问题描述
我正在尝试直接从浏览器将文件上传到Amazon S3.我阅读了文档,并按照示例由亚马逊提供
I am trying to upload file to Amazon S3 directly from browser. I read the documentation and followed the example provided by amazon
除post方法外,示例方法均有效.错误消息为我们计算出的请求签名与您提供的签名不匹配.检查您的密钥和签名方法.
the example methods works except post method. the error message is The request signature we calculated does not match the signature you provided. Check your key and signing method.
我还检查了此代码样本.并将答案应用到代码中,仍然出现相同的错误.
I also checked this code sample. and applied the answer to the code and still getting the same error.
public class PolicyBuilder
{
public static string Key = "Key";
public static string Secret = "Secret";
public static string GetS3PolicySignatureV4()
{
var policyBuilder = new StringBuilder();
policyBuilder.AppendFormat("{{ \"expiration\": \"{0}\",\r\n", "2018-12-30T12:00:00.000Z");
policyBuilder.Append(" \"conditions\": [\r\n");
policyBuilder.Append(" [\"starts-with\", \"$key\", \"\"],\r\n");
policyBuilder.AppendFormat(" {{\"x-amz-credential\": \"{0}\"}},\r\n", Key + "/20180308/us-east-1/s3/aws4_request");
policyBuilder.Append(" {\"x-amz-algorithm\": \"AWS4-HMAC-SHA256\"},\r\n");
policyBuilder.Append(" {\"x-amz-date\": \"20180308T000000Z\" }\r\n");
policyBuilder.Append(" ]\r\n}");
var policyString = policyBuilder.ToString();
var policyStringBytes = Encoding.UTF8.GetBytes(policyString);
var policy = Convert.ToBase64String(policyStringBytes);
byte[] signingKey = GetSignatureKey(Key, "20180308", "us-east-1", "s3");
byte[] signature = HmacSHA256(policy, signingKey);
var sig = ToHexString(signature, true);
return sig;
}
static byte[] HmacSHA256(String data, byte[] key)
{
String algorithm = "HmacSHA256";
KeyedHashAlgorithm kha = KeyedHashAlgorithm.Create(algorithm);
kha.Key = key;
return kha.ComputeHash(Encoding.UTF8.GetBytes(data));
}
static byte[] GetSignatureKey(String key, String dateStamp, String regionName, String serviceName)
{
byte[] kSecret = Encoding.UTF8.GetBytes(("AWS4" + key).ToCharArray());
byte[] kDate = HmacSHA256(dateStamp, kSecret);
byte[] kRegion = HmacSHA256(regionName, kDate);
byte[] kService = HmacSHA256(serviceName, kRegion);
byte[] kSigning = HmacSHA256("aws4_request", kService);
return kSigning;
}
public static string ToHexString(byte[] data, bool lowercase)
{
var sb = new StringBuilder();
for (var i = 0; i < data.Length; i++)
{
sb.Append(data[i].ToString(lowercase ? "x2" : "X2"));
}
return sb.ToString();
}
}
这是表格:
<!DOCTYPE html>
<html lang="en" xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta charset="utf-8" />
<title></title>
</head>
<body>
<form action="http://MyBucket.s3.amazonaws.com/" method="post" enctype="multipart/form-data">
<input type="hidden" name="key" value="/images/a5827206-ea2c-4fc6-a66b-aebde27d0ea3.jpg" />
<input type="hidden" name="x-amz-credential" value="Key/20180308/us-east-1/s3/aws4_request" />
<input type="hidden" name="x-amz-algorithm" value="AWS4-HMAC-SHA256" />
<input type="hidden" name="x-amz-date" value="20180308T000000Z" />
<input type="hidden" name="policy" value='<Base64PolicyResult>' />
<input type="hidden" name="x-amz-signature" value="<GenerateSignature>" />
File:
<input type="file" name="file" /> <br />
<input type="submit" name="submit" value="Upload to Amazon S3" />
</form>
</body>
</html>我仍然遇到相同的错误.我应该为Amazon S3的存储桶设置任何特定的策略吗?我的代码有什么问题吗? :(
I am still getting the same error. Should I set any specific policy for my bucket on amazon s3?is there anything wrong in my code? :(
推荐答案
错误在这里...
byte[] signingKey = GetSignatureKey(Key, "20180308", "us-east-1", "s3");
此行应为...
byte[] signingKey = GetSignatureKey(Secret, "20180308", "us-east-1", "s3");
您使用的是aws-access-key-id而不是密钥来生成签名密钥.
You're using the aws-access-key-id rather than the secret key to generate your signing key.
这篇关于AWS S3直接上传返回无效签名(版本4签名)C#的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!