/// <summary> /// 获得待计算签名的字符串 /// </summary> /// <param name="canonicalRequest">canonicalRequest 字符串</param> /// <param name="signerParams">需要签名的参数信息</param> /// <returns>计算签名的字符串</returns> private string CreateStringToSign(String canonicalRequest, SignerRequestParams signerParams) { string stringToSign = new StringBuilder(signerParams.SigningAlgorithm) .Append(ParameterConstant.LINE_SEPARATOR) .Append(signerParams.FormattedSigningDateTime) .Append(ParameterConstant.LINE_SEPARATOR) .Append(signerParams.Scope) .Append(ParameterConstant.LINE_SEPARATOR) .Append(StringUtils.ByteToHex(SignHash(canonicalRequest), true)) .ToString(); return(stringToSign); }
/// <summary> /// 构建Authorization头信息 /// </summary> /// <param name="builder">请求参数封装信息</param> /// <param name="signature">签名信息</param> /// <param name="credentials">证书信息</param> /// <param name="signerParams">签名参数信息</param> /// <returns>http头 Authorization 信息字符串</returns> private string BuildAuthorizationHeader(SdkHttpFullRequestBuilder builder, byte[] signature, ICredentials credentials, SignerRequestParams signerParams) { string signingCredentials = credentials.AccessKeyId() + "/" + signerParams.Scope; string credential = "Credential=" + signingCredentials; string signerHeaders = "SignedHeaders=" + GetSignedHeadersString(builder); string signatureHeader = "Signature=" + StringUtils.ByteToHex(signature, true); return(new StringBuilder().Append(ParameterConstant.JDCLOUD2_SIGNING_ALGORITHM) .Append(" ") .Append(credential) .Append(", ") .Append(signerHeaders) .Append(", ") .Append(signatureHeader) .ToString()); }
/// <summary> /// 签名的具体实现 /// </summary> /// <param name="builder">http请求信息</param> /// <param name="credentials">证书信息</param> /// <returns>请求后的http 信息</returns> private SdkHttpFullRequestBuilder DoSign(SdkHttpFullRequestBuilder builder, Credentials credentials) { Credentials sanitizedCredentials = SanitizeCredentials(credentials); if (credentials.GetType() == typeof(SessionCredentials)) { AddSessionCredentials(builder, (SessionCredentials)credentials); } //20180627T065220Z //_overrddenDate = new DateTime(2018,6,27,6, 52, 20); SignerRequestParams signerRequestParams = new SignerRequestParams(builder, _overrddenDate, RegionName, ServiceName, ParameterConstant.JDCLOUD2_SIGNING_ALGORITHM); // SignerRequestParams AddHostHeader(ref builder); builder.Header(ParameterConstant.X_JDCLOUD_DATE, signerRequestParams.FormattedSigningDateTime); string contentSha256 = string.Empty; if (builder.GetHeaders() != null && builder.GetHeaders().ContainsKey(ParameterConstant.X_JDCLOUD_CONTENT_SHA256) && builder.GetHeaders()[ParameterConstant.X_JDCLOUD_CONTENT_SHA256] != null && builder.GetHeaders()[ParameterConstant.X_JDCLOUD_CONTENT_SHA256].Count > 0) { contentSha256 = builder.GetHeaders()[ParameterConstant.X_JDCLOUD_CONTENT_SHA256][0]; } else { contentSha256 = CalculateContentHash(builder); } string canonicalRequest = CreateCanonicalRequest(builder, contentSha256); string stringToSign = CreateStringToSign(canonicalRequest, signerRequestParams); byte[] signingKey = deriveSigningKey(credentials, signerRequestParams); byte[] signature = ComputeSignature(stringToSign, signingKey); builder.Header(ParameterConstant.AUTHORIZATION, BuildAuthorizationHeader(builder, signature, credentials, signerRequestParams)); return(builder); }
/// <summary> /// 计算参与签名的密钥验证 /// </summary> /// <param name="credentials">证书信息</param> /// <param name="signerRequestParams">需要签名的请求参数信息</param> /// <returns>计算后的签名信息字节数组</returns> private byte[] deriveSigningKey(ICredentials credentials, SignerRequestParams signerRequestParams) { byte[] signingKey = NewSigningKey(credentials, signerRequestParams.FormattedSigningDate, signerRequestParams.RegionName, signerRequestParams.ServiceName); return(signingKey); }