Use AWS SDK to calculate an AWS v4 signature as described at http://docs.aws.amazon.com/general/latest/gr/signature-v4-test-suite.html#signature-v4-test-suite-task-3.
const AWS = require('aws-sdk');
const { createHmac } = AWS.util.crypto.lib;
const hmacSha256 = (signingKey, stringToSign, encoding) => {
return createHmac('sha256', signingKey)
.update(stringToSign)
.digest(encoding);
};
const stringToSign = `AWS4-HMAC-SHA256
20150830T123600Z
20150830/us-east-1/service/aws4_request
816cd5b414d056048ba4f7c5386d6e0533120fb1fcfa93762cf0fc39e2cf19e0`;
const targetSignature = 'b97d918cfa904a5beff61c982a1b6f458b799221646efd99d3219ec94cdf2500';
const secretKey = 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY';
const requestScope = stringToSign.split('\n')[2];
const [date, region, service, signatureType] = requestScope.split('/');
const round1 = hmacSha256(`AWS4${secretKey}`, date);
const round2 = hmacSha256(round1, region);
const round3 = hmacSha256(round2, service);
const round4 = hmacSha256(round3, signatureType);
const final = hmacSha256(round4, stringToSign, 'hex');
console.log(targetSignature == final.toString(), targetSignature, final.toString());
1 comment
- posted a year ago byRevisiting this code snippet a few years later, I'm so glad it's been useful to other AWS integrators! My link to the AWS docs is broken, so it may be nonobvious that the stringToSign, targetSignature, and secretKey were all examples from AWS. You can find fresh examples in Task 2 and Task 3 of the current AWS signing docs: https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html. I'm keeping the code above as-is for posterity. For anyone who'd like to use this code, I'm releasing it into the public domain with The Unlicense license: ---------- This is free and unencumbered software released into the public domain. Anyone is free to copy, modify, publish, use, compile, sell, or distribute this software, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means. In jurisdictions that recognize copyright laws, the author or authors of this software dedicate any and all copyright interest in the software to the public domain. We make this dedication for the benefit of the public at large and to the detriment of our heirs and successors. We intend this dedication to be an overt act of relinquishment in perpetuity of all present and future rights to this software under copyright law. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. For more information, please refer to <https://unlicense.org> ----------
sign in to comment