Swift 實(shí)現(xiàn)騰訊云 TC3-HMAC-SHA256 簽名方法

cloud.tencent.api

最近在接入一些騰訊云的API,騰訊是不是歧視我 iOS 沒(méi)有 OC 示例,也沒(méi)有 Swift 示例,可能是面向服務(wù)器的吧,但是邊上安卓的童鞋直接復(fù)制JAVA代碼就跑起來(lái)~~~我難受。

最看不起別人拿來(lái)主義,最希望自己可以 Command + C ????????

更難受的是我用的是 Swift, 系統(tǒng)沒(méi)有現(xiàn)成的加密庫(kù),但是真的不想又引入一個(gè)第三方庫(kù),這里指的是這個(gè)庫(kù) CryptoSwift,當(dāng)然不Care的童鞋直接pod install就好,這個(gè)無(wú)非是個(gè)人喜好,100來(lái)行代碼可以解決的問(wèn)題自己試試不香嗎~

準(zhǔn)備

在橋接文件里導(dǎo)入 #import <CommonCrypto/CommonHMAC.h>
橋接文件在你的Swift工程里面創(chuàng)建一個(gè)OC文件,Xcode就會(huì)幫你創(chuàng)建好啦。

代碼

代碼不多,我直接貼這里了,要的直接拷貝就好,也歡迎直接去GitHub中ZYCrypto給予一個(gè)小小的Star:

import Foundation

extension String {
    func hmac(by algorithm: Algorithm, key: [UInt8]) -> [UInt8] {
        var result = [UInt8](repeating: 0, count: algorithm.digestLength())
        CCHmac(algorithm.algorithm(), key, key.count, self.bytes, self.bytes.count, &result)
        return result
    }
    
    func hashHex(by algorithm: Algorithm) -> String {
        return algorithm.hash(string: self).hexString
    }
    
     func hash(by algorithm: Algorithm) -> [UInt8] {
        return algorithm.hash(string: self)
     }
}


enum Algorithm {
    case MD5, SHA1, SHA224, SHA256, SHA384, SHA512
    
    func algorithm() -> CCHmacAlgorithm {
        var result: Int = 0
        switch self {
        case .MD5:    result = kCCHmacAlgMD5
        case .SHA1:   result = kCCHmacAlgSHA1
        case .SHA224: result = kCCHmacAlgSHA224
        case .SHA256: result = kCCHmacAlgSHA256
        case .SHA384: result = kCCHmacAlgSHA384
        case .SHA512: result = kCCHmacAlgSHA512
        }
        return CCHmacAlgorithm(result)
    }
    
    func digestLength() -> Int {
        var result: CInt = 0
        switch self {
        case .MD5:    result = CC_MD5_DIGEST_LENGTH
        case .SHA1:   result = CC_SHA1_DIGEST_LENGTH
        case .SHA224: result = CC_SHA224_DIGEST_LENGTH
        case .SHA256: result = CC_SHA256_DIGEST_LENGTH
        case .SHA384: result = CC_SHA384_DIGEST_LENGTH
        case .SHA512: result = CC_SHA512_DIGEST_LENGTH
        }
        return Int(result)
    }
    
    func hash(string: String) -> [UInt8] {
        var hash = [UInt8](repeating: 0, count: self.digestLength())
        switch self {
        case .MD5:    CC_MD5(   string.bytes, CC_LONG(string.bytes.count), &hash)
        case .SHA1:   CC_SHA1(  string.bytes, CC_LONG(string.bytes.count), &hash)
        case .SHA224: CC_SHA224(string.bytes, CC_LONG(string.bytes.count), &hash)
        case .SHA256: CC_SHA256(string.bytes, CC_LONG(string.bytes.count), &hash)
        case .SHA384: CC_SHA384(string.bytes, CC_LONG(string.bytes.count), &hash)
        case .SHA512: CC_SHA512(string.bytes, CC_LONG(string.bytes.count), &hash)
        }
        return hash
    }
}

extension Array where Element == UInt8 {
    var hexString: String {
        return self.reduce(""){$0 + String(format: "%02x", $1)}
    }
    
    var base64String: String {
        return self.data.base64EncodedString(options: Data.Base64EncodingOptions.lineLength76Characters)
    }
    
    var data: Data {
        return Data(self)
    }
}

extension String {
    var bytes: [UInt8] {
        return [UInt8](self.utf8)
    }
}

extension Data {
    var bytes: [UInt8] {
        return [UInt8](self)
    }
}

swift 加密 抄了一點(diǎn), 直接使用無(wú)法實(shí)現(xiàn)需求,同時(shí)好像代碼太OC了,所以改了改,但是還是要在此表示感謝。

使用的話(huà)非常簡(jiǎn)單

HMAC

let tData = "test string".hmac(by: .SHA256, key: "key string".bytes)
let oDada = "other test string".hamc(by: .SHA256, key: tData)
let signature = oData.hexSting.lowercased()

HASH

let sha256Hash = "test string".hashHex(by: .SHA256)
let md5Hash = "test string".hash(by: .MD5).base64String
騰訊云 TC3-HMAC-SHA256 簽名

這是 https://cloud.tencent.com/document/product/1131/42337 騰訊云文檔的一個(gè)接口鑒權(quán)文檔,前面說(shuō)了,很遺憾,沒(méi)有Swift 示例,也可能是因?yàn)閕OS沒(méi)有現(xiàn)成的加密工具有關(guān)。

主要還是加密功能的實(shí)現(xiàn),實(shí)現(xiàn)了對(duì)應(yīng)的加密方法,一切都按照流程來(lái)就好。

騰訊云 TC3-HMAC-SHA256 簽名示例:

let secretId  = "AKIDz8krbsJ5yKBZQpn74WFkmLPx3EXAMPLE"
let secretKey = "Gu5t9xGARNpq86cd98joQYCN3EXAMPLE"
let action = "DescribeInstances"
let service = "cvm"
let host = "cvm.tencentcloudapi.com"
let region = "ap-guangzhou"
let version = "2017-03-12"
let algorithm = "TC3-HMAC-SHA256"
let timestampInterval: TimeInterval = 1551113065
let timestamp = "\(Int(timestampInterval))"
let dateFormatter = DateFormatter()
dateFormatter.dateFormat = "yyyy-MM-dd"
//注意時(shí)區(qū),否則容易出錯(cuò)
dateFormatter.timeZone = TimeZone(identifier: "UTC")
let date = dateFormatter.string(from: Date(timeIntervalSince1970: timestampInterval))

// ************* 步驟 1:拼接規(guī)范請(qǐng)求串 *************

let httpRequestMethod = "POST"
let canonicalUri = "/"
let canonicalQueryString = ""
let canonicalHeaders = "content-type:application/json; charset=utf-8\n" + "host:" + host + "\n"
let signedHeaders = "content-type;host"
let payload = "{\"Limit\": 1, \"Filters\": [{\"Values\": [\"\\u672a\\u547d\\u540d\"], \"Name\":\"instance-name\"}]}"
let hashedRequestPayload = payload.hashHex(by: .SHA256)
let canonicalRequest = httpRequestMethod + "\n" + canonicalUri + "\n" + canonicalQueryString + "\n"
    + canonicalHeaders + "\n" + signedHeaders + "\n" + hashedRequestPayload;
print("第一步結(jié)果:", canonicalRequest)

// ************* 步驟 2:拼接待簽名字符串 *************
let credentialScope = date + "/" + service + "/" + "tc3_request"
let hashedCanonicalRequest = canonicalRequest.hashHex(by: .SHA256)
let stringToSign = algorithm + "\n" + timestamp + "\n" + credentialScope + "\n" +
hashedCanonicalRequest
print("第二步結(jié)果:", stringToSign)

// ************* 步驟 3:計(jì)算簽名 *************
let secretDate = date.hmac(by: .SHA256, key: ("TC3" + secretKey).bytes)
let secretService = service.hmac(by: .SHA256, key: secretDate)
let secretSigning = "tc3_request".hmac(by: .SHA256, key: secretService)
let signature = stringToSign.hmac(by: .SHA256, key: secretSigning).hexString.lowercased()
print("第三步結(jié)果:", signature)

// ************* 步驟 4:拼接 Authorization *************
let authorization = "TC3-HMAC-SHA256 " + "Credential=" + secretId + "/" + credentialScope + ", "
+ "SignedHeaders=" + signedHeaders + ", " + "Signature=" + signature
print("第四步結(jié)果:", authorization)
textView.text += "第四步結(jié)果:" + authorization + "\n"
var headerParams = [String: Any]()
headerParams["Host"]           = host
headerParams["Authorization"]  = authorization
headerParams["Content-Type"]   = "application/json; charset=utf-8"
headerParams["X-TC-Action"]    = action
headerParams["X-TC-Timestamp"] = timestamp
headerParams["X-TC-Version"]   = version
//然后例如AFN,可以使用AFHTTPRequestSerializer 的 requestSerializer 寫(xiě)入到請(qǐng)求頭
//  for headerParam in headerParams {
//      requestSerializer.setValue(headerParam.value, forHTTPHeaderField: headerParam.key)
//  }

代碼也可以直接從GitHub中ZYCrypto獲取,這是加密結(jié)果,和文檔中結(jié)果一致:

TC3-HMAC-SHA256

賞我一個(gè)贊吧~

最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容