Python 3.x AWS4 s3使用python3放置_Python 3.x_Amazon Web Services_Amazon S3_Hash_Sha

Python 3.x AWS4 s3使用python3放置

python-3.x amazon-web-services amazon-s3 hash

Python 3.x AWS4 s3使用python3放置,python-3.x,amazon-web-services,amazon-s3,hash,sha,Python 3.x,Amazon Web Services,Amazon S3,Hash,Sha,尝试使用请求库和aws4身份验证将文件放入s3。下面是来自aws的在线示例，包括python示例，但我经常收到带有签名的错误。我有以下python3代码来生成签名/string\u to\u sign/canonicalrequest，如下所示代码如下： bucket受到限制，需要密钥+id，kms是必须的，因为策略是由另一个团队设置的这是我得到的错误： RESPONSE++++++++++++++++++++++++++++++++++++ Response code: 403 &l

尝试使用请求库和aws4身份验证将文件放入s3。下面是来自aws的在线示例，包括python示例，但我经常收到带有签名的错误。我有以下python3代码来生成签名/string\u to\u sign/canonicalrequest，如下所示

代码如下：

bucket受到限制，需要密钥+id，kms是必须的，因为策略是由另一个团队设置的

这是我得到的错误：

RESPONSE++++++++++++++++++++++++++++++++++++
Response code: 403

<?xml version="1.0" encoding="UTF-8"?>
 <Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your key and signing method.</Message>     <AWSAccessKeyId>AKIA5Y6V25WEXAMPLE</AWSAccessKeyId><StringToSign>AWS4-HMAC-SHA256
 20200928T093040Z
20200928/eu-west-2/s3/aws4_request
e342bc2c0dba3705248e6ae1f55b029b92657795c1f8910fa9cdfb700fd52c0e</StringToSign> <SignatureProvided>28d93bdc037c3ed13f44df8e2dbfee9c3736f244990bcb847608f19af7318125</SignatureProvided><StringToSignBytes>41 57 53 34 2d 48 4d 41 43 2d 53 48 41 32 35 36 0a 32 30 32 30 30 39 32 38 54 30 39 33 30 34 30 5a 0a 32 30 32 30 30 39 32 38 2f 65 75 2d 77 65 73 74 2d 32 2f 73 33 2f 61 77 73 34 5f 72 65 71 75 65 73 74 0a 65 33 34 32 62 63 32 63 30 64 62 61 33 37 30 35 32 34 38 65 36 61 65 31 66 35 35 62 30 32 39 62 39 32 36 35 37 37 39 35 63 31 66 38 39 31 30 66 61 39 63 64 66 62 37 30 30 66 64 35 32 63 30 65</StringToSignBytes><CanonicalRequest>PUT
/test.txt

host:EXAMPLEBUCKET.s3.eu-west-2.amazonaws.com
x-amz-content-sha256:099510d90f52b8f9790f33cd21f1111d8c1e25377e0e645e2c166f6f9e9531f1
x-amz-date:20200928T093040Z
x-amz-server-side-encryption:aws:kms
x-amz-server-side-encryption-aws-kms-key-id: somekeyid

host;x-amz-content-sha256;x-amz-date;x-amz-server-side-encryption;x-amz-server-side-encryption-aws-kms-key-id
099510d90f52b8f9790f33cd21f1111d8c1e25377e0e645e2c166f6f9e9531f1</CanonicalRequest><CanonicalRequestBytes>50 55 54 0a 2f 74 65 73 74 2e 74 78 74 0a 0a 68 6f 73 74 3a 6d 65 73 2d 63 6d 61 2d 70 61 79 6c 6f 61 64 6c 6f 67 67 69 6e 67 2e 73 33 2e 65 75 2d 77 65 73 74 2d 32 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d 0a 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3a 30 39 39 35 31 30 64 39 30 66 35 32 62 38 66 39 37 39 30 66 33 33 63 64 32 31 66 31 31 31 31 64 38 63 31 65 32 35 33 37 37 65 30 65 36 34 35 65 32 63 31 36 36 66 36 66 39 65 39 35 33 31 66 31 0a 78 2d 61 6d 7a 2d 64 61 74 65 3a 32 30 32 30 30 39 32 38 54 30 39 33 30 34 30 5a 0a 78 2d 61 6d 7a 2d 73 65 72 76 65 72 2d 73 69 64 65 2d 65 6e 63 72 79 70 74 69 6f 6e 3a 61 77 73 3a 6b 6d 73 0a 78 2d 61 6d 7a 2d 73 65 72 76 65 72 2d 73 69 64 65 2d 65 6e 63 72 79 70 74 69 6f 6e 2d 61 77 73 2d 6b 6d 73 2d 6b 65 79 2d 69 64 3a 0a 0a 68 6f 73 74 3b 78 2d 61 6d 7a 2d 63 6f 6e 74 65 6e 74 2d 73 68 61 32 35 36 3b 78 2d 61 6d 7a 2d 64 61 74 65 3b 78 2d 61 6d 7a 2d 73 65 72 76 65 72 2d 73 69 64 65 2d 65 6e 63 72 79 70 74 69 6f 6e 3b 78 2d 61 6d 7a 2d 73 65 72 76 65 72 2d 73 69 64 65 2d 65 6e 63 72 79 70 74 69 6f 6e 2d 61 77 73 2d 6b 6d 73 2d 6b 65 79 2d 69 64 0a 30 39 39 35 31 30 64 39 30 66 35 32 62 38 66 39 37 39 30 66 33 33 63 64 32 31 66 31 31 31 31 64 38 63 31 65 32 35 33 37 37 65 30 65 36 34 35 65 32 63 31 36 36 66 36 66 39 65 39 35 33 31 66 31</CanonicalRequestBytes><RequestId>677FF0BD36F1776B</RequestId <HostId>yZc4KmoV7dFhSbWs9c089ufM9rMWwfm0U/AH9fjv05sGY+4aIv3qB6bMdA6B8ubfTtuusIxnTXI=</HostId></Error>

这就是我要发送给aws的内容

规范字符串

PUT
/test.txt

host:somebucket.s3.eu-west-2.amazonaws.com
x-amz-content-sha256:099510d90f52b8f9790f33cd21f1111d8c1e25377e0e645e2c166f6f9e9531f1
x-amz-date:20200928T093040Z
x-amz-server-side-encryption:aws:kms
x-amz-server-side-encryption-aws-kms-key-id: blah

host;x-amz-content-sha256;x-amz-date;x-amz-server-side-encryption;x-amz-server-side-encryption-aws-kms-key-id
099510d90f52b8f9790f33cd21f1111d8c1e25377e0e645e2c166f6f9e9531f1

要签名的字符串

AWS4-HMAC-SHA256
20200928T093040Z
20200928/eu-west-2/s3/aws4_request
e342bc2c0dba3705248e6ae1f55b029b92657795c1f8910fa9cdfb700fd52c0e

请求的输出

this is what we send
{'x-amz-date': '20200928T093040Z', 'Content-Type': 'text/plain', 'Content-Length': '13', 'Authorization': 'AWS4-HMAC-SHA256 Credential=AKIA5example/20200928/eu-west-2/s3/aws4_request,SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-server-side-encryption;x-amz-server-side-encryption-aws-kms-key-id,Signature=28d93bdc037c3ed13f44df8e2dbfee9c3736f244990bcb847608f19af7318125', 'User-Agent': 'python-requests/2.14.2', 'x-amz-content-sha256': '099510d90f52b8f9790f33cd21f1111d8c1e25377e0e645e2c166f6f9e9531f1', 'x-amz-server-side-encryption': 'aws:kms', 'x-amz-server-side-encryption-aws-kms-key-id': 'blah', 'Accept-Encoding': 'gzip, deflate', 'Accept': '*/*', 'Connection': 'keep-alive', 'Key': '/test.txt'}
welcome to s3
PUT

任何帮助都将不胜感激。变量都是定义的，只是为了回答这个问题，我将在不需要kms键的bucket上不使用kms键的情况下进行尝试。您可以使用Python AWS SDK吗？它为您处理SigV4-@MilanGatyas我无法不幸地使用sdk，不是因为我不想，而是因为其他限制/要求。3对象键不是以

开头的。