/** * @brief Create an AWS V3 Signature authorization header value. * * This function builds a V3 signature, and returns it to the caller. The returned * header value is then suitable for adding as an `Authorization` header in the HTTP * request, to be accepted by Amazon. * * @param credentials The AWS credentials to use to sign the request. * @param operation The HTTP method being used for the request. * @param request The network request to generate a signature for. * @param payload Optional data being submitted in the request (eg for `PUT` and `POST` operations). * * @return An AWS V3 Signature authorization header value. * * @see http://docs.aws.amazon.com/Route53/latest/DeveloperGuide/RESTAuthentication.html * @see setAuthorizationHeader */ QByteArray AwsSignatureV3Private::authorizationHeaderValue(const AwsAbstractCredentials &credentials, const QNetworkAccessManager::Operation operation, QNetworkRequest &request, const QByteArray &payload) const { // Calculate the signature. QByteArray signedHeaders; QByteArray stringToSign = canonicalRequest(operation, request, payload, &signedHeaders); if (!isHttps(request)) { stringToSign = QCryptographicHash::hash(stringToSign, hashAlgorithm); } const QByteArray signature = QMessageAuthenticationCode::hash( stringToSign, credentials.secretKey().toUtf8(), hashAlgorithm); // Build and return the authorization header value. return QByteArray((isHttps(request)) ? "AWS3-HTTPS " : "AWS3 ") + "AWSAccessKeyId=" + credentials.accessKeyId().toUtf8() + "," "Algorithm=" + algorithmDesignation(hashAlgorithm) + "," + ((!isHttps(request)) ? "SignedHeaders=" + signedHeaders + ',' : "") + "Signature=" + signature.toBase64(); }
/** * @brief Create an AWS V4 Signature signing key. * * @param credentials AWS credentials to use when generating the signing key. * @param date Date to include in the signing key. * @param region Region name to include in the signing key. * @param service Service name to include in the signing key. * * @return An AWS V4 Signature signing key. * * @see http://docs.aws.amazon.com/general/latest/gr/sigv4-calculate-signature.html */ QByteArray AwsSignatureV4Private::signingKey(const AwsAbstractCredentials &credentials, const QDate &date, const QString ®ion, const QString &service) const { return QMessageAuthenticationCode::hash("aws4_request", QMessageAuthenticationCode::hash(service.toUtf8(), QMessageAuthenticationCode::hash(region.toUtf8(), QMessageAuthenticationCode::hash(date.toString(DateFormat).toUtf8(), "AWS4"+credentials.secretKey().toUtf8(), hashAlgorithm), hashAlgorithm), hashAlgorithm), hashAlgorithm); }