// Derived from https://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html#signature-v4-examples-dotnet
private static byte[] GetSignatureKey(string key, string dateString, string region, string service)
{
var dateKey = HashUtility.CalculateSHA256(dateString, Encoding.UTF8.GetBytes($"AWS4{key}"));
var regionKey = HashUtility.CalculateSHA256(region, dateKey);
var serviceKey = HashUtility.CalculateSHA256(service, regionKey);
return(HashUtility.CalculateSHA256("aws4_request", serviceKey));
}
private string CalculateSignature(string region, Uri url, string secretKey)
{
var now = _clock.UtcNow;
var shortDate = now.ToString("yyyyMMdd");
var longDate = now.ToString("yyyyMMddTHHmmss");
var signingKey = GetSignatureKey(secretKey, shortDate, region, "codecommit");
var canonicalRequest = $"GIT\n{url.LocalPath}\n\nhost:{url.Host}\n\nhost\n";
var canonicalRequestHash = HashUtility.CalculateSHA256(canonicalRequest);
var stringToSign = $"AWS4-HMAC-SHA256\n{longDate}\n{shortDate}/{region}/codecommit/aws4_request\n{HashUtility.HexStringFromBytes(canonicalRequestHash)}";
var signatureBytes = HashUtility.CalculateSHA256(stringToSign, signingKey);
return($"{longDate}Z{HashUtility.HexStringFromBytes(signatureBytes)}");
}
