priorChunkSignature + "\n" + AbstractAWSSigner.EMPTY_STRING_SHA256_HEX + "\n" + BinaryUtils.toHex(sha256.digest(chunkData)); final String chunkSignature = BinaryUtils.toHex(aws4Signer.signWithMac(chunkStringToSign, hmacSha256)); priorChunkSignature = chunkSignature; chunkHeader.append(CHUNK_SIGNATURE_HEADER)
/** * Returns the hex-encoded MD5 hash String of the given message body. */ private static String calculateMessageBodyMd5(String messageBody) { if (log.isDebugEnabled()) { log.debug("Message body: " + messageBody); } byte[] expectedMd5; try { expectedMd5 = Md5Utils.computeMD5Hash(messageBody.getBytes(UTF8)); } catch (Exception e) { throw new AmazonClientException("Unable to calculate the MD5 hash of the message body. " + e.getMessage(), e); } String expectedMd5Hex = BinaryUtils.toHex(expectedMd5); if (log.isDebugEnabled()) { log.debug("Expected MD5 of message body: " + expectedMd5Hex); } return expectedMd5Hex; }
/** * Creates the authorization header to be included in the request. */ private String buildAuthorizationHeader(SignableRequest<?> request, byte[] signature, AWSCredentials credentials, AWS4SignerRequestParams signerParams) { final String signingCredentials = credentials.getAWSAccessKeyId() + "/" + signerParams.getScope(); final String credential = "Credential=" + signingCredentials; final String signerHeaders = "SignedHeaders=" + getSignedHeadersString(request); final String signatureHeader = "Signature=" + BinaryUtils.toHex(signature); final StringBuilder authHeaderBuilder = new StringBuilder(); authHeaderBuilder.append(AWS4_SIGNING_ALGORITHM) .append(" ") .append(credential) .append(", ") .append(signerHeaders) .append(", ") .append(signatureHeader); return authHeaderBuilder.toString(); }
/** * Step 2 of the AWS Signature version 4 calculation. Refer to * http://docs.aws * .amazon.com/general/latest/gr/sigv4-create-string-to-sign.html. */ protected String createStringToSign(String canonicalRequest, AWS4SignerRequestParams signerParams) { final StringBuilder stringToSignBuilder = new StringBuilder( signerParams.getSigningAlgorithm()); stringToSignBuilder.append(LINE_SEPARATOR) .append(signerParams.getFormattedSigningDateTime()) .append(LINE_SEPARATOR) .append(signerParams.getScope()) .append(LINE_SEPARATOR) .append(BinaryUtils.toHex(hash(canonicalRequest))); final String stringToSign = stringToSignBuilder.toString(); if (log.isDebugEnabled()) log.debug("AWS4 String to Sign: '\"" + stringToSign + "\""); return stringToSign; }
/** * Calculate the hash of the request's payload. Subclass could override this * method to provide different values for "x-amz-content-sha256" header or * do any other necessary set-ups on the request headers. (e.g. aws-chunked * uses a pre-defined header value, and needs to change some headers * relating to content-encoding and content-length.) */ protected String calculateContentHash(SignableRequest<?> request) { InputStream payloadStream = getBinaryRequestPayloadStream(request); ReadLimitInfo info = request.getReadLimitInfo(); payloadStream.mark(info == null ? -1 : info.getReadLimit()); String contentSha256 = BinaryUtils.toHex(hash(payloadStream)); try { payloadStream.reset(); } catch (IOException e) { throw new SdkClientException( "Unable to reset stream after calculating AWS4 signature", e); } return contentSha256; }
return BinaryUtils.toHex(hashes.get(0));
String expectedMd5Hex = BinaryUtils.toHex(md5Digest.digest()); if (log.isDebugEnabled()) { log.debug("Expected MD5 of message attributes: " + expectedMd5Hex);
/** * If necessary, creates a chunk-encoding wrapper on the request payload. */ @Override protected void processRequestPayload(SignableRequest<?> request, byte[] signature, byte[] signingKey, AWS4SignerRequestParams signerRequestParams) { if (useChunkEncoding(request)) { AwsChunkedEncodingInputStream chunkEncodededStream = new AwsChunkedEncodingInputStream( request.getContent(), signingKey, signerRequestParams.getFormattedSigningDateTime(), signerRequestParams.getScope(), BinaryUtils.toHex(signature), this); request.setContent(chunkEncodededStream); } }
signerRequestParams); request.addParameter(X_AMZ_SIGNATURE, BinaryUtils.toHex(signature));
protected String getStringToSign(String algorithm, String dateTime, String scope, String canonicalRequest) { final String stringToSign = algorithm + "\n" + dateTime + "\n" + scope + "\n" + BinaryUtils.toHex(hash(canonicalRequest)); log.debug("AWS4 String to Sign: '\"" + stringToSign + "\""); return stringToSign; }
keyPath + "\n" + priorChunkSignature + "\n" + BinaryUtils.toHex(aws4Signer.hash(nonsigExtension)) + "\n" + BinaryUtils.toHex(aws4Signer.hash(chunkData)); final String chunkSignature = BinaryUtils.toHex(aws4Signer.sign(chunkStringToSign, kSigning, SigningAlgorithm.HmacSHA256)); priorChunkSignature = chunkSignature;
/** * Creates the authorization header to be included in the request. */ private String buildAuthorizationHeader(SignableRequest<?> request, byte[] signature, AWSCredentials credentials, AWS4SignerRequestParams signerParams) { final String signingCredentials = credentials.getAWSAccessKeyId() + "/" + signerParams.getScope(); final String credential = "Credential=" + signingCredentials; final String signerHeaders = "SignedHeaders=" + getSignedHeadersString(request); final String signatureHeader = "Signature=" + BinaryUtils.toHex(signature); final StringBuilder authHeaderBuilder = new StringBuilder(); authHeaderBuilder.append(AWS4_SIGNING_ALGORITHM) .append(" ") .append(credential) .append(", ") .append(signerHeaders) .append(", ") .append(signatureHeader); return authHeaderBuilder.toString(); }
/** * Calculate the hash of the request's payload. Subclass could override this * method to provide different values for "x-amz-content-sha256" header or * do any other necessary set-ups on the request headers. (e.g. aws-chunked * uses a pre-defined header value, and needs to change some headers * relating to content-encoding and content-length.) */ protected String calculateContentHash(Request<?> request) { final InputStream payloadStream = getBinaryRequestPayloadStream(request); payloadStream.mark(-1); final String contentSha256 = BinaryUtils.toHex(hash(payloadStream)); try { payloadStream.reset(); } catch (final IOException e) { throw new AmazonClientException( "Unable to reset stream after calculating AWS4 signature", e); } return contentSha256; }
/** * Step 2 of the AWS Signature version 4 calculation. Refer to * http://docs.aws * .amazon.com/general/latest/gr/sigv4-create-string-to-sign.html. */ protected String createStringToSign(String canonicalRequest, AWS4SignerRequestParams signerParams) { final StringBuilder stringToSignBuilder = new StringBuilder( signerParams.getSigningAlgorithm()); stringToSignBuilder.append(LINE_SEPARATOR) .append(signerParams.getFormattedSigningDateTime()) .append(LINE_SEPARATOR) .append(signerParams.getScope()) .append(LINE_SEPARATOR) .append(BinaryUtils.toHex(hash(canonicalRequest))); final String stringToSign = stringToSignBuilder.toString(); if (log.isDebugEnabled()) log.debug("AWS4 String to Sign: '\"" + stringToSign + "\""); return stringToSign; }
/** * Calculate the hash of the request's payload. Subclass could override this * method to provide different values for "x-amz-content-sha256" header or * do any other necessary set-ups on the request headers. (e.g. aws-chunked * uses a pre-defined header value, and needs to change some headers * relating to content-encoding and content-length.) */ protected String calculateContentHash(SignableRequest<?> request) { InputStream payloadStream = getBinaryRequestPayloadStream(request); ReadLimitInfo info = request.getReadLimitInfo(); payloadStream.mark(info == null ? -1 : info.getReadLimit()); String contentSha256 = BinaryUtils.toHex(hash(payloadStream)); try { payloadStream.reset(); } catch (IOException e) { throw new SdkClientException( "Unable to reset stream after calculating AWS4 signature", e); } return contentSha256; }
/** * Returns the hex-encoded MD5 hash String of the given message body. */ private static String calculateMessageBodyMd5(String messageBody) { if (log.isDebugEnabled()) { log.debug("Message body: " + messageBody); } byte[] expectedMd5; try { expectedMd5 = Md5Utils.computeMD5Hash(messageBody.getBytes(UTF8)); } catch (Exception e) { throw new AmazonClientException( "Unable to calculate the MD5 hash of the message body. " + e.getMessage(), e); } String expectedMd5Hex = BinaryUtils.toHex(expectedMd5); if (log.isDebugEnabled()) { log.debug("Expected MD5 of message body: " + expectedMd5Hex); } return expectedMd5Hex; }
@Test public void testToAndFromHex() { byte[] b = { -1, 0, 127, -128 }; // ff 00 7f 80 String hex = BinaryUtils.toHex(b); assertEquals(hex.substring(0, 2), "ff"); assertEquals(hex.substring(2, 4), "00"); assertEquals(hex.substring(4, 6), "7f"); assertEquals(hex.substring(6, 8), "80"); byte[] bytes = BinaryUtils.fromHex(hex); assertArrayEquals(b, bytes); }
/** * If necessary, creates a chunk-encoding wrapper on the request payload. */ @Override protected void processRequestPayload(Request<?> request, HeaderSigningResult headerSigningResult) { if (useChunkEncoding(request)) { InputStream payloadStream = request.getContent(); String dateTime = headerSigningResult.getDateTime(); String keyPath = headerSigningResult.getScope(); byte[] kSigning = headerSigningResult.getKSigning(); String signature = BinaryUtils.toHex(headerSigningResult .getSignature()); AwsChunkedEncodingInputStream chunkEncodededStream = new AwsChunkedEncodingInputStream( payloadStream, kSigning, dateTime, keyPath, signature, this); request.setContent(chunkEncodededStream); } }
"SignedHeaders=" + getSignedHeadersString(request); final String signatureAuthorizationHeader = "Signature=" + BinaryUtils.toHex(headerSigningResult.getSignature());
signerRequestParams); request.addParameter(X_AMZ_SIGNATURE, BinaryUtils.toHex(signature));