SigningUtils (AWS Java SDK :: Services :: Amazon CloudFront 2.20.128 API)

java.lang.Object
- software.amazon.awssdk.services.cloudfront.internal.utils.SigningUtils

public final class SigningUtils
extends Object

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method and Description
`static String`	`buildCannedPolicy(String resourceUrl, Instant expirationDate)` Returns a "canned" policy for the given parameters.
`static String`	`buildCustomPolicy(String resourceUrl, Instant activeDate, Instant expirationDate, String ipAddress)` Returns a custom policy for the given parameters.
`static String`	`buildCustomPolicyForSignedUrl(String resourceUrl, Instant activeDate, Instant expirationDate, String limitToIpAddressCidr)` Generate a policy document that describes custom access permissions to apply via a private distribution's signed URL.
`static PrivateKey`	`loadPrivateKey(Path keyFile)` Creates a private key from the file given, either in pem or der format.
`static String`	`makeBytesUrlSafe(byte[] bytes)` Converts the given data to be safe for use in signed URLs for a private distribution by using specialized Base64 encoding.
`static String`	`makeStringUrlSafe(String str)` Converts the given string to be safe for use in signed URLs for a private distribution.
`static byte[]`	`signWithSha1Rsa(byte[] dataToSign, PrivateKey privateKey)` Signs the data given with the private key given, using the SHA1withRSA algorithm provided by bouncy castle.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Method Detail
  - buildCannedPolicy
```
public static String buildCannedPolicy(String resourceUrl,
                                       Instant expirationDate)
```
    Returns a "canned" policy for the given parameters. For more information, see Creating a signed URL using a canned policy or Setting signed cookies using a canned policy.
  - buildCustomPolicy
```
public static String buildCustomPolicy(String resourceUrl,
                                       Instant activeDate,
                                       Instant expirationDate,
                                       String ipAddress)
```
    Returns a custom policy for the given parameters. For more information, see Creating a signed URL using a custom policy or Setting signed cookies using a custom policy.
  - makeBytesUrlSafe
```
public static String makeBytesUrlSafe(byte[] bytes)
```
    Converts the given data to be safe for use in signed URLs for a private distribution by using specialized Base64 encoding.
  - makeStringUrlSafe
```
public static String makeStringUrlSafe(String str)
```
    Converts the given string to be safe for use in signed URLs for a private distribution.
  - signWithSha1Rsa
```
public static byte[] signWithSha1Rsa(byte[] dataToSign,
                                     PrivateKey privateKey)
                              throws InvalidKeyException
```
    Signs the data given with the private key given, using the SHA1withRSA algorithm provided by bouncy castle.
    
    Throws:
    
    InvalidKeyException
  - buildCustomPolicyForSignedUrl
```
public static String buildCustomPolicyForSignedUrl(String resourceUrl,
                                                   Instant activeDate,
                                                   Instant expirationDate,
                                                   String limitToIpAddressCidr)
```
    Generate a policy document that describes custom access permissions to apply via a private distribution's signed URL.
    Parameters:
    resourceUrl - The HTTP/S resource path that restricts which distribution and S3 objects will be accessible in a signed URL, i.e., "https://" + distributionName + "/" + objectKey (may also include URL parameters). The '*' and '?' characters can be used as a wildcards to allow multi-character or single-character matches respectively:
    
    * : All distributions/objects will be accessible
    
    a1b2c3d4e5f6g7.cloudfront.net/* : All objects within the distribution a1b2c3d4e5f6g7 will be accessible
    
    a1b2c3d4e5f6g7.cloudfront.net/path/to/object.txt : Only the S3 object named path/to/object.txt in the distribution a1b2c3d4e5f6g7 will be accessible.
    activeDate - An optional UTC time and date when the signed URL will become active. If null, the signed URL will be active as soon as it is created.
    
    expirationDate - The UTC time and date when the signed URL will expire. REQUIRED.
    
    limitToIpAddressCidr - An optional range of client IP addresses that will be allowed to access the distribution, specified as an IPv4 CIDR range (IPv6 format is not supported). If null, the CIDR will be omitted and any client will be permitted.
    
    Returns:
    
    A policy document describing the access permission to apply when generating a signed URL.
  - loadPrivateKey
```
public static PrivateKey loadPrivateKey(Path keyFile)
                                 throws Exception
```
    Creates a private key from the file given, either in pem or der format. Other formats will cause an exception to be thrown.
    
    Throws:
    
    Exception

Class SigningUtils

Method Summary

Methods inherited from class java.lang.Object

Method Detail

buildCannedPolicy

buildCustomPolicy

makeBytesUrlSafe

makeStringUrlSafe

signWithSha1Rsa

buildCustomPolicyForSignedUrl

loadPrivateKey