AWS S3 HTTP帖子的签名密钥生成

时间:2018-02-21 05:00:57

标签: java amazon-web-services amazon-s3

我在浏览器中生成用于执行HTTP Post的有效签名密钥时遇到问题 - 我不断收到错误,如

  

我们计算的请求签名与您提供的签名不符。检查您的密钥和签名方法

由于这并没有告诉我任何问题所在,我决定调试我的签名计算方法是否正确。

所以我决定使用给定的字符串签名秘密访问密钥复制示例in the documentation。我生成的签名与文档页面上给出的签名不匹配。

我在这里做错了什么?以下是我现有的代码(我正在使用AWS Signature V4)

     private void debugSignatureGeneration() throws Exception {

        byte[] testSigningKey = getSigningKey("wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", "20151229", "us-east-1",
                "s3");
        String testStringToSign = "eyAiZXhwaXJhdGlvbiI6ICIyMDE1LTEyLTMwVDEyOjAwOjAwLjAwMFoiLA0KICAiY29uZGl0aW9ucyI6IFsNCiAgICB7ImJ1Y2tldCI6ICJzaWd2NGV4YW1wbGVidWNrZXQifSwNCiAgICBbInN0YXJ0cy13aXRoIiwgIiRrZXkiLCAidXNlci91c2VyMS8iXSwNCiAgICB7ImFjbCI6ICJwdWJsaWMtcmVhZCJ9LA0KICAgIHsic3VjY2Vzc19hY3Rpb25fcmVkaXJlY3QiOiAiaHR0cDovL3NpZ3Y0ZXhhbXBsZWJ1Y2tldC5zMy5hbWF6b25hd3MuY29tL3N1Y2Nlc3NmdWxfdXBsb2FkLmh0bWwifSwNCiAgICBbInN0YXJ0cy13aXRoIiwgIiRDb250ZW50LVR5cGUiLCAiaW1hZ2UvIl0sDQogICAgeyJ4LWFtei1tZXRhLXV1aWQiOiAiMTQzNjUxMjM2NTEyNzQifSwNCiAgICB7IngtYW16LXNlcnZlci1zaWRlLWVuY3J5cHRpb24iOiAiQUVTMjU2In0sDQogICAgWyJzdGFydHMtd2l0aCIsICIkeC1hbXotbWV0YS10YWciLCAiIl0sDQoNCiAgICB7IngtYW16LWNyZWRlbnRpYWwiOiAiQUtJQUlPU0ZPRE5ON0VYQU1QTEUvMjAxNTEyMjkvdXMtZWFzdC0xL3MzL2F3czRfcmVxdWVzdCJ9LA0KICAgIHsieC1hbXotYWxnb3JpdGhtIjogIkFXUzQtSE1BQy1TSEEyNTYifSwNCiAgICB7IngtYW16LWRhdGUiOiAiMjAxNTEyMjlUMDAwMDAwWiIgfQ0KICBdDQp9";
        String testSignature = getSignatureV4(testStringToSign, testSigningKey);
        System.out.println("test signature " + testSignature);
    }


static String getSignatureV4(String stringToSign, byte[] signingKey) throws Exception {

    byte[] signature = HmacSHA256(stringToSign, signingKey);
    return Hex.encodeHexString(signature);
}



static byte[] HmacSHA256(String policy, byte[] key) throws Exception {
    String algorithm = "HmacSHA256";
    Mac mac = Mac.getInstance(algorithm);
    mac.init(new SecretKeySpec(key, algorithm));
    return mac.doFinal(policy.getBytes("UTF8"));
}



static byte[] getSigningKey(String key, String dateStamp, String regionName, String serviceName) throws Exception {
    byte[] kSecret = ("AWS4" + key).getBytes("UTF8");
    byte[] kDate = HmacSHA256(dateStamp, kSecret);
    byte[] kRegion = HmacSHA256(regionName, kDate);
    byte[] kService = HmacSHA256(serviceName, kRegion);
    byte[] kSigning = HmacSHA256("aws4_request", kService);
    return kSigning;
}

如果有帮助,文档中给出的签名是

  

46503978d3596de22955b4b18d6dfb1d54e8c5958727d5bdcd02cc1119c60fc9

虽然我能得到的签名是

  

8afdbf4008c03f22c2cd3cdb72e4afbb1f6a588f3255ac628749a66d7f09699e

0 个答案:

没有答案
相关问题
最新问题