AWS S3直接上载返回无效签名(版本4签名)C#
我正在尝试直接从浏览器上传文件到AmazonS3。我阅读了文档并遵循了示例 除post方法外,示例方法都有效。错误消息为我们计算的请求签名与您提供的签名不匹配。检查您的密钥和签名方法。 我还检查了代码示例。然后将答案应用到代码中,仍然得到相同的错误AWS S3直接上载返回无效签名(版本4签名)C#,c#,amazon-web-services,post,amazon-s3,C#,Amazon Web Services,Post,Amazon S3,我正在尝试直接从浏览器上传文件到AmazonS3。我阅读了文档并遵循了示例 除post方法外,示例方法都有效。错误消息为我们计算的请求签名与您提供的签名不匹配。检查您的密钥和签名方法。 我还检查了代码示例。然后将答案应用到代码中,仍然得到相同的错误 public class PolicyBuilder { public static string Key = "Key"; public static string Secret = "Secret"; public st
public class PolicyBuilder
{
public static string Key = "Key";
public static string Secret = "Secret";
public static string GetS3PolicySignatureV4()
{
var policyBuilder = new StringBuilder();
policyBuilder.AppendFormat("{{ \"expiration\": \"{0}\",\r\n", "2018-12-30T12:00:00.000Z");
policyBuilder.Append(" \"conditions\": [\r\n");
policyBuilder.Append(" [\"starts-with\", \"$key\", \"\"],\r\n");
policyBuilder.AppendFormat(" {{\"x-amz-credential\": \"{0}\"}},\r\n", Key + "/20180308/us-east-1/s3/aws4_request");
policyBuilder.Append(" {\"x-amz-algorithm\": \"AWS4-HMAC-SHA256\"},\r\n");
policyBuilder.Append(" {\"x-amz-date\": \"20180308T000000Z\" }\r\n");
policyBuilder.Append(" ]\r\n}");
var policyString = policyBuilder.ToString();
var policyStringBytes = Encoding.UTF8.GetBytes(policyString);
var policy = Convert.ToBase64String(policyStringBytes);
byte[] signingKey = GetSignatureKey(Key, "20180308", "us-east-1", "s3");
byte[] signature = HmacSHA256(policy, signingKey);
var sig = ToHexString(signature, true);
return sig;
}
static byte[] HmacSHA256(String data, byte[] key)
{
String algorithm = "HmacSHA256";
KeyedHashAlgorithm kha = KeyedHashAlgorithm.Create(algorithm);
kha.Key = key;
return kha.ComputeHash(Encoding.UTF8.GetBytes(data));
}
static byte[] GetSignatureKey(String key, String dateStamp, String regionName, String serviceName)
{
byte[] kSecret = Encoding.UTF8.GetBytes(("AWS4" + key).ToCharArray());
byte[] kDate = HmacSHA256(dateStamp, kSecret);
byte[] kRegion = HmacSHA256(regionName, kDate);
byte[] kService = HmacSHA256(serviceName, kRegion);
byte[] kSigning = HmacSHA256("aws4_request", kService);
return kSigning;
}
public static string ToHexString(byte[] data, bool lowercase)
{
var sb = new StringBuilder();
for (var i = 0; i < data.Length; i++)
{
sb.Append(data[i].ToString(lowercase ? "x2" : "X2"));
}
return sb.ToString();
}
}
公共类策略生成器
{
公共静态字符串Key=“Key”;
公共静态字符串Secret=“Secret”;
公共静态字符串GetS3PolicySignatureV4()
{
var policyBuilder=新的StringBuilder();
policyBuilder.AppendFormat(“{{\'expiration\”:\“{0}\”,\r\n,“2018-12-30T12:00:00.000Z”);
policyBuilder.Append(“\”条件\“:[\r\n”);
policyBuilder.Append(“[\”以\“,\“$key\”,\“\”],\r\n”开头);
policyBuilder.AppendFormat(“{\'x-amz-credential\”:\“{0}\”}\r\n”,Key+”/20180308/us-east-1/s3/aws4\u请求);
policyBuilder.Append(“{”x-amz-algorithm\”:\“AWS4-HMAC-SHA256\”)\r\n);
policyBuilder.Append(“{”x-amz-date\“:\“20180308T000000Z\”}\r\n”);
policyBuilder.Append(“]\r\n}”);
var policyString=policyBuilder.ToString();
var policyStringBytes=Encoding.UTF8.GetBytes(policyString);
var policy=Convert.ToBase64String(policyStringBytes);
字节[]signingKey=GetSignatureKey(键,“20180308”、“us-east-1”、“s3”);
字节[]签名=HmacSHA256(策略,签名密钥);
var sig=ToHexString(签名,true);
返回信号;
}
静态字节[]HmacSHA256(字符串数据,字节[]键)
{
字符串算法=“HmacSHA256”;
KeyedHashAlgorithm kha=KeyedHashAlgorithm.Create(算法);
kha.Key=Key;
返回kha.ComputeHash(Encoding.UTF8.GetBytes(data));
}
静态字节[]GetSignatureKey(字符串键、字符串日期戳、字符串区域名、字符串服务名)
{
byte[]kSecret=Encoding.UTF8.GetBytes(((“AWS4”+key.tocharray());
字节[]kDate=HmacSHA256(日期戳,kSecret);
字节[]kRegion=HmacSHA256(区域名称,kDate);
字节[]kService=HmacSHA256(serviceName,kRegion);
字节[]kSigning=HmacSHA256(“aws4_请求”,kService);
返回kSigning;
}
公共静态字符串ToHexString(字节[]数据,布尔小写)
{
var sb=新的StringBuilder();
对于(变量i=0;i
文件:
byte[] signingKey = GetSignatureKey(Key, "20180308", "us-east-1", "s3");
byte[] signingKey = GetSignatureKey(Secret, "20180308", "us-east-1", "s3");
您正在使用aws访问密钥id而不是密钥来生成签名密钥。非常感谢。