private void ValidateBody(byte[] body, IEnumerable <IRequestHeader> requestHeaders)
{
string signature = ExtractHeaderValue(requestHeaders, "X-GCS-Signature");
string keyId = ExtractHeaderValue(requestHeaders, "X-GCS-KeyId");
using (var mac = new HMACSHA256(StringUtils.Encoding.GetBytes(_secretKeyStore.GetSecretKey(keyId))))
{
mac.Initialize();
byte[] unencodedResult = mac.ComputeHash(body);
var expectedSignature = Convert.ToBase64String(unencodedResult);
bool isValid = signature.CompareWithoutTimingLeak(expectedSignature);
if (!isValid)
{
throw new SignatureValidationException("failed to validate signature '" + signature + "'");
}
}
}
private void ValidateBody(byte[] body, IEnumerable <IRequestHeader> requestHeaders)
{
var numberOfSignatureHeaders = requestHeaders.Count(SignaturePredicate);
if (numberOfSignatureHeaders == 0)
{
throw new SignatureValidationException("Missing X-GCS-Signature header");
}
if (numberOfSignatureHeaders != 1)
{
throw new SignatureValidationException("Duplicate X-GCS-Signature header");
}
var numberOfKeyIdHeaders = requestHeaders.Count(KeyIdPredicate);
if (numberOfKeyIdHeaders == 0)
{
throw new SignatureValidationException("Missing X-GCS-KeyId header");
}
if (numberOfKeyIdHeaders != 1)
{
throw new SignatureValidationException("Duplicate X-GCS-KeyId header");
}
var signature = requestHeaders.SingleOrDefault(SignaturePredicate)?.Value;
var keyId = requestHeaders.SingleOrDefault(KeyIdPredicate)?.Value;
using (var mac = new HMACSHA256(StringUtils.Encoding.GetBytes(_secretKeyStore.GetSecretKey(keyId))))
{
mac.Initialize();
byte[] unencodedResult = mac.ComputeHash(body);
var expectedSignature = Convert.ToBase64String(unencodedResult);
bool isValid = signature.CompareWithoutTimingLeak(expectedSignature);
if (!isValid)
{
throw new SignatureValidationException("failed to validate signature '" + signature + "'");
}
}
}
private void ValidateBody(byte[] body, IEnumerable <IRequestHeader> requestHeaders)
{
Func <IRequestHeader, bool> signaturePredicate = (IRequestHeader h) => h.Name.Equals("X-GCS-Signature", StringComparison.InvariantCultureIgnoreCase);
Func <IRequestHeader, bool> keyIdPredicate = (IRequestHeader h) => h.Name.Equals("X-GCS-KeyId", StringComparison.InvariantCultureIgnoreCase);
if (requestHeaders.Count(signaturePredicate) != 1)
{
if (requestHeaders.Count(signaturePredicate) == 0)
{
throw new SignatureValidationException("Missing X-GCS-Signature header");
}
throw new SignatureValidationException("Duplicate X-GCS-Signature header");
}
if (requestHeaders.Count(keyIdPredicate) != 1)
{
if (requestHeaders.Count(keyIdPredicate) == 0)
{
throw new SignatureValidationException("Missing X-GCS-KeyId header");
}
throw new SignatureValidationException("Duplicate X-GCS-KeyId header");
}
var signature = requestHeaders.SingleOrDefault(signaturePredicate)?.Value;
var keyId = requestHeaders.SingleOrDefault(keyIdPredicate)?.Value;
var mac = new HMACSHA256(StringUtils.Encoding.GetBytes(_secretKeyStore.GetSecretKey(keyId)));
mac.Initialize();
byte[] unencodedResult = mac.ComputeHash(body);
var expectedSignature = Convert.ToBase64String(unencodedResult);
bool isValid = signature.CompareWithoutTimingLeak(expectedSignature);
if (!isValid)
{
throw new SignatureValidationException("failed to validate signature '" + signature + "'");
}
}
