Spell the signature string
Spell the signature string as follows:
Signature algorithm, currently fixed as K1-HMAC-SHA256
The request timestamp, that is, the value of the common parameter X-Timestamp in the request header, takes the current time UNIX timestamp, accurate to seconds. The value of this example is 1551113065.
Voucher range, the format: date/service/K1_Request, which contains the date, the requested service, and the termination string (k1_request). Date is the date of UTC standard time, and the value should be consistent with the UTC standard time date converted by the public parameter x-timestamp; Service is the product name. The calculation result of this example is 2019-02-25/cbms/k1_request.
The hash value of the specification request string obtained in the previous steps is spliced, and the pseudo code is calculated as follows: Lowercase(HexEncode(Hash.SHA256(CanonicalRequest))). The result of this example: is 5ffe6a04c0664d6b969fab9a13bdab201d63ee709638e2749d62a09ca18d7031.
- The Date must be calculated from the timestamp X-Timestamp and the time zone is UTC+0. Suppose that the time stamp is 1551113065, and the time in East District 8 is 2019-02-26 00:44:25, but the calculated date is UTC+0, and it should be 2019-02-25 instead of 2019-02-26.
- The timestamp must be the current system time, and the system time and standard time must be synchronized. If the difference is more than five minutes, it will fail. If the time is not synchronized with the standard time for a long time, the request will fail after running for a period of time, and the signature expiration error will be returned.
According to the above rules, the string to be signed in the example is as follows: