I'm trying to create a signature for an Amazon glacier boot request using the sample requests and sample functions provided by the AWS documentation, but I can't get it to work. At this point, I'm sure I'm missing something incredibly obvious:
#!/bin/env python import hmac import hashlib # This string to sign taken from: http://docs.amazonwebservices.com/amazonglacier/latest/dev/amazon-glacier-signing-requests.html#example-signature-calculation sts = """AWS4-HMAC-SHA256 20120525T002453Z 20120525/us-east-1/glacier/aws4_request 5f1da1a2d0feb614dd03d71e87928b8e449ac87614479332aced3a701f916743""" # These two functions taken from: http://docs.amazonwebservices.com/general/latest/gr/signature-v4-examples.html#signature-v4-examples-python def sign(key, msg): return hmac.new(key, msg.encode('utf-8'), hashlib.sha256).hexdigest() # The fake secret key is provided by the referenced docs def getSignatureKey(): kDate = sign(("AWS4" + "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY").encode('utf-8'), "20120525") kRegion = sign(kDate, "us-east-1") kService = sign(kRegion, "glacier") kSigning = sign(kService, "aws4_request") return kSigning signature = sign(getSignatureKey(), sts) print signature
If I run my program, I get the following hash:
$ python test.py 3431315da57da4df28f92895c75364d94b36c745896ad3e580c0a6ae403b1e05
However, the documents clearly state:
If the secret access key is used, wJalrXUtnFEMI / K7MDENG / bPxRfiCYEXAMPLEKEY, then the calculated signature:
3ce5b2f2fffac9262b4da9256f8d086b4aaf42eba5f111c21681a65a127b7c2a
What am I missing?
Christopher
source share