我正在尝试直接从浏览器将文件上传到Amazon S3。我阅读了文档,并按照示例provided by amazon
示例方法除post方法外有效。错误消息我们计算的请求签名与您提供的签名不匹配。检查您的密钥和签名方法。
我还检查了this代码示例。并将答案应用于代码并仍然得到相同的错误。
public class PolicyBuilder
{
public static string Key = "Key";
public static string Secret = "Secret";
public static string GetS3PolicySignatureV4()
{
var policyBuilder = new StringBuilder();
policyBuilder.AppendFormat("{{ \"expiration\": \"{0}\",\r\n", "2018-12-30T12:00:00.000Z");
policyBuilder.Append(" \"conditions\": [\r\n");
policyBuilder.Append(" [\"starts-with\", \"$key\", \"\"],\r\n");
policyBuilder.AppendFormat(" {{\"x-amz-credential\": \"{0}\"}},\r\n", Key + "/20180308/us-east-1/s3/aws4_request");
policyBuilder.Append(" {\"x-amz-algorithm\": \"AWS4-HMAC-SHA256\"},\r\n");
policyBuilder.Append(" {\"x-amz-date\": \"20180308T000000Z\" }\r\n");
policyBuilder.Append(" ]\r\n}");
var policyString = policyBuilder.ToString();
var policyStringBytes = Encoding.UTF8.GetBytes(policyString);
var policy = Convert.ToBase64String(policyStringBytes);
byte[] signingKey = GetSignatureKey(Key, "20180308", "us-east-1", "s3");
byte[] signature = HmacSHA256(policy, signingKey);
var sig = ToHexString(signature, true);
return sig;
}
static byte[] HmacSHA256(String data, byte[] key)
{
String algorithm = "HmacSHA256";
KeyedHashAlgorithm kha = KeyedHashAlgorithm.Create(algorithm);
kha.Key = key;
return kha.ComputeHash(Encoding.UTF8.GetBytes(data));
}
static byte[] GetSignatureKey(String key, String dateStamp, String regionName, String serviceName)
{
byte[] kSecret = Encoding.UTF8.GetBytes(("AWS4" + key).ToCharArray());
byte[] kDate = HmacSHA256(dateStamp, kSecret);
byte[] kRegion = HmacSHA256(regionName, kDate);
byte[] kService = HmacSHA256(serviceName, kRegion);
byte[] kSigning = HmacSHA256("aws4_request", kService);
return kSigning;
}
public static string ToHexString(byte[] data, bool lowercase)
{
var sb = new StringBuilder();
for (var i = 0; i < data.Length; i++)
{
sb.Append(data[i].ToString(lowercase ? "x2" : "X2"));
}
return sb.ToString();
}
}
以下是表格:
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<title></title>
</head>
<body>
<form action="http://MyBucket.s3.amazonaws.com/" method="post" enctype="multipart/form-data">
<input type="hidden" name="key" value="/images/a5827206-ea2c-4fc6-a66b-aebde27d0ea3.jpg" />
<input type="hidden" name="x-amz-credential" value="Key/20180308/us-east-1/s3/aws4_request" />
<input type="hidden" name="x-amz-algorithm" value="AWS4-HMAC-SHA256" />
<input type="hidden" name="x-amz-date" value="20180308T000000Z" />
<input type="hidden" name="policy" value='<Base64PolicyResult>' />
<input type="hidden" name="x-amz-signature" value="<GenerateSignature>" />
File:
<input type="file" name="file" /> <br />
<input type="submit" name="submit" value="Upload to Amazon S3" />
</form>
</body>
</html>
&#13;
我仍然遇到同样的错误。我应该在亚马逊s3上为我的桶设置任何具体政策吗? 我的代码有什么问题吗? :(
答案 0 :(得分:2)
错误就在这里......
byte[] signingKey = GetSignatureKey(Key, "20180308", "us-east-1", "s3");
这一行应该是......
byte[] signingKey = GetSignatureKey(Secret, "20180308", "us-east-1", "s3");
您正在使用aws-access-key-id而不是密钥来生成签名密钥。