I am trying to derive signing key with signature version 4 for AWS S3.
I am trying to figure out what should "$STRING" and $OUTPUT be replaced with, when I call "sign" function?
BASH
kSecret=$(printf "AWS4$1" | xxd -p -c 256)
kDate=$(printf "$2" | openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:$kSecret | xxd -p -c 256)
kRegion=$(printf "$3" | openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:$kDate | xxd -p -c 256)
kService=$(printf "$4" | openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:$kRegion | xxd -p -c 256)
kSigning=$(printf "aws4_request" | openssl dgst -binary -sha256 -mac HMAC -macopt hexkey:$kService | xxd -p -c 256)
signedString=$(printf "$5" | openssl dgst -binary -hex -sha256 -mac HMAC -macopt hexkey:$kSigning | sed 's/^.* //')
$(printf $signedString > $6)
}
Call it using
sign $KEY $DATE $REGION $SERVICE "$STRING" $OUTPUT
from this article
This is the reference I am using to find values to insert in variables in above function "sign"
{
String algorithm = "HmacSHA256";
KeyedHashAlgorithm kha = KeyedHashAlgorithm.Create(algorithm);
kha.Key = key;
return kha.ComputeHash(Encoding.UTF8.GetBytes(data));
}
static byte[] getSignatureKey(String key, String dateStamp, String regionName, String serviceName)
{
byte[] kSecret = Encoding.UTF8.GetBytes(("AWS4" + key).ToCharArray());
byte[] kDate = HmacSHA256(dateStamp, kSecret);
byte[] kRegion = HmacSHA256(regionName, kDate);
byte[] kService = HmacSHA256(serviceName, kRegion);
byte[] kSigning = HmacSHA256("aws4_request", kService);
return kSigning;
}
from AWS docs
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…