Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import org.apache.commons.codec.binary.Hex;
- import org.assertj.core.api.SoftAssertions;
- import javax.crypto.Mac;
- import javax.crypto.spec.SecretKeySpec;
- import java.io.UnsupportedEncodingException;
- import java.security.MessageDigest;
- import java.security.NoSuchAlgorithmException;
- import java.text.DateFormat;
- import java.text.SimpleDateFormat;
- import java.time.LocalDate;
- import java.time.format.DateTimeFormatter;
- import java.util.Calendar;
- import java.util.Date;
- import java.util.TimeZone;
- public class Test
- {
- private static String region = "us-east-1";
- static byte[] HmacSHA256(String data, byte[] key) throws Exception {
- String algorithm="HmacSHA256";
- Mac mac = Mac.getInstance(algorithm);
- mac.init(new SecretKeySpec(key, algorithm));
- return mac.doFinal(data.getBytes("UTF8"));
- }
- public static byte[] justSha256(String data) throws NoSuchAlgorithmException, UnsupportedEncodingException {
- MessageDigest digest = MessageDigest.getInstance("SHA-256");
- byte[] hash = digest.digest(data.getBytes("UTF8"));
- return hash;
- }
- static byte[] getSigningKey(String key, String dateStamp, String regionName, String serviceName) throws Exception {
- byte[] kSecret = ("AWS4" + key).getBytes("UTF8");
- byte[] kDate = HmacSHA256(dateStamp, kSecret);
- byte[] kRegion = HmacSHA256(regionName, kDate);
- byte[] kService = HmacSHA256(serviceName, kRegion);
- byte[] kSigning = HmacSHA256("aws4_request", kService);
- return kSigning;
- }
- public static String getSimpleDate()
- {
- DateTimeFormatter formatter = DateTimeFormatter.ofPattern("YYYYMMdd");
- return LocalDate.now().format(formatter);
- }
- public static String getAMZDate()
- {
- /*DateTimeFormatter formatter = DateTimeFormatter.ofPattern("YYYYMMDDHHMMSS");
- String timeStamp = new SimpleDateFormat("YYMMDD'T'HHMMSS'Z'").format(Calendar.getInstance().getTime());*/
- TimeZone tz = TimeZone.getTimeZone("UTC");
- DateFormat df = new SimpleDateFormat("yyyyMMdd'T'HHmmss'Z'"); // Quoted "Z" to indicate UTC, no timezone offset
- df.setTimeZone(tz);
- String timeStamp = df.format(new Date());
- return timeStamp;
- }
- public static String createSigningString(String timeStamp, String simpleDate,String serviceName) throws UnsupportedEncodingException, NoSuchAlgorithmException {
- /*AWS4-HMAC-SHA256
- 20150830T123600Z
- 20150830/us-east-1/iam/aws4_request
- f536975d06c0309214f805bb90ccff089219ecd68b2577efef23edd43b7e1a59*/
- String algorithm = "AWS4-HMAC-SHA256\n";
- String amzDate = timeStamp+"\n";
- String simpleDateRegionServiceRequest = simpleDate+"/"+region+"/"+serviceName+"/"+"aws4_request\n";
- String canonicalHash = getCanonicalHash(getCanonicalString("GET","/","Action=ListUsers&Version=2010-05-08","20150830T123600Z",""));
- String signingString = algorithm+amzDate+simpleDateRegionServiceRequest+canonicalHash;
- return signingString;
- }
- public static String getCanonicalString(String method, String absolutePath, String queryString, String timeStamp, String payload) throws UnsupportedEncodingException, NoSuchAlgorithmException {
- String contentType = "Content-Type:application/x-www-form-urlencoded; charset=utf-8\n".toLowerCase();
- String hostUrl = "host:iam.amazonaws.com\n";
- String date = "x-amz-date:"+timeStamp+"\n";
- String signedHeader = "content-type;host;x-amz-date\n";
- String hashedPayload = Hex.encodeHexString(justSha256(payload)).toLowerCase();
- String canonicalString = method+"\n"+absolutePath+"\n"+queryString+"\n"+contentType+hostUrl+date+"\n"+signedHeader+hashedPayload;
- return canonicalString;
- }
- public static String getCanonicalHash(String canonicalString) throws UnsupportedEncodingException, NoSuchAlgorithmException {
- return Hex.encodeHexString(justSha256(canonicalString)).toLowerCase();
- }
- public static void main(String[] args) throws Exception {
- DateTimeFormatter formatter = DateTimeFormatter.ofPattern("YYYYMMDDHHMMSS");
- String timeStamp = new SimpleDateFormat("YYYYMMDD'T'HHMMSS'Z'").format(Calendar.getInstance().getTime());
- String canonString;
- System.out.println( canonString = getCanonicalHash(getCanonicalString("GET","/","Action=ListUsers&Version=2010-05-08","20150830T123600Z","")));
- String signingString = createSigningString("20150830T123600Z","20150830","iam");
- String key = "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY";
- String dateStamp = "20120215";
- String regionName = "us-east-1";
- String serviceName = "iam";
- String signingKey = Hex.encodeHexString(getSigningKey(key,dateStamp,regionName,serviceName));
- SoftAssertions softly = new SoftAssertions();
- softly.assertThat(canonString).isEqualToIgnoringCase("f536975d06c0309214f805bb90ccff089219ecd68b2577efef23edd43b7e1a59");
- String copiedSigningString = "AWS4-HMAC-SHA256\n" +
- "20150830T123600Z\n" +
- "20150830/us-east-1/iam/aws4_request\n" +
- "f536975d06c0309214f805bb90ccff089219ecd68b2577efef23edd43b7e1a59";
- softly.assertThat(signingString).isEqualTo(copiedSigningString);
- softly.assertThat(signingKey).isEqualToIgnoringCase("f4780e2d9f65fa895f9c67b32ce1baf0b0d8a43505a000a1a9e090d414db404d");
- dateStamp ="20150830";
- signingKey = Hex.encodeHexString(getSigningKey(key,dateStamp,regionName,serviceName));
- softly.assertThat(signingKey).isEqualToIgnoringCase("c4afb1cc5771d871763a393e44b703571b55cc28424d1a5e86da6ed3c154a4b9");
- System.out.println("COPIED STRING : "+copiedSigningString);
- System.out.println("SIGNING KEY : "+signingKey);
- String signature = Hex.encodeHexString(HmacSHA256(signingKey.trim(),justSha256(copiedSigningString)));
- System.out.println("Signature : "+signature);
- softly.assertThat(signature).isEqualToIgnoringCase("5d672d79c15b13162d9279b0855cfba6789a8edb4c82c400e06b5924a6f2b5d7");
- softly.assertAll();
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement