Python S3上传签名不匹配

时间:2017-07-29 11:35:16

标签: python python-3.x amazon-s3 hmac

我正在使用boto3生成用于将文件上传到s3的签名。

我收到错误 我们计算的请求签名与您提供的签名不符。检查您的密钥和签名方法。

这是我到目前为止所做的。

policy_document =  {'expiration': '2017-07-29T07:51:16.010Z', 'conditions': [{'acl': 'public-read'}, {'bucket': 'testinstantrad'}, {'Content-Type': 'application/pdf'}, {'success_action_status': '200'}, {'key': 'web_uploads/3bda0d30-a556-4347-973b-ae21957d808f-Amendments.pdf'}, {'x-amz-meta-qqfilename': 'Amendments.pdf'}, ['content-length-range', '0', '5000000']]}

policy = base64.b64encode(json.dumps(policy_document).encode("utf-8"))
signature= base64.b64encode(hmac.new(b'AWS_SECRET_KEY', json.dumps(policy_document).encode(), hashlib.sha1).digest("utf-8"))

response_payload = json.dumps({'policy' : policy, 'signature' : signature})

更多关于以下错误:

收到身体响应状态403: SignatureDoesNotMatch我们计算的请求签名与您提供的签名不匹配。检查你的密钥和签名method.AKIAJJ5AEA2H4Y4C4R4Qb'eyJleHBpcmF0aW9uIjogIjIwMTctMDctMjlUMTE6MzY6NDcuOTY5WiIsICJjb25kaXRpb25zIjogW3siYWNsIjogInB1YmxpYy1yZWFkIn0sIHsiYnVja2V0IjogInRlc3RpbnN0YW50cmFkIn0sIHsiQ29udGVudC1UeXBlIjogImFwcGxpY2F0aW9uL3BkZiJ9LCB7InN1Y2Nlc3NfYWN0aW9uX3N0YXR1cyI6ICIyMDAifSwgeyJrZXkiOiAid2ViX3VwbG9hZHMvNTQ0NTY2ODAtNjNjNS00ZTI3LWI4M2QtMTE1YTI2NTM1ZTRjLUFtZW5kbWVudHMucGRmIn0sIHsieC1hbXotbWV0YS1xcWZpbGVuYW1lIjogIkFtZW5kbWVudHMucGRmIn0sIFsiY29udGVudC1sZW5ndGgtcmFuZ2UiLCAiMCIsICI1MDAwMDAwIl1dfQ =='b'vv + KB + QmFLcSYORC4hEisyaULNY = '62 27 65 79 4A 65 6C 48 42 70 63 6D 46 30 61 57 39 75 49 6A 67 6F 49 49 6A 77 54 4D 63 74 4d 44 63 74 4d 6a 6c 55 4d 54 45 36 4d 7a 59 36 4e 44 63 75 4f 54 59 35 57 69 49 73 49 43 4a 6a 62 32 35 6b 61 58 52 70 62 32 35 7a 49 6a 6f 67 57 33 73 69 59 57 4e 73 49 6a 6f 67 49 6e 42 31 59 6d 78 70 59 79 31 79 5a 57 46 6b 49 6e 30 73 49 48 73 69 59 6e 56 6a 61 32 56 30 49 6a 6f 67 49 6e 52 6c 63 33 52 70 62 6e 4e 30 59 57 35 30 63 6d 46 6b 49 6e 30 7 3 49 48 73 69 51 32 39 75 64 47 56 75 64 43 31 55 65 58 42 6c 49 6a 6f 67 49 6d 46 77 63 47 78 70 59 32 46 30 61 57 39 75 4c 33 42 6b 5a 69 4a 39 4c 43 42 37 49 6e 4e 31 59 32 4e 6c 63 33 4e 66 59 57 4e 30 61 57 39 75 58 33 4e 30 59 58 52 31 63 79 49 36 49 43 49 79 4d 44 41 69 66 53 77 67 65 79 4a 72 5a 58 6b 69 4f 69 41 69 64 32 56 69 58 33 56 77 62 47 39 68 5a 48 4d 76 4e 54 51 30 4e 54 59 32 4f 44 41 74 4e 6a 4e 6a 4e 53 30 30 5a 54 49 33 4c 57 49 34 4d 32 51 74 4d 54 45 31 59 54 49 32 4e 54 4d 31 5a 54 52 6a 4c 55 46 74 5a 57 35 6b 62 57 56 75 64 48 4d 75 63 47 52 6d 49 6e 30 73 49 48 73 69 65 43 31 68 62 58 6f 74 62 57 56 30 59 53 31 78 63 57 5a 70 62 47 56 75 59 57 31 6c 49 6a 6f 67 49 6b 46 74 5a 57 35 6b 62 57 56 75 64 48 4d 75 63 47 52 6d 49 6e 30 73 49 46 73 69 59 32 39 75 64 47 56 75 64 43 31 73 5a 57 35 6e 64 47 67 74 63 6d 46 75 5a 32 55 69 4c 43 41 69 4d 43 49 73 49 43 49 31 4d 44 41 77 4d 44 41 77 49 6c 31 64 66 51 3d 3d 2746B920FF32C5D0AFrRgGlQJRihHemtLMBf / mQVsXx3AryuJ8 7oQbIVkiAk7HCpM6E9QyAw4Wugp0rgT3cdeRhPjOSjc =

1 个答案:

答案 0 :(得分:1)

我认为政策可能需要进行base64编码。

这是我一直在使用的一些代码。你会看到一点点差异:

policy_document = '{"expiration": "2018-01-01T00:00:00Z", "conditions": [ {"bucket": "my-bucket"}, ["starts-with", "$key", "uploads/"], {"acl": "private"}, {"success_action_redirect": "http://my-bucket/ok.html"}, ["content-length-range", 0, 1048000] ] }'

AWS_SECRET_ACCESS_KEY = "XXX"

policy = base64.b64encode(policy_document)

signature = base64.b64encode(hmac.new(AWS_SECRET_ACCESS_KEY, policy, hashlib.sha1).digest())

我的policy_document已经是一个字符串,因此缺少json.dumps(),但在用于哈希之前它会经过b64encode()