delphi实现腾讯TC3-HMAC-256签名

unit TC3_HMAC;

interface
uses
  System.SysUtils, System.hash, System.DateUtils,System.Net.URLClient,System.Net.HttpClient, System.Net.HttpClientComponent,System.JSON,
  System.Classes,System.NetEncoding;
procedure BuildHeaders(secretid,secretkey,service,endpoint,version,action,region, requestPayload:string;var http:TNetHTTPClient);
{ -------------------------------------------------------------------------------
  腾讯TC3-HMAC-SHA256签名算法
  参数参考如下：
    secretid := '腾讯云SecretId';
    secretkey :='腾讯云SecretKey';
    service := 'ocr'  //ocr文字识别,sms发送短信
    endpoint:= 'ocr.tencentcloudapi.com'//文字识别域名'sms.tencentcloudapi.com'//短信发送的域名
    version :='2018-11-19'//ocr文字识别版本
    actoin  :='IDCardOCR'
    region  :='ap-guangzhou'//广州，北京、上海均可
  ------------------------------------------------------------------------------- }
function GetIDCardInfo(var myhttp:TNethttpClient;base64str,URL:string):string;
implementation

function DateTimeToUx(const AValue: TDateTime): Int64;
// 日期转Unix时间戳
begin
  Result := DateTimeToUnix(AValue) - 8 * 60 * 60;
end;
procedure BuildHeaders(secretid,secretkey,service,endpoint,version,action,region, requestPayload:string;var http:TNetHTTPClient);
begin
    var datestr:= FormatDateTime('YYYY-MM-DD',Date);
    var requestTimestamp:=DateTimeToUx(Now).ToString;
    // ************* 步骤 1：拼接规范请求串 *************
    var algorithm:= 'TC3-HMAC-SHA256';
    var httpRequestMethod:= 'POST';
    var canonicalUri := '/';
    var CanonicalQueryString := '';
    var ContentType:='application/json';
    var canonicalHeaders := 'content-type:' +ContentType + '; charset=utf-8' + #10 + 'host:' + endpoint + #10;
    var signedHeaders := 'content-type;host';
    var hashedRequestPayload := THashSHA2.GetHashString(requestPayload);
    var canonicalRequest := httpRequestMethod + #10
        + canonicalUri + #10
        + canonicalQueryString + #10
        + canonicalHeaders + #10
        + signedHeaders + #10
        + hashedRequestPayload;
    // ************* 步骤 2：拼接待签名字符串 *************
    var credentialScope := datestr + '/' + service + '/' + 'tc3_request';
    var hashedCanonicalRequest := THashSHA2.GetHashString(canonicalRequest);
    var StringToSign := algorithm + #10 + requestTimestamp + #10 + credentialScope + #10 + hashedCanonicalRequest;
     // ************* 步骤 3：计算签名 *************
    var secretDate    :=THashSHA2.GetHMACAsBytes(datestr,TEncoding.UTF8.GetBytes('TC3' + secretkey));
    var secretService :=THashSHA2.GetHMACAsBytes(service,secretDate);
    var secretSigning :=THashSHA2.GetHMACAsBytes('tc3_request',secretService);
    var SignatureBytes:=THashSHA2.GetHMACAsBytes(Bytesof(StringToSign), SecretSigning);
    var signature     :=THash.DigestAsString(SignatureBytes);
     // ************* 步骤 4：拼接 Authorization *************
    var authorization := algorithm + ' '
        + 'Credential=' + secretid + '/' + credentialScope + ', '
        + 'SignedHeaders=' + signedHeaders + ', '
        + 'Signature=' + signature;
   http.UserAgent:='Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36';
   http.CustomHeaders['Authorization'] :=authorization;
   http.CustomHeaders['Host']          :=endpoint;
   http.CustomHeaders['Content-Type']  :=ContentType+'; charset=utf-8';
   http.CustomHeaders['X-TC-Timestamp']:=requestTimestamp;
   http.CustomHeaders['X-TC-Version']  :=version;
   http.CustomHeaders['X-TC-Action']   :=action;
   http.CustomHeaders['X-TC-Region']   :=region;
end;

//身份证识别调用方法：
function ImgTobase64(Image:TStream):string;
var
  bs:TBytesStream;
begin
  bs:=TBytesStream.Create;
  bs.LoadFromStream(Image);
  Result:=TNetEncoding.Base64String.EncodeBytesToString(bs.Bytes,bs.Size);
  bs.Free;
end;
function GetIDCardInfo(var myhttp:TNethttpClient;base64str,URL:string):string;
var
 body:String;
 cParam:TStringStream;
 JO,FJson:TJsonObject;
begin
  body:='{"ImageBase64":"'+base64str+'"}';
  myhttp.HandleRedirects := True;
  BuildHeaders('腾讯云SecretId','腾讯云Secretkey',
               'ocr','ocr.tencentcloudapi.com','2018-11-19','IDCardOCR','ap-guangzhou',body,Myhttp);
  cParam:=TStringStream.Create(body,TEncoding.UTF8);
  JO:=TJSONObject.ParseJSONValue(Myhttp.Post(URL,cParam).ContentAsString) as TJSONObject;
  FJson:=TJSONObject(JO.Values['Response']);
  Result:='姓名：'+FJson.P['Name'].Value+#13#10+
          '身份：'+FJson.P['IdNum'].Value+#13#10+
          '生日：'+FJson.P['Birth'].Value+#13#10+
          '民族：'+FJson.P['Nation'].value+#13#10+
          '性别：'+FJson.P['Sex'].Value+#13#10+
          '住址：'+FJson.P['Address'].Value;

  cParam.Free;
end;

end.

记得申请”腾讯云SecretId“，”腾讯云Secretkey“。以上代码使用Delphi 11，其他版本不一定兼容！