-
Notifications
You must be signed in to change notification settings - Fork 4.5k
/
StorageSharedKeyCredential.cs
87 lines (79 loc) · 3.08 KB
/
StorageSharedKeyCredential.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
// Copyright (c) Microsoft Corporation. All rights reserved.
// Licensed under the MIT License.
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Globalization;
using System.Security.Cryptography;
using System.Text;
using System.Threading;
namespace Azure.Storage
{
/// <summary>
/// A <see cref="StorageSharedKeyCredential"/> is a credential backed by
/// a Storage Account's name and one of its access keys.
/// </summary>
public class StorageSharedKeyCredential
{
/// <summary>
/// Gets the name of the Storage Account.
/// </summary>
public string AccountName { get; }
/// <summary>
/// The value of a Storage Account access key.
/// </summary>
private byte[] _accountKeyValue;
/// <summary>
/// Gets the value of a Storage Account access key.
/// </summary>
private byte[] AccountKeyValue
{
get => Volatile.Read(ref _accountKeyValue);
set => Volatile.Write(ref _accountKeyValue, value);
}
/// <summary>
/// Initializes a new instance of the
/// <see cref="StorageSharedKeyCredential"/> class.
/// </summary>
/// <param name="accountName">The name of the Storage Account.</param>
/// <param name="accountKey">A Storage Account access key.</param>
public StorageSharedKeyCredential(
string accountName,
string accountKey)
{
AccountName = accountName;
SetAccountKey(accountKey);
}
/// <summary>
/// Update the Storage Account's access key. This intended to be used
/// when you've regenerated your Storage Account's access keys and want
/// to update long lived clients.
/// </summary>
/// <param name="accountKey">A Storage Account access key.</param>
public void SetAccountKey(string accountKey) =>
AccountKeyValue = Convert.FromBase64String(accountKey);
/// <summary>
/// Generates a base-64 hash signature string for an HTTP request or
/// for a SAS.
/// </summary>
/// <param name="message">The message to sign.</param>
/// <returns>The signed message.</returns>
internal string ComputeHMACSHA256(string message)
{
#if NET6_0_OR_GREATER
return Convert.ToBase64String(HMACSHA256.HashData(AccountKeyValue, Encoding.UTF8.GetBytes(message)));
#else
return Convert.ToBase64String(new HMACSHA256(AccountKeyValue).ComputeHash(Encoding.UTF8.GetBytes(message)));
#endif
}
/// <summary>
/// Generates a base-64 hash signature string for an HTTP request or
/// for a SAS.
/// </summary>
/// <param name="credential">The credential.</param>
/// <param name="message">The message to sign.</param>
/// <returns>The signed message.</returns>
protected static string ComputeSasSignature(StorageSharedKeyCredential credential, string message) =>
credential.ComputeHMACSHA256(message);
}
}