Fatal编程技术网
  • csharp/
  • C# Azure存储SAS签名不匹配,如何生成SAS令牌?

C# Azure存储SAS签名不匹配,如何生成SAS令牌?

c# azure

C# Azure存储SAS签名不匹配,如何生成SAS令牌?,c#,azure,azure-storage,C#,Azure,Azure Storage,我在生成SAS令牌以下载Azure存储文件时遇到一些问题。下面生成的URI不起作用。我返回的错误消息是签名不匹配,我不确定原因 是否有人生成了SAS令牌,并获得了手动匹配的签名 static void Main(string[] args) { var sas = generateSAS ( key, // Azure portal very secret ^-^ keyName

我在生成SAS令牌以下载Azure存储文件时遇到一些问题。下面生成的URI不起作用。我返回的错误消息是签名不匹配,我不确定原因

是否有人生成了SAS令牌,并获得了手动匹配的签名

    static void Main(string[] args)
    {
        var sas = generateSAS
        (
            key,            // Azure portal very secret ^-^
            keyName,        // Azure portal, example: key1
            resourceUri,    // example: https://myaccount.blob.core.windows.net/emails/email.pdf
            resourcePath    // example: /blob/myaccount/emails/email.pdf
        );
    }

    private static string generateSAS(string key, string keyName, string uri, string path)
    {
        var permissions = "r";
        var startTime = DateTime.UtcNow;
        var endTime = DateTime.UtcNow.AddSeconds(60 * 2);
        var canonicalizedresource = path;
        var signedidentifier = keyName;
        var signedversion = "2012-02-12";

        var stringToSign = permissions + "\n" +
                           startTime.ToUniversalTime().ToString("u").Replace(" ", "T") + "\n" +
                           endTime.ToUniversalTime().ToString("u").Replace(" ", "T") + "\n" +
                           canonicalizedresource + "\n" +
                           signedidentifier + "\n" +
                           signedversion;

        HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(key));

        var signature = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(stringToSign)));

        return string.Format(CultureInfo.InvariantCulture, "{0}?sp={1}&st={2}&se={3}&spr={4}&sv={5}&sr={6}&si={7}&sig={8}",
            uri,
            permissions,
            startTime.ToUniversalTime().ToString("u").Replace(" ", "T"),
            endTime.ToUniversalTime().ToString("u").Replace(" ", "T"),
            "https",
            signedversion,
            "b",
            keyName,
            HttpUtility.UrlEncode(signature));
    }
问题很可能与以下代码行有关:

HMACSHA256 hmac = new HMACSHA256(Encoding.UTF8.GetBytes(key));
请将其更改为:

HMACSHA256 hmac = new HMACSHA256(Convert.FromBase64String(key));
请尝试以下代码,它会为我生成有效的sas令牌:

private static string generateSAS(string resourceUri, string account_name, string key)
{
    var accountName = account_name;
    var accountKey = key;
    var start = DateTime.UtcNow.AddHours(-2).ToString("yyyy-MM-ddTHH:mm:ssZ");
    var end = DateTime.UtcNow.AddHours(2).ToString("yyyy-MM-ddTHH:mm:ssZ");
    var permission = "rwdlac";
    var serviceType = "b";
    var resourceTypes = "sco";
    var protocol = "https";
    var serviceVersion = "2019-02-02";

    //here is the difference from your code.
    var stringToSign = string.Format("{0}\n{1}\n{2}\n{3}\n{4}\n{5}\n{6}\n{7}\n{8}\n",accountName, permission,serviceType,resourceTypes,start,end,"",protocol,serviceVersion);

    HMACSHA256 hmac = new HMACSHA256(Convert.FromBase64String(accountKey));
    string signature = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(stringToSign)));
    var sasToken = string.Format("?sv={0}&ss={1}&srt={2}&sp={3}&se={4}&st={5}&spr={6}&sig={7}", serviceVersion,
        serviceType, resourceTypes, permission, end, start, protocol, HttpUtility.UrlEncode(signature));

    var urlToListTables = resourceUri + sasToken;

    return urlToListTables;
}
你能按照下面的答案解决这个问题吗?如果是,请帮忙。谢谢