/// <summary> /// Get the signature hash embedded inside the Shared Access Signature. /// </summary> /// <param name="policy">The shared access policy to hash.</param> /// <param name="headers">The optional header values to set for a file returned with this SAS.</param> /// <param name="accessPolicyIdentifier">An optional identifier for the policy.</param> /// <param name="resourceName">The canonical resource string, unescaped.</param> /// <param name="sasVersion">A string indicating the desired SAS version to use, in storage service version format.</param> /// <param name="keyValue">The key value retrieved as an atomic operation used for signing.</param> /// <returns>The signed hash.</returns> internal static string GetHash( SharedAccessFilePolicy policy, SharedAccessFileHeaders headers, string accessPolicyIdentifier, string resourceName, string sasVersion, byte[] keyValue) { CommonUtility.AssertNotNullOrEmpty("resourceName", resourceName); CommonUtility.AssertNotNull("keyValue", keyValue); CommonUtility.AssertNotNullOrEmpty("sasVersion", sasVersion); string permissions = null; DateTimeOffset?startTime = null; DateTimeOffset?expiryTime = null; if (policy != null) { permissions = SharedAccessFilePolicy.PermissionsToString(policy.Permissions); startTime = policy.SharedAccessStartTime; expiryTime = policy.SharedAccessExpiryTime; } //// StringToSign = signedpermissions + "\n" + //// signedstart + "\n" + //// signedexpiry + "\n" + //// canonicalizedresource + "\n" + //// signedidentifier + "\n" + //// signedversion + "\n" + //// cachecontrol + "\n" + //// contentdisposition + "\n" + //// contentencoding + "\n" + //// contentlanguage + "\n" + //// contenttype //// //// HMAC-SHA256(UTF8.Encode(StringToSign)) //// string cacheControl = null; string contentDisposition = null; string contentEncoding = null; string contentLanguage = null; string contentType = null; if (headers != null) { cacheControl = headers.CacheControl; contentDisposition = headers.ContentDisposition; contentEncoding = headers.ContentEncoding; contentLanguage = headers.ContentLanguage; contentType = headers.ContentType; } string stringToSign = string.Format( CultureInfo.InvariantCulture, "{0}\n{1}\n{2}\n{3}\n{4}\n{5}\n{6}\n{7}\n{8}\n{9}\n{10}", permissions, GetDateTimeOrEmpty(startTime), GetDateTimeOrEmpty(expiryTime), resourceName, accessPolicyIdentifier, sasVersion, cacheControl, contentDisposition, contentEncoding, contentLanguage, contentType); Logger.LogVerbose(null /* operationContext */, SR.TraceStringToSign, stringToSign); return(CryptoUtility.ComputeHmac256(keyValue, stringToSign)); }
private static string GetHash( SharedAccessFilePolicy policy, SharedAccessFileHeaders headers, string accessPolicyIdentifier, string resourceName, string sasVersion, SharedAccessProtocol?protocols, IPAddressOrRange ipAddressOrRange, byte[] keyValue) { string permissions = null; DateTimeOffset?startTime = null; DateTimeOffset?expiryTime = null; if (policy != null) { permissions = SharedAccessFilePolicy.PermissionsToString(policy.Permissions); startTime = policy.SharedAccessStartTime; expiryTime = policy.SharedAccessExpiryTime; } string cacheControl = null; string contentDisposition = null; string contentEncoding = null; string contentLanguage = null; string contentType = null; if (headers != null) { cacheControl = headers.CacheControl; contentDisposition = headers.ContentDisposition; contentEncoding = headers.ContentEncoding; contentLanguage = headers.ContentLanguage; contentType = headers.ContentType; } string stringToSign = null; if (string.CompareOrdinal(sasVersion, "2015-04-05") >= 0) { stringToSign = string.Format( CultureInfo.InvariantCulture, "{0}\n{1}\n{2}\n{3}\n{4}\n{5}\n{6}\n{7}\n{8}\n{9}\n{10}\n{11}\n{12}", permissions, GetDateTimeOrEmpty(startTime), GetDateTimeOrEmpty(expiryTime), resourceName, accessPolicyIdentifier, ipAddressOrRange == null ? string.Empty : ipAddressOrRange.ToString(), GetProtocolString(protocols), sasVersion, cacheControl, contentDisposition, contentEncoding, contentLanguage, contentType); } else { stringToSign = string.Format( CultureInfo.InvariantCulture, "{0}\n{1}\n{2}\n{3}\n{4}\n{5}\n{6}\n{7}\n{8}\n{9}\n{10}", permissions, GetDateTimeOrEmpty(startTime), GetDateTimeOrEmpty(expiryTime), resourceName, accessPolicyIdentifier, sasVersion, cacheControl, contentDisposition, contentEncoding, contentLanguage, contentType); } return(ComputeHmac256(keyValue, stringToSign)); }
internal static string GetHash(SharedAccessFilePolicy policy, SharedAccessFileHeaders headers, string accessPolicyIdentifier, string resourceName, string sasVersion, SharedAccessProtocol?protocols, IPAddressOrRange ipAddressOrRange, byte[] keyValue) { throw new System.NotImplementedException(); }
internal static void SetupAccessPolicyPermission <T>(T policy, string permission) { //set permission as none if passed-in value is empty if (permission == null) { return; } if (string.IsNullOrEmpty(permission)) { if (typeof(T) == typeof(SharedAccessTablePolicy)) { ((SharedAccessTablePolicy)(Object)policy).Permissions = SharedAccessTablePermissions.None; } else if (typeof(T) == typeof(SharedAccessFilePolicy)) { ((SharedAccessFilePolicy)(Object)policy).Permissions = SharedAccessFilePermissions.None; } else if (typeof(T) == typeof(SharedAccessBlobPolicy)) { ((SharedAccessBlobPolicy)(Object)policy).Permissions = SharedAccessBlobPermissions.None; } else if ((typeof(T) == typeof(SharedAccessQueuePolicy))) { ((SharedAccessQueuePolicy)(Object)policy).Permissions = SharedAccessQueuePermissions.None; } else { throw new ArgumentException(Resources.InvalidAccessPolicyType); } return; } permission = permission.ToLower(CultureInfo.InvariantCulture); try { if (typeof(T) == typeof(SharedAccessTablePolicy)) { //PowerShell will convert q to r in genreate table SAS. Add this to avoid regression string convertedPermission = permission.Replace('q', 'r'); ((SharedAccessTablePolicy)(Object)policy).Permissions = SharedAccessTablePolicy.PermissionsFromString(convertedPermission); } else if (typeof(T) == typeof(SharedAccessFilePolicy)) { ((SharedAccessFilePolicy)(Object)policy).Permissions = SharedAccessFilePolicy.PermissionsFromString(permission); } else if (typeof(T) == typeof(SharedAccessBlobPolicy)) { ((SharedAccessBlobPolicy)(Object)policy).Permissions = SharedAccessBlobPolicy.PermissionsFromString(permission); } else if ((typeof(T) == typeof(SharedAccessQueuePolicy))) { ((SharedAccessQueuePolicy)(Object)policy).Permissions = SharedAccessQueuePolicy.PermissionsFromString(permission); } else { throw new ArgumentException(Resources.InvalidAccessPolicyType); } } catch (System.ArgumentOutOfRangeException) { throw new ArgumentException(string.Format(CultureInfo.CurrentCulture, Resources.InvalidAccessPermission, permission)); } }
internal static UriQueryBuilder GetSignature(SharedAccessFilePolicy policy, SharedAccessFileHeaders headers, string accessPolicyIdentifier, string resourceType, string signature, string accountKeyName, string sasVersion, SharedAccessProtocol?protocols, IPAddressOrRange ipAddressOrRange) { throw new System.NotImplementedException(); }