/// <summary>
/// Constructs the signed trailing headers, optionally including
/// the selected checksum for this stream's data. For example:
/// trailing-header-A:value CRLF
/// trailing-header-B:value CRLF
/// x-amz-trailer-signature:signature_value CRLF
/// CRLF
/// </summary>
/// <returns>Stream chunk containing the trailing headers and their signature</returns>
private string ConstructSignedTrailersChunk()
{
// If the trailing headers included a trailing checksum, set the hash value
if (_hashAlgorithm != null)
{
_hashAlgorithm.TransformFinalBlock(new byte[0], 0, 0);
_trailingHeaders[ChecksumUtils.GetChecksumHeaderKey(_trailingChecksum)] = Convert.ToBase64String(_hashAlgorithm.Hash);
}
string chunkSignature;
if (HeaderSigningResult is AWS4SigningResult)
{
var sortedTrailingHeaders = AWS4Signer.SortAndPruneHeaders(_trailingHeaders);
var canonicalizedTrailingHeaders = AWS4Signer.CanonicalizeHeaders(sortedTrailingHeaders);
var chunkStringToSign =
TRAILING_HEADER_STRING_TO_SIGN_PREFIX + "\n" +
HeaderSigningResult.ISO8601DateTime + "\n" +
HeaderSigningResult.Scope + "\n" +
PreviousChunkSignature + "\n" +
AWSSDKUtils.ToHex(AWS4Signer.ComputeHash(canonicalizedTrailingHeaders), true);
chunkSignature = AWSSDKUtils.ToHex(AWS4Signer.SignBlob(((AWS4SigningResult)HeaderSigningResult).GetSigningKey(), chunkStringToSign), true);
}
else // SigV4a
{
chunkSignature = Sigv4aSigner.SignTrailingHeaderChunk(_trailingHeaders, PreviousChunkSignature, (AWS4aSigningResult)HeaderSigningResult).PadRight(V4A_SIGNATURE_LENGTH, '*');
}
var chunk = new StringBuilder();
// The order here must match the order of keys sent already in the X-Amz-Trailer header.
foreach (var kvp in _trailingHeaders.OrderBy(kvp => kvp.Key))
{
chunk.Append($"{kvp.Key}:{kvp.Value}{STREAM_NEWLINE}");
}
chunk.Append($"{TRAILING_HEADER_SIGNATURE_KEY}:{chunkSignature}{STREAM_NEWLINE}");
chunk.Append(STREAM_NEWLINE);
return(chunk.ToString());
}