Java 转换Amazon AWS密钥以与SES一起使用
我一直在尝试转换我的Amazon Web服务IAM密钥,以便与SES一起使用,但我无法成功地使用我正在使用的代码进行身份验证 我已经使用了,并尝试将其转换为Python。虽然我相信我做得对,但这肯定需要一次回顾 文档示例代码(用Java编写)如下所示:Java 转换Amazon AWS密钥以与SES一起使用,java,python-2.7,amazon-web-services,amazon-ses,Java,Python 2.7,Amazon Web Services,Amazon Ses,我一直在尝试转换我的Amazon Web服务IAM密钥,以便与SES一起使用,但我无法成功地使用我正在使用的代码进行身份验证 我已经使用了,并尝试将其转换为Python。虽然我相信我做得对,但这肯定需要一次回顾 文档示例代码(用Java编写)如下所示: import javax.crypto.Mac; import javax.crypto.spec.SecretKeySpec; import javax.xml.bind.DatatypeConverter; public class Ses
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import javax.xml.bind.DatatypeConverter;
public class SesSmtpCredentialGenerator {
private static final String KEY = "AWS SECRET ACCESS KEY"; // Replace with your AWS Secret Access Key.
private static final String MESSAGE = "SendRawEmail"; // Used to generate the HMAC signature. Do not modify.
private static final byte VERSION = 0x02; // Version number. Do not modify.
public static void main(String[] args) {
// Create an HMAC-SHA256 key from the raw bytes of the AWS Secret Access Key
SecretKeySpec secretKey = new SecretKeySpec(KEY.getBytes(), "HmacSHA256");
try {
// Get an HMAC-SHA256 Mac instance and initialize it with the AWS secret access key.
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(secretKey);
// Compute the HMAC signature on the input data bytes.
byte[] rawSignature = mac.doFinal(MESSAGE.getBytes());
// Prepend the version number to the signature.
byte[] rawSignatureWithVersion = new byte[rawSignature.length + 1];
byte[] versionArray = {VERSION};
System.arraycopy(versionArray, 0, rawSignatureWithVersion, 0, 1);
System.arraycopy(rawSignature, 0, rawSignatureWithVersion, 1, rawSignature.length);
// To get the final SMTP password, convert the HMAC signature to base 64.
String smtpPassword = DatatypeConverter.printBase64Binary(rawSignatureWithVersion);
System.out.println(smtpPassword);
} catch (Exception ex) {
System.out.println("Error generating SMTP password: " + ex.getMessage());
}
}
}
下面是我写的代码:
def hash_IAM(user_password):
#http://docs.aws.amazon.com/ses/latest/DeveloperGuide/smtp-credentials.html
if DEBUG: debug_message("Hashing for IAM to SES values")
#Pseudocode:
#encrypted_intent = HmacSha256("SendRawEmail", "AWS Secret Key")
#encrypted_intent = concat(0x02, encrypted_intent)
#resultant_password = Base64(encrypted_intent)
#private static final String KEY = "AWS SECRET ACCESS KEY";
AWS_SECRET_ACCESS_KEY = user_password
# private static final String MESSAGE = "SendRawEmail";
AWS_MESSAGE = "SendRawEmail"
#private static final byte VERSION = 0x02;
#see chr(2) below.
#SecretKeySpec secretKey = new SecretKeySpec(KEY.getBytes(), "HmacSHA256");
#Mac mac = Mac.getInstance("HmacSHA256");
#mac.init(secretKey);
#If I understand correctly, SecretKeySpec is just a vessel for the key and a str that mac.init expects..
#http://developer.android.com/reference/javax/crypto/spec/SecretKeySpec.html [(key data), (algorithm)]
#http://docs.oracle.com/javase/7/docs/api/javax/crypto/Mac.html#init(java.security.Key, java.security.spec.AlgorithmParameterSpec)
#in Python 2, str are bytes
signature = hmac.new(
key=AWS_SECRET_ACCESS_KEY,
msg=AWS_MESSAGE,
digestmod=hashlib.sha256
).digest()
# Prepend the version number to the signature.
signature = chr(2) + signature
# To get the final SMTP password, convert the HMAC signature to base 64.
signature = base64.b64encode(signature)
return signature
我给自己提供了非常开放的IAM组权限:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"ses:*"
],
"Resource": "*"
}
]
}
我希望有人能在我的代码中发现一个问题,或者知道一些我无法通过谷歌搜索找到的API
更新:我编译了Java版本,并且我的输出与测试字符串的输出相匹配。从表面上看,我的Python版本是正确的,但我仍然收到SMTPAuthenticationError类型的异常。我不确定。这可能是ascii和utf-8不匹配吗?@vraiment我编译了它们的Java版本,并在它们和我的函数中运行了一个字符串。。。输出相同。我想这取决于我如何在亚马逊端使用他们的API或其他东西。我将在清理完后发布我使用的Java脚本。