I am following this example
http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html
and trying to reproduce the 64 character string for the signature which they state as...
aeeed9bbccd4d02ee5c0109b86d86835f995330da4c265957d157751f604d404
I have successful matched the hex digeset for the Canonical Request and positive that the StringToSign string is correct.
The last piece is calculating the signing_key and signature. This is where I am hitting a road block using the provided ruby function 'getSignatureKey'
http://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html#signature-v4-examples-ruby
signing_key = getSignatureKey secret_access_key, current_date, region, aws_service
signature = OpenSSL::HMAC.digest('sha256', signing_key, string_to_sign)
def getSignatureKey key, dateStamp, regionName, serviceName
kDate = OpenSSL::HMAC.digest('sha256', "AWS4" + key, dateStamp)
kRegion = OpenSSL::HMAC.digest('sha256', kDate, regionName)
kService = OpenSSL::HMAC.digest('sha256', kRegion, serviceName)
kSigning = OpenSSL::HMAC.digest('sha256', kService, "aws4_request")
kSigning
end
The current output for 'signature' is this strange sequence of characters.
��ٻ���.�����h5��3 ��e�}wQ��
What am I missing to get the signature to equal...
aeeed9bbccd4d02ee5c0109b86d86835f995330da4c265957d157751f604d404
I can't tell from your post but those are quite possibly exactly the same results, formatted differently.
Your code returns the raw result of the HMAC operation - this is arbitrary binary data so it's not going to print as anything readable. Amazon expect you to provide the hex representation for each byte: your first couple of bytes are "\xae\xee" instead of "aeee"
The easiest way to do this is call hexdigest rather than digest. Note that you should only do this for the final HMAC (when you sign the string to sign with the signing key) not when constructing the signing key
It's possible that your "strange sequence of characters" is in fact the correct output.
OpenSSL::HMAC.digest spits out a value represented in binary, and you are comparing that to a value represented in hex
Check to see what happens when you print out the signature after converting it to hex representation like so:
signature.each_byte.map { |b| "%02x" % b }.join
来源:https://stackoverflow.com/questions/30011035/unable-to-reproduce-aws-signature-from-example-using-hmac-sha256