无法使用HMAC SHA256的例子重现AWS签名 [英] Unable to reproduce AWS signature from example using HMAC SHA256

问题描述

我下面这个例子

HTTP：//docs.aws。 amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html

和试图重现64个字符的字符串，其状态与签名...

  aeeed9bbccd4d02ee5c0109b86d86835f995330da4c265957d157751f604d404
 

我有成功匹配的十六进制digeset的规范要求和积极的StringToSign字符串是正确的。

最后是计算signing_key和签名。这是我使用的红宝石提供的功能，创下了路障getSignatureKey

<一个href="http://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html#signature-v4-examples-ruby" rel="nofollow">http://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html#signature-v4-examples-ruby

  signing_key = getSignatureKey secret_access_key，CURRENT_DATE，区域，aws_service
签名=的OpenSSL :: HMAC.digest（SHA256，signing_key，string_to_sign）


 DEF getSignatureKey键，邮戳，regionName，服务名
  kDate =的OpenSSL :: HMAC.digest（SHA256，AWS4+键，邮戳）
  kRegion =的OpenSSL :: HMAC.digest（SHA256，kDate，regionName）
  kService =的OpenSSL :: HMAC.digest（SHA256，kRegion，服务名）
  kSigning =的OpenSSL :: HMAC.digest（SHA256，kService，aws4_request）

  kSigning
结束
 

电流输出为签名的字符这个奇怪的序列。

ٻ？H53Ë} WQ

我在想什么，以获得签名，以平等的......

  aeeed9bbccd4d02ee5c0109b86d86835f995330da4c265957d157751f604d404
 

解决方案

这有可能是你的字符序列怪其实是在正确的输出。

的OpenSSL :: HMAC.digest 吐出psented二进制值重新$ P $，和你比较，要psented十六进制值重新$ P $

检查看看，当你打印出来的签名会发生什么将其转换为十六进制再presentation像这样经过：

  signature.each_byte.map {| B | ％02X％B}。加入
 

I am following this example

http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html

and trying to reproduce the 64 character string for the signature which they state as...

aeeed9bbccd4d02ee5c0109b86d86835f995330da4c265957d157751f604d404

I have successful matched the hex digeset for the Canonical Request and positive that the StringToSign string is correct.

The last piece is calculating the signing_key and signature. This is where I am hitting a road block using the provided ruby function 'getSignatureKey'

http://docs.aws.amazon.com/general/latest/gr/signature-v4-examples.html#signature-v4-examples-ruby

signing_key = getSignatureKey secret_access_key, current_date, region, aws_service
signature = OpenSSL::HMAC.digest('sha256', signing_key, string_to_sign)


 def getSignatureKey key, dateStamp, regionName, serviceName
  kDate    = OpenSSL::HMAC.digest('sha256', "AWS4" + key, dateStamp)
  kRegion  = OpenSSL::HMAC.digest('sha256', kDate, regionName)
  kService = OpenSSL::HMAC.digest('sha256', kRegion, serviceName)
  kSigning = OpenSSL::HMAC.digest('sha256', kService, "aws4_request")

  kSigning
end

The current output for 'signature' is this strange sequence of characters.

��ٻ���.�����h5��3 ��e�}wQ��

What am I missing to get the signature to equal...

aeeed9bbccd4d02ee5c0109b86d86835f995330da4c265957d157751f604d404

解决方案

It's possible that your "strange sequence of characters" is in fact the correct output.

OpenSSL::HMAC.digest spits out a value represented in binary, and you are comparing that to a value represented in hex

Check to see what happens when you print out the signature after converting it to hex representation like so:

signature.each_byte.map { |b| "%02x" % b }.join

这篇关于无法使用HMAC SHA256的例子重现AWS签名的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！