/// <summary>
/// 获得待计算签名的字符串
/// </summary>
/// <param name="canonicalRequest">canonicalRequest 字符串</param>
/// <param name="signerParams">需要签名的参数信息</param>
/// <returns>计算签名的字符串</returns>
private string CreateStringToSign(String canonicalRequest,
SignerRequestParams signerParams)
{
string stringToSign = new StringBuilder(signerParams.SigningAlgorithm)
.Append(ParameterConstant.LINE_SEPARATOR)
.Append(signerParams.FormattedSigningDateTime)
.Append(ParameterConstant.LINE_SEPARATOR)
.Append(signerParams.Scope)
.Append(ParameterConstant.LINE_SEPARATOR)
.Append(StringUtils.ByteToHex(SignHash(canonicalRequest), true))
.ToString();
return(stringToSign);
}
/// <summary>
/// 构建Authorization头信息
/// </summary>
/// <param name="builder">请求参数封装信息</param>
/// <param name="signature">签名信息</param>
/// <param name="credentials">证书信息</param>
/// <param name="signerParams">签名参数信息</param>
/// <returns>http头 Authorization 信息字符串</returns>
private string BuildAuthorizationHeader(SdkHttpFullRequestBuilder builder, byte[] signature, ICredentials credentials,
SignerRequestParams signerParams)
{
string signingCredentials = credentials.AccessKeyId() + "/" + signerParams.Scope;
string credential = "Credential=" + signingCredentials;
string signerHeaders = "SignedHeaders=" + GetSignedHeadersString(builder);
string signatureHeader = "Signature=" + StringUtils.ByteToHex(signature, true);
return(new StringBuilder().Append(ParameterConstant.JDCLOUD2_SIGNING_ALGORITHM)
.Append(" ")
.Append(credential)
.Append(", ")
.Append(signerHeaders)
.Append(", ")
.Append(signatureHeader)
.ToString());
}
/// <summary>
/// 签名的具体实现
/// </summary>
/// <param name="builder">http请求信息</param>
/// <param name="credentials">证书信息</param>
/// <returns>请求后的http 信息</returns>
private SdkHttpFullRequestBuilder DoSign(SdkHttpFullRequestBuilder builder, Credentials credentials)
{
Credentials sanitizedCredentials = SanitizeCredentials(credentials);
if (credentials.GetType() == typeof(SessionCredentials))
{
AddSessionCredentials(builder, (SessionCredentials)credentials);
}
//20180627T065220Z
//_overrddenDate = new DateTime(2018,6,27,6, 52, 20);
SignerRequestParams signerRequestParams = new SignerRequestParams(builder, _overrddenDate,
RegionName, ServiceName, ParameterConstant.JDCLOUD2_SIGNING_ALGORITHM);
// SignerRequestParams
AddHostHeader(ref builder);
builder.Header(ParameterConstant.X_JDCLOUD_DATE, signerRequestParams.FormattedSigningDateTime);
string contentSha256 = string.Empty;
if (builder.GetHeaders() != null && builder.GetHeaders().ContainsKey(ParameterConstant.X_JDCLOUD_CONTENT_SHA256) &&
builder.GetHeaders()[ParameterConstant.X_JDCLOUD_CONTENT_SHA256] != null &&
builder.GetHeaders()[ParameterConstant.X_JDCLOUD_CONTENT_SHA256].Count > 0)
{
contentSha256 = builder.GetHeaders()[ParameterConstant.X_JDCLOUD_CONTENT_SHA256][0];
}
else
{
contentSha256 = CalculateContentHash(builder);
}
string canonicalRequest = CreateCanonicalRequest(builder, contentSha256);
string stringToSign = CreateStringToSign(canonicalRequest, signerRequestParams);
byte[] signingKey = deriveSigningKey(credentials, signerRequestParams);
byte[] signature = ComputeSignature(stringToSign, signingKey);
builder.Header(ParameterConstant.AUTHORIZATION, BuildAuthorizationHeader(builder, signature, credentials, signerRequestParams));
return(builder);
}
/// <summary>
/// 计算参与签名的密钥验证
/// </summary>
/// <param name="credentials">证书信息</param>
/// <param name="signerRequestParams">需要签名的请求参数信息</param>
/// <returns>计算后的签名信息字节数组</returns>
private byte[] deriveSigningKey(ICredentials credentials, SignerRequestParams signerRequestParams)
{
byte[] signingKey = NewSigningKey(credentials, signerRequestParams.FormattedSigningDate,
signerRequestParams.RegionName, signerRequestParams.ServiceName);
return(signingKey);
}
