public static S3PostUploadSignedPolicy GetSignedPolicyV4(string policy, AWSCredentials credentials, RegionEndpoint region)
{
var signedAt = AWSSDKUtils.CorrectedUtcNow;
ImmutableCredentials iCreds = credentials.GetCredentials();
var algorithm = "AWS4-HMAC-SHA256";
var dateStamp = Runtime.Internal.Auth.AWS4Signer.FormatDateTime(signedAt, AWSSDKUtils.ISO8601BasicDateFormat);
var dateTimeStamp = Runtime.Internal.Auth.AWS4Signer.FormatDateTime(signedAt, AWSSDKUtils.ISO8601BasicDateTimeFormat);
var credentialString = string.Format(CultureInfo.InvariantCulture, "{0}/{1}/{2}/{3}/{4}/", iCreds.AccessKey, dateStamp, region.SystemName, "s3", Runtime.Internal.Auth.AWS4Signer.Terminator);
Dictionary<string, string> extraConditions = new Dictionary<string, string> {
{ S3Constants.PostFormDataXAmzCredential, credentialString },
{ S3Constants.PostFormDataXAmzAlgorithm, algorithm },
{ S3Constants.PostFormDataXAmzDate, dateTimeStamp }
};
if (iCreds.UseToken) { extraConditions[S3Constants.PostFormDataSecurityToken] = iCreds.Token; }
var policyBytes = addConditionsToPolicy(policy, extraConditions);
var base64Policy = Convert.ToBase64String(policyBytes);
var signingKey = Runtime.Internal.Auth.AWS4Signer.ComposeSigningKey(iCreds.SecretKey, region.SystemName, dateStamp, "s3");
var signature = AWSSDKUtils.ToHex(Runtime.Internal.Auth.AWS4Signer.ComputeKeyedHash(SigningAlgorithm.HmacSHA256, signingKey, base64Policy), true);
return new S3PostUploadSignedPolicy
{
Policy = base64Policy,
Signature = signature,
AccessKeyId = iCreds.AccessKey,
SecurityToken = iCreds.Token,
SignatureVersion = "4",
Algorithm = algorithm,
Date = dateTimeStamp,
Credential = credentialString
};
}
