Ejemplo n.º 1
0
        public (string Signature, string Policy) GetSignature(JToken stringToSign)
        {
            var date          = DateTime.UtcNow.ToString("yyyyMMdd");
            var key           = AWS4Signer.ComposeSigningKey(this._awsSecretAccessKey, this._region, date, "s3");
            var policy        = Convert.ToBase64String(Encoding.UTF8.GetBytes(stringToSign.ToString()));
            var signatureHash = AWS4Signer.ComputeKeyedHash(SigningAlgorithm.HmacSHA256, key, policy);
            var signature     = AWSSDKUtils.ToHex(signatureHash, true);

            return(signature, policy);
        }
Ejemplo n.º 2
0
        public static S3PostUploadSignedPolicy GetSignedPolicyV4(string policy, AWSCredentials credentials, RegionEndpoint region)
        {
            DateTime             correctedUtcNow = AWSSDKUtils.get_CorrectedUtcNow();
            ImmutableCredentials credentials2    = credentials.GetCredentials();
            string text  = "AWS4-HMAC-SHA256";
            string text2 = AWS4Signer.FormatDateTime(correctedUtcNow, "yyyyMMdd");
            string text3 = AWS4Signer.FormatDateTime(correctedUtcNow, "yyyyMMddTHHmmssZ");
            string text4 = string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}/{3}/{4}/", credentials2.get_AccessKey(), text2, region.get_SystemName(), "s3", "aws4_request");
            Dictionary <string, string> dictionary = new Dictionary <string, string>
            {
                {
                    S3Constants.PostFormDataXAmzCredential,
                    text4
                },
                {
                    S3Constants.PostFormDataXAmzAlgorithm,
                    text
                },
                {
                    S3Constants.PostFormDataXAmzDate,
                    text3
                }
            };

            if (credentials2.get_UseToken())
            {
                dictionary[S3Constants.PostFormDataSecurityToken] = credentials2.get_Token();
            }
            string text5 = Convert.ToBase64String(addConditionsToPolicy(policy, dictionary));

            byte[] array     = AWS4Signer.ComposeSigningKey(credentials2.get_SecretKey(), region.get_SystemName(), text2, "s3");
            string signature = AWSSDKUtils.ToHex(AWS4Signer.ComputeKeyedHash(1, array, text5), true);

            return(new S3PostUploadSignedPolicy
            {
                Policy = text5,
                Signature = signature,
                AccessKeyId = credentials2.get_AccessKey(),
                SecurityToken = credentials2.get_Token(),
                SignatureVersion = "4",
                Algorithm = text,
                Date = text3,
                Credential = text4
            });
        }
Ejemplo n.º 3
0
        public static string Build(
            DateTime now,
            string regionName,
            string serviceName,
            ImmutableCredentials credentials,
            string signedHeaders,
            string credentialScope,
            string stringToSign)
        {
            // The following pseudocode shows the construction of the Authorization header value.
            //
            //   <algorithm> Credential=<access key id>/<credential scope>, SignedHeaders=<signed headers>, Signature=<signature>
            //
            // Note the following:
            //
            // - There is no comma between the algorithm and Credential. However, the SignedHeaders
            //   and Signature are separated from the preceding values with a comma.
            // - The Credential value starts with the access key id, which is followed by a forward
            //   slash (/), which is followed by the credential scope. The secret access key is
            //   used to derive the signing key for the signature, but is not included in the
            //   signing information sent in the request.
            //
            // To derive your signing key, use your secret access key to create a series of hash-
            // based message authentication codes (HMACs).
            //
            // Note that the date used in the hashing process is in the format YYYYMMDD (for
            // example, 20150830), and does not include the time.
            var signingKey = AWS4Signer.ComposeSigningKey(
                credentials.SecretKey,
                regionName,
                now.ToIso8601BasicDate(),
                serviceName);

            // Calculate the signature. To do this, use the signing key that you derived and the
            // string to sign as inputs to the keyed hash function. After you calculate the
            // signature, convert the binary value to a hexadecimal representation.
            var hash      = AWS4Signer.ComputeKeyedHash(SigningAlgorithm.HmacSHA256, signingKey, stringToSign);
            var signature = AWSSDKUtils.ToHex(hash, true);

            return($"{AWS4Signer.AWS4AlgorithmTag} Credential={credentials.AccessKey}/{credentialScope}, SignedHeaders={signedHeaders}, Signature={signature}");
        }