问题描述

我正在尝试使用以下 bash 脚本(从 http://curl.haxx.se/mail/archive-2014-10/0006.html#replies):

I am trying to get the following bash script to work (copied from http://curl.haxx.se/mail/archive-2014-10/0006.html#replies):

#!/bin/sh
file=path/to/file
bucket=your-bucket
resource="/${bucket}/${file}"
contentType="application/x-compressed-tar"
dateValue="`date +'%a, %d %b %Y %H:%M:%S %z'`"
stringToSign="GET
${contentType}
${dateValue}
${resource}"
s3Key=xxxxxxxxxxxxxxxxxxxx
s3Secret=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
signature=`/bin/echo -n "$stringToSign" | openssl sha1 -hmac ${s3Secret} -binary |      base64`
curl -H "Host: ${bucket}.s3.amazonaws.com"
-H "Date: ${dateValue}"
-H "Content-Type: ${contentType}"
-H "Authorization: AWS ${s3Key}:${signature}"
https://${bucket}.s3.amazonaws.com/${file}

无论我做什么，我都会收到 SignatureDoesNotMatch 错误.

I am getting a SignatureDoesNotMatch error no matter what I do.

有关如何解决此问题的任何想法将不胜感激.

Any ideas on how to fix this will be greatly appreciated.

推荐答案

在花了太多时间之后，我终于让它工作了:

After way too much time spent on this I finally got it to work:

这一行:

signature=`/bin/echo -n "$stringToSign" | openssl sha1 -hmac ${s3Secret} -binary | base64`

缺少e":

signature=`/bin/echo -en "$stringToSign" | openssl sha1 -hmac ${s3Secret} -binary | base64`

换句话说，在对字符串进行签名之前，字符没有被转义.

In other words, characters weren't being escaped before the string was signed.

顺便说一句，我还了解到对于 get 请求，内容类型毫无意义.

As an aside, I also learned that for get requests, the content type is meaningless.

这篇关于使用 bash 从 S3 下载私有文件的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！