, const std::string& canonicalRequest) {
    // Step 1: Derive signing key
    std::string kDate = HMAC_SHA256("AWS4" + secretAccessKey, timestamp.substr(0, 8));
    std::string kRegion = HMAC_SHA256(kDate, region);
    std::string kService = HMAC_SHA256(kRegion, service);
    std::string kSigning = HMAC_SHA256(kService, "aws4_request");

    // Step 2: Calculate signature
    std::string stringToSign = "AWS4-HMAC-SHA256\n" + timestamp + "\n" + timestamp.substr(0, 8) +
                               "/" + region + "/" + service + "/aws4_request\n" + HMAC_SHA256(kSigning, canonicalRequest + "\n" + payloadHash);
    std::string signature = HMAC_SHA256(kSigning, stringToSign);

    return signature;
}

std::string calculateHash(const std::string& data) {
    unsigned char hash[SHA256_DIGEST_LENGTH];

    SHA256_CTX sha256;
    SHA256_Init(&sha256);
    SHA256_Update(&sha256, data.c_str(), data.length());
    SHA256_Final(hash, &sha256);

    std::stringstream ss;
    for (int i = 0; i < SHA256_DIGEST_LENGTH; i++) {
        ss << std::hex << std::setw(2) << std::setfill('0') << static_cast<int>(hash[i]);
    }
    return ss.str();
}
std::string CanonicalizeRequest(const std::string& HTTPMethod, const std::string& CanonicalUri, const std::string& CanonicalQueryString, const std::string& CanonicalHeaders, const std::string& SignedHeaders, const std::string& payload)
{
		std::string canonicalize_string= HTTPMethod + "\n" +
		"/"+CanonicalUri + "\n" +
		CanonicalQueryString + "\n" +
		CanonicalHeaders + "\n" +
		SignedHeaders + "\n" +
		payload;
		return canonicalize_string;
}
std::string generateSignatureNonce() {
    // 使用 std::random_device 获取真正的随机数种子
    std::random_device rd;

    // 使用 std::mt19937 作为伪随机数生成器引擎
    std::mt19937 gen(rd());

    // 使用 std::uniform_int_distribution 来生成范围内的随机数
    std::uniform_int_distribution<> dis(0, 999999);

    // 生成随机数
    int nonceValue = dis(gen);

    // 将随机数转换为字符串
    std::ostringstream oss;
    oss << nonceValue;

    return oss.str();
}
std::string GetDate(int t){
	std::chrono::system_clock::time_point now_time = std::chrono::system_clock::now();
	std::time_t now_t = std::chrono::system_clock::to_time_t(now_time);
    std::tm gm_time = *std::gmtime(&now_t);
    char buf[128];
	if(t==1)
		std::strftime(buf, sizeof(buf), "%a, %d %b %Y %H:%M:%S GMT", &gm_time);
	else
	{
		std::strftime(buf, sizeof(buf), "%FT%TZ", &gm_time);
	}
		
	std::string time(buf);
	return time;
}

std::string UrlEncode(std::string& url){
	std::ostringstream encoded;
    encoded << std::hex << std::uppercase << std::setfill('0');

    for (char ch : url) {
        if (std::isalnum(ch) || ch == '-' || ch == '_' || ch == '.' || ch == '~') {
            // 字母数字字符和"- _ ."波浪符号保持不变
            encoded << ch;
        } else {
            // 其他字符进行百分号编码
            encoded << '%' << std::setw(2) << static_cast<int>(static_cast<unsigned char>(ch));
        }
    }

    return encoded.str();
}
int main() {
    // AWS credentials and request details
    std::string accessKeyId = "你们密钥id";
    std::string secretAccessKey = "你的密钥";
    std::string region = "cn-shanghai";
    std::string param = "RegionId";
	std::string version="2014-05-26";
    std::string timestamp =GetDate(2);
	std::cout<<"timestamp: "<<timestamp<<std::endl;
    std::string canonicalRequest = "";
	std::string GMTime=GetDate(1);//GMT=1
	std::cout<<"GMTime"<<GMTime<<std::endl;
	//规范化请求构建参数
	std::string signature_nonce=generateSignatureNonce();
	std::cout<<signature_nonce<<std::endl;
	std::string HTTPRequestMethod="GET";
	std::string CanonicalURI ="";
	std::string CanonicalQueryString=UrlEncode(param)+"="+UrlEncode(region);//升序 url编码
	std::string CanonicalHeaders="host:ecs.cn-shanghai.aliyuncs.com\nx-acs-action:DescribeInstances\nx-acs-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855\nx-acs-date:"+timestamp+"\nx-acs-signature-nonce:"+signature_nonce+"\nx-acs-version:"+version+"\n";
	std::string SignedHeaders="host;x-acs-action;x-acs-content-sha256;x-acs-date;x-acs-signature-nonce;x-acs-version";
	std::string HashedRequestPayload="e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
	//获取规范化请求值
	std::string CanonicalRequestString=CanonicalizeRequest(HTTPRequestMethod,CanonicalURI,CanonicalQueryString,CanonicalHeaders,SignedHeaders,HashedRequestPayload);
	std::cout<<CanonicalRequestString<<std::endl;
	//计算规范化请求的hash值
	std::string hashCanonicalRequest=calculateHash(CanonicalRequestString);
	std::string StringToSign="ACS3-HMAC-SHA256\n"+hashCanonicalRequest;

	//. 计算signature
	std::string signature = HMAC_SHA256(secretAccessKey,StringToSign);
    std::cout << "signature: " << signature << std::endl;
    return 0;
}


    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10
    • 11
    • 12
    • 13
    • 14
    • 15
    • 16
    • 17
    • 18
    • 19
    • 20
    • 21
    • 22
    • 23
    • 24
    • 25
    • 26
    • 27
    • 28
    • 29
    • 30
    • 31
    • 32
    • 33
    • 34
    • 35
    • 36
    • 37
    • 38
    • 39
    • 40
    • 41
    • 42
    • 43
    • 44
    • 45
    • 46
    • 47
    • 48
    • 49
    • 50
    • 51
    • 52
    • 53
    • 54
    • 55
    • 56
    • 57
    • 58
    • 59
    • 60
    • 61
    • 62
    • 63
    • 64
    • 65
    • 66
    • 67
    • 68
    • 69
    • 70
    • 71
    • 72
    • 73
    • 74
    • 75
    • 76
    • 77
    • 78
    • 79
    • 80
    • 81
    • 82
    • 83
    • 84
    • 85
    • 86
    • 87
    • 88
    • 89
    • 90
    • 91
    • 92
    • 93
    • 94
    • 95
    • 96
    • 97
    • 98
    • 99
    • 100
    • 101
    • 102
    • 103
    • 104
    • 105
    • 106
    • 107
    • 108
    • 109
    • 110
    • 111
    • 112
    • 113
    • 114
    • 115
    • 116
    • 117
    • 118
    • 119
    • 120
    • 121
    • 122
    • 123
    • 124
    • 125
    • 126
    • 127
    • 128
    • 129
    • 130
    • 131
    • 132
    • 133
    • 134
    • 135
    • 136
    • 137
    • 138
    • 139
    • 140
    • 141
    • 142
    • 143
    • 144
    • 145
    • 146
    • 147
    • 148
    • 149
    • 150
    • 151
    • 152
    • 153
    • 154

    然后打开postman:
    在这里插入图片描述
    将算出来的信息在这里赋值,包含唯一随机数、时间、还有signature
    在这里插入图片描述
    然后 over
    在这里插入图片描述

  • 相关阅读:
    2023学生近视了用什么台灯好呢?好用预防近视的护眼台灯推荐
    LeetCode刷题---LRU缓存
    win10系统错误:Mineud.exe-系统措误 ,无法启动此程序,因为计算机中丢失iUtils.dll。尝试重新安装该程序以解决此问题。
    网络安全渗透测试实验一
    【计算机网络】计算机网络复习总结 ------ 物理层
    Mysql在可重复读事务隔离级别下怎么解决幻读的
    Java-华为真题-预定酒店
    给CODER高手泼冷水
    为什么Java能够称霸移动开发领域这么多年?
    GJB 5000B二级-II实施基础
  • 原文地址:https://blog.csdn.net/pluto_rx/article/details/134414971