Created
September 6, 2011 20:45
-
-
Save gregworley/1198903 to your computer and use it in GitHub Desktop.
almost lost
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //http://docs.amazonwebservices.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html#PrivateContent_AuthExamples | |
| //Amazon CloudFront Developer's Guide (API Version 2010-11-01) Using Amazon Cloudfront>Serving Private Content > Creating a Signed URL | |
| package main | |
| import ( | |
| "os" | |
| "strconv" | |
| "fmt" | |
| "io/ioutil" | |
| "crypto/rand" | |
| "crypto/rsa" | |
| "crypto/sha1" | |
| "crypto/x509" | |
| "encoding/pem" | |
| "bytes" | |
| ) | |
| func expire(minutes int) (expires string) { | |
| secondsNow, _, _ := os.Time() | |
| addSeconds := minutes * 60 | |
| secondsNew := int(secondsNow) | |
| expiresInt := secondsNew + addSeconds | |
| expires = strconv.Itoa(expiresInt) | |
| return | |
| } | |
| func privkey(file string) (key *rsa.PrivateKey, err os.Error) { | |
| f, err := os.Open(file, os.O_RDONLY, 0400) | |
| if err != nil { | |
| return | |
| } | |
| buf, err := ioutil.ReadAll(f) | |
| if err != nil { | |
| return | |
| } | |
| p, _ := pem.Decode(buf) | |
| if p == nil { | |
| return nil, os.NewError("no pem block found") | |
| } | |
| return x509.ParsePKCS1PrivateKey(p.Bytes) | |
| } | |
| func main() { | |
| expires := expire(10) | |
| resource := `http://d604721fxaaqy9.cloudfront.net/horizon.jpg?large=yes&license=yes`//testing value | |
| privateKey := "./private-key.pem" | |
| // The Signature value is an RSA-SHA1 digital Signature of the following JSON policy | |
| // with the RESOURCE and EXPIRES values replaced with your values | |
| //{"Statement":[{"Resource":"RESOURCE","Condition":{"DateLessThan":{"AWS:EpochTime":EXPIRES}}}]} | |
| fmt.Printf("\nexpires would be:%s, and it's being reset to: 1258237200 for testing\n", expires) | |
| p1 := `{"Statement":[{"Resource":"` | |
| p2 := resource | |
| p3 := `","Condition":{"DateLessThan":{"AWS:EpochTime":` | |
| p4 := "1258237200"//normally use expires, but this is for testing | |
| p5 := `}}}]}` | |
| toSign := p1 + p2 + p3 + p4 + p5 | |
| fmt.Printf("We're going to sign %s, of Type %T\n", toSign, toSign) | |
| key, err := privkey(privateKey) | |
| if err != nil { | |
| fmt.Print("oops") | |
| } | |
| h := sha1.New() | |
| h.Write([]byte(toSign)) | |
| sum := h.Sum() | |
| sig, err := rsa.SignPKCS1v15(rand.Reader, key, rsa.HashSHA1, sum) | |
| if err != nil { | |
| fmt.Print("oops2") | |
| } | |
| f := bytes.NewBuffer(sig) | |
| g := f.String() | |
| fmt.Printf("The Signed String is: %s\n and is of type:%T\n",g,g) | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment