Example usage for com.amazonaws.auth SigningAlgorithm HmacSHA256

List of usage examples for com.amazonaws.auth SigningAlgorithm HmacSHA256

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.auth.*
  5. SigningAlgorithm
  6. HmacSHA256

Introduction

In this page you can find the example usage for com.amazonaws.auth SigningAlgorithm HmacSHA256.

Prototype

SigningAlgorithm HmacSHA256

To view the source code for com.amazonaws.auth SigningAlgorithm HmacSHA256.

Click Source Link

Usage

From source file:com.comcast.cmb.common.util.AuthUtil.java

License:Apache License

public static String generateSignatureV4(HttpServletRequest request, URL url, Map<String, String> parameters,
        Map<String, String> headers, String version, String algorithm, String accessSecret) throws Exception {

    /* Example of authorization header value
     * AWS4-HMAC-SHA256 Credential=XK1MWJAYYGQ41ECH06WG/20131126/us-east-1/us-east-1/aws4_request, SignedHeaders=host;user-agent;x-amz-date, Signature=18541c4db00d098414c0bae7394450d1deada902699a45de02849dbcb336f9e3
    *//*from w w w. j  a  v a  2 s. co m*/
    String authorizationHeader = request.getHeader("authorization");
    String credentialPart = authorizationHeader
            .substring(authorizationHeader.indexOf("Credential=") + "Credential=".length());
    String[] credentialPartArray = credentialPart.split("/");

    String regionName = credentialPartArray[2];
    String serviceName = credentialPartArray[3];

    String dateTime = request.getHeader("X-Amz-Date");
    String dateStamp = credentialPartArray[1];

    String scope = credentialPart.substring(credentialPart.indexOf("/") + 1, credentialPart.indexOf(","));

    String payloadString = getPayload(request);
    String contentSha256 = BinaryUtils.toHex(hash(payloadString));
    Map<String, String> filteredHeaders = filterHeader(headers);

    String stringToSign = getStringToSign("AWS4-" + algorithm, dateTime, scope,
            getCanonicalRequest(request, contentSha256, parameters, filteredHeaders));

    byte[] secret = ("AWS4" + accessSecret).getBytes();
    byte[] date = sign(dateStamp, secret, SigningAlgorithm.HmacSHA256);
    byte[] region = sign(regionName, date, SigningAlgorithm.HmacSHA256);
    byte[] service = sign(serviceName, region, SigningAlgorithm.HmacSHA256);
    byte[] signing = sign("aws4_request", service, SigningAlgorithm.HmacSHA256);

    byte[] signatureBytes = sign(stringToSign.getBytes(), signing, SigningAlgorithm.HmacSHA256);

    String signature = BinaryUtils.toHex(signatureBytes);

    return signature;
}

From source file:com.ibm.og.s3.v4.AwsChunkedEncodingInputStream.java

License:Open Source License

/**
 * A wrapper of InputStream that implements pseudo-chunked-encoding. Each chunk will be buffered
 * for the calculation of the chunk signature which is added at the head of each chunk.<br>
 * The default chunk size cannot be customized, since we need to calculate the expected encoded
 * stream length before reading the wrapped stream.<br>
 * This class will use the mark() & reset() of the wrapped InputStream if they are supported,
 * otherwise it will create a buffer for bytes read from the wrapped stream.
 * /*from ww  w  .  j ava  2 s  .c  o  m*/
 * @param in The original InputStream.
 * @param maxBufferSize Maximum number of bytes buffered by this class.
 * @param kSigning Signing key.
 * @param datetime Datetime, as used in SigV4.
 * @param keyPath Keypath/Scope, as used in SigV4.
 * @param headerSignature The signature of the signed headers. This will be used for calculating
 *        the signature of the first chunk.
 * @param aws4Signer The AWS4Signer used for hashing and signing.
 */
public AwsChunkedEncodingInputStream(final InputStream in, int maxBufferSize, final byte[] kSigning,
        final String datetime, final String keyPath, final String headerSignature, final AWS4Signer aws4Signer,
        final LoadingCache<Long, byte[]> digestCache) {
    if (in instanceof AwsChunkedEncodingInputStream) {
        // This could happen when the request is retried, and we need to re-calculate the signatures.
        final AwsChunkedEncodingInputStream originalChunkedStream = (AwsChunkedEncodingInputStream) in;
        maxBufferSize = Math.max(originalChunkedStream.maxBufferSize, maxBufferSize);
        this.is = originalChunkedStream.is;
        this.decodedStreamBuffer = originalChunkedStream.decodedStreamBuffer;
    } else {
        this.is = in;
        this.decodedStreamBuffer = null;
    }

    if (maxBufferSize < DEFAULT_CHUNK_SIZE) {
        throw new IllegalArgumentException("Max buffer size should not be less than chunk size");
    }
    try {
        this.sha256 = MessageDigest.getInstance("SHA-256");
        final String signingAlgo = SigningAlgorithm.HmacSHA256.toString();
        this.hmacSha256 = Mac.getInstance(signingAlgo);
        this.hmacSha256.init(new SecretKeySpec(kSigning, signingAlgo));
    } catch (final NoSuchAlgorithmException e) {
        throw new IllegalStateException(e);
    } catch (final InvalidKeyException e) {
        throw new IllegalArgumentException(e);
    }
    this.maxBufferSize = maxBufferSize;
    this.dateTime = datetime;
    this.keyPath = keyPath;
    this.headerSignature = headerSignature;
    this.priorChunkSignature = headerSignature;
    this.aws4Signer = aws4Signer;
    this.digestCache = digestCache;
}