AWS S3直接上载返回无效签名(版本4签名) C#
AWS S3直接上载返回无效签名(版本4签名) C#
提问于 2018-03-09 00:25:29
我正试图从浏览器中直接将文件上传到亚马逊S3。我阅读了文档并遵循了示例由amazon提供
示例方法除post方法外有效。错误消息是,我们计算的请求签名与您提供的签名不匹配。检查您的密钥和签名方法.
我还检查了这代码示例。并将答案应用到代码中,但仍然得到相同的错误。
public class PolicyBuilder
{
public static string Key = "Key";
public static string Secret = "Secret";
public static string GetS3PolicySignatureV4()
{
var policyBuilder = new StringBuilder();
policyBuilder.AppendFormat("{{ \"expiration\": \"{0}\",\r\n", "2018-12-30T12:00:00.000Z");
policyBuilder.Append(" \"conditions\": [\r\n");
policyBuilder.Append(" [\"starts-with\", \"$key\", \"\"],\r\n");
policyBuilder.AppendFormat(" {{\"x-amz-credential\": \"{0}\"}},\r\n", Key + "/20180308/us-east-1/s3/aws4_request");
policyBuilder.Append(" {\"x-amz-algorithm\": \"AWS4-HMAC-SHA256\"},\r\n");
policyBuilder.Append(" {\"x-amz-date\": \"20180308T000000Z\" }\r\n");
policyBuilder.Append(" ]\r\n}");
var policyString = policyBuilder.ToString();
var policyStringBytes = Encoding.UTF8.GetBytes(policyString);
var policy = Convert.ToBase64String(policyStringBytes);
byte[] signingKey = GetSignatureKey(Key, "20180308", "us-east-1", "s3");
byte[] signature = HmacSHA256(policy, signingKey);
var sig = ToHexString(signature, true);
return sig;
}
static byte[] HmacSHA256(String data, byte[] key)
{
String algorithm = "HmacSHA256";
KeyedHashAlgorithm kha = KeyedHashAlgorithm.Create(algorithm);
kha.Key = key;
return kha.ComputeHash(Encoding.UTF8.GetBytes(data));
}
static byte[] GetSignatureKey(String key, String dateStamp, String regionName, String serviceName)
{
byte[] kSecret = Encoding.UTF8.GetBytes(("AWS4" + key).ToCharArray());
byte[] kDate = HmacSHA256(dateStamp, kSecret);
byte[] kRegion = HmacSHA256(regionName, kDate);
byte[] kService = HmacSHA256(serviceName, kRegion);
byte[] kSigning = HmacSHA256("aws4_request", kService);
return kSigning;
}
public static string ToHexString(byte[] data, bool lowercase)
{
var sb = new StringBuilder();
for (var i = 0; i < data.Length; i++)
{
sb.Append(data[i].ToString(lowercase ? "x2" : "X2"));
}
return sb.ToString();
}
}以下是表格:
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<title></title>
</head>
<body>
<form action="http://MyBucket.s3.amazonaws.com/" method="post" enctype="multipart/form-data">
<input type="hidden" name="key" value="/images/a5827206-ea2c-4fc6-a66b-aebde27d0ea3.jpg" />
<input type="hidden" name="x-amz-credential" value="Key/20180308/us-east-1/s3/aws4_request" />
<input type="hidden" name="x-amz-algorithm" value="AWS4-HMAC-SHA256" />
<input type="hidden" name="x-amz-date" value="20180308T000000Z" />
<input type="hidden" name="policy" value='<Base64PolicyResult>' />
<input type="hidden" name="x-amz-signature" value="<GenerateSignature>" />
File:
<input type="file" name="file" /> <br />
<input type="submit" name="submit" value="Upload to Amazon S3" />
</form>
</body>
</html>
我还是会犯同样的错误。我应该在亚马逊s3上为我的桶设置任何特定的策略吗?我的代码有什么问题吗?
回答 1
Stack Overflow用户
回答已采纳
发布于 2018-03-09 03:40:44
错误在这里..。
byte[] signingKey = GetSignatureKey(Key, "20180308", "us-east-1", "s3");这一行应该是..。
byte[] signingKey = GetSignatureKey(Secret, "20180308", "us-east-1", "s3");您使用的是aws访问密钥id,而不是生成签名密钥的秘密密钥。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/49184746
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号