有奖征文:轻量对象存储LighthouseCOS用户实践> HOT

PHP 签名示例

<?php
// 确定 App 的云 API 密钥
$secret_id = "XXXXXXXXXXXXXXXXXX";
$secret_key = "AAAAAAAAAAAAAAAAAAA";

// 确定签名的当前时间和失效时间
$current = time();
$expired = $current + 86400; // 签名有效期:1天

// 向参数列表填入参数
$arg_list = array(
"secretId" => $secret_id,
"currentTimeStamp" => $current,
"expireTime" => $expired,
"random" => rand());

// 计算签名
$original = http_build_query($arg_list);
$signature = base64_encode(hash_hmac('SHA1', $original, $secret_key, true).$original);

echo $signature;
echo "\\n";
?>

Java 签名示例

import java.util.Random;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import sun.misc.BASE64Encoder;

// 签名工具类
class Signature {
private String secretId;
private String secretKey;
private long currentTime;
private int random;
private int signValidDuration;

private static final String HMAC_ALGORITHM = "HmacSHA1"; //签名算法
private static final String CONTENT_CHARSET = "UTF-8";

public static byte[] byteMerger(byte[] byte1, byte[] byte2) {
byte[] byte3 = new byte[byte1.length + byte2.length];
System.arraycopy(byte1, 0, byte3, 0, byte1.length);
System.arraycopy(byte2, 0, byte3, byte1.length, byte2.length);
return byte3;
}

// 获取签名
public String getUploadSignature() throws Exception {
String strSign = "";
String contextStr = "";

// 生成原始参数字符串
long endTime = (currentTime + signValidDuration);
contextStr += "secretId=" + java.net.URLEncoder.encode(secretId, "utf8");
contextStr += "&currentTimeStamp=" + currentTime;
contextStr += "&expireTime=" + endTime;
contextStr += "&random=" + random;

try {
Mac mac = Mac.getInstance(HMAC_ALGORITHM);
SecretKeySpec secretKey = new SecretKeySpec(this.secretKey.getBytes(CONTENT_CHARSET), mac.getAlgorithm());
mac.init(secretKey);

byte[] hash = mac.doFinal(contextStr.getBytes(CONTENT_CHARSET));
byte[] sigBuf = byteMerger(hash, contextStr.getBytes("utf8"));
strSign = base64Encode(sigBuf);
strSign = strSign.replace(" ", "").replace("\\n", "").replace("\\r", "");
} catch (Exception e) {
throw e;
}
return strSign;
}

private String base64Encode(byte[] buffer) {
BASE64Encoder encoder = new BASE64Encoder();
return encoder.encode(buffer);
}

public void setSecretId(String secretId) {
this.secretId = secretId;
}

public void setSecretKey(String secretKey) {
this.secretKey = secretKey;
}

public void setCurrentTime(long currentTime) {
this.currentTime = currentTime;
}

public void setRandom(int random) {
this.random = random;
}

public void setSignValidDuration(int signValidDuration) {
this.signValidDuration = signValidDuration;
}
}

public class Test {
public static void main(String[] args) {
Signature sign = new Signature();
// 设置 App 的云 API 密钥
sign.setSecretId("个人 API 密钥中的 Secret Id");
sign.setSecretKey("个人 API 密钥中的 Secret Key");
sign.setCurrentTime(System.currentTimeMillis() / 1000);
sign.setRandom(new Random().nextInt(java.lang.Integer.MAX_VALUE));
sign.setSignValidDuration(3600 * 24 * 2); // 签名有效期:2天

try {
String signature = sign.getUploadSignature();
System.out.println("signature : " + signature);
} catch (Exception e) {
System.out.print("获取签名失败");
e.printStackTrace();
}
}
}
对于 Java1.9 以上的版本,已经移除了sun.misc.BASE64Encoder相关的包,可以使用java.util.Base64替换base64Encode方法中对应的实现,具体请参考如下代码:
import java.util.Base64;

private String base64Encode(byte[] buffer) {
Base64.Encoder encoder = Base64.getEncoder();
return encoder.encodeToString(buffer);
}

Node.js 签名示例

var querystring = require("querystring");
var crypto = require('crypto');

// 确定 app 的云 API 密钥
var secret_id = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
var secret_key = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";

// 确定签名的当前时间和失效时间
var current = parseInt((new Date()).getTime() / 1000)
var expired = current + 86400; // 签名有效期:1天

// 向参数列表填入参数
var arg_list = {
secretId : secret_id,
currentTimeStamp : current,
expireTime : expired,
random : Math.round(Math.random() * Math.pow(2, 32))
}

// 计算签名
var orignal = querystring.stringify(arg_list);
var orignal_buffer = new Buffer(orignal, "utf8");

var hmac = crypto.createHmac("sha1", secret_key);
var hmac_buffer = hmac.update(orignal_buffer).digest();

var signature = Buffer.concat([hmac_buffer, orignal_buffer]).toString("base64");

console.log(signature);

C# 签名示例

using System;
using System.Security.Cryptography;
using System.Text;
using System.Threading;

class Signature
{
public string m_strSecId;
public string m_strSecKey;
public int m_iRandom;
public long m_qwNowTime;
public int m_iSignValidDuration;
public static long GetIntTimeStamp()
{
TimeSpan ts = DateTime.UtcNow - new DateTime(1970, 1, 1);
return Convert.ToInt64(ts.TotalSeconds);
}
private byte[] hash_hmac_byte(string signatureString, string secretKey)
{
var enc = Encoding.UTF8; HMACSHA1 hmac = new HMACSHA1(enc.GetBytes(secretKey));
hmac.Initialize();
byte[] buffer = enc.GetBytes(signatureString);
return hmac.ComputeHash(buffer);
}
public string GetUploadSignature()
{
string strContent = "";
strContent += ("secretId=" + Uri.EscapeDataString((m_strSecId)));
strContent += ("&currentTimeStamp=" + m_qwNowTime);
strContent += ("&expireTime=" + (m_qwNowTime + m_iSignValidDuration));
strContent += ("&random=" + m_iRandom);

byte[] bytesSign = hash_hmac_byte(strContent, m_strSecKey);
byte[] byteContent = System.Text.Encoding.Default.GetBytes(strContent);
byte[] nCon = new byte[bytesSign.Length + byteContent.Length];
bytesSign.CopyTo(nCon, 0);
byteContent.CopyTo(nCon, bytesSign.Length);
return Convert.ToBase64String(nCon);
}
}
class Program
{
static void Main(string[] args)
{
Signature sign = new Signature();
sign.m_strSecId = "个人 API 密钥中的 Secret Id";
sign.m_strSecKey = "个人 API 密钥中的 Secret Key";
sign.m_qwNowTime = Signature.GetIntTimeStamp();
sign.m_iRandom = new Random().Next(0, 1000000);
sign.m_iSignValidDuration = 3600 * 24 * 2;

Console.WriteLine(sign.GetUploadSignature());
}
}


Python 签名示例

#!/usr/local/bin/python3
#coding=utf-8

import time
import random
import hmac
import hashlib
import base64

SecretId = 'IamSecretId'
SecretKey = 'IamSecretKey'
#TimeStamp = int(time.time())
TimeStamp = 1571215095
ExpireTime = TimeStamp + 86400 * 365 * 10
#Random = random.randint(0, 999999)
Random = 220625

Original = "secretId=" + SecretId + "&currentTimeStamp=" + str(TimeStamp) + "&expireTime=" + str(ExpireTime) + "&random=" + str(Random)

Hmac = hmac.new(bytes(SecretKey, 'utf-8'), bytes(Original, 'utf-8'), hashlib.sha1)
Sha1 = Hmac.digest()
Signature = bytes(Sha1) + bytes(Original, 'utf-8')
Signature2 = base64.b64encode(Signature)

#return str(signature2, 'UTF-8')

print("Original: ", Original)
print("HMAC-SHA1: ", Sha1)
print("Signature before BASE64: ", Signature)
print("Signature after BASE64: ", str(Signature2))

Go 签名示例

package main

import (
"crypto/hmac"
"crypto/sha1"
"encoding/base64"
"fmt"
"math/rand"
"strconv"
"time"
)

func generateHmacSHA1(secretToken, payloadBody string) []byte {
mac := hmac.New(sha1.New, []byte(secretToken))
sha1.New()
mac.Write([]byte(payloadBody))
return mac.Sum(nil)
}

func main() {
rand.Seed(time.Now().Unix())
secretId := "IamSecretId"
secretKey := "IamSecretKey"
// timestamp := time.Now().Unix()
timestamp := int64(1571215095)
expireTime := timestamp + 86400*365*10
timestampStr := strconv.FormatInt(timestamp, 10)
expireTimeStr := strconv.FormatInt(expireTime, 10)

random := 220625
randomStr := strconv.Itoa(random)
original := "secretId=" + secretId + "&currentTimeStamp=" + timestampStr + "&expireTime=" + expireTimeStr + "&random=" + randomStr
signature := generateHmacSHA1(secretKey, original)
signature = append(signature, []byte(original)...)
signatureB64 := base64.StdEncoding.EncodeToString(signature)
fmt.Println(signatureB64)
}