AJFMEDIA
AJFMEDIA

Reputation: 2123

The request signature we calculated does not match AMAZON AWS PHP

I have looked at most samples of code based on this issue on stack overflow but I still cant get the request to work. I keep getting this error:

<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.

Here is my code:

$access_key = "ACCESS_KEY";
$associateTag = "AOSSOCIATE_TAG";
$secretkey = "SECRET_KEY";
$keywords = "harry%20potter";
$timestamp = gmdate("Y-m-d\TH:i:s\Z");
$operation = "AWSECommerceService";

function createSignature($operation,$timestamp,$secretkey){
    $the_string=$operation.$timestamp;  
    return base64_encode(hash_hmac("sha256",$the_string,$secretkey,true));
}

$signature = createSignature ($operation,$timestamp,$secretkey);

$APIcall = 
"http://ecs.amazonaws.com/onca/xml?".
"AWSAccessKeyId=$access_key&".
"AssociateTag=$associateTag&".
"BrowseNode=1000&".
"ItemPage=1&".
"Keywords=$keywords&".
"Operation=ItemSearch&".
"ResponseGroup=Medium&".
"SearchIndex=Books&".
"Service=AWSECommerceService&".
"Timestamp=$timestamp&".
"Version=2011-08-01&".
"Signature=$signature";

$response = simplexml_load_file($APIcall);

Can anyone help?

Upvotes: 1

Views: 4690

Answers (3)

MartinJH
MartinJH

Reputation: 2609

When I typed in my credentials by hand, I got the same error a couple of times.

Then I tried Console for Windows so I could copy/paste my credentials. This removed the error message. Either I sucked at typing, or sucked at reading.

Long story short: Don't type by hand, copy and past credentials to avoid typos.

EDIT: My problem was when trying to add my credentials via EB CLIx3.

Upvotes: 0

Omiga
Omiga

Reputation: 581

I had this issue long time and it worked for me with this code :

require_once 'Crypt/HMAC.php';
require_once 'HTTP/Request.php';

$keyId = "adasdasd";
$secretKey = "asdasdasdasdasd+";

function hex2b64($str) {
    $raw = '';
    for ($i=0; $i < strlen($str); $i+=2) {
    $raw .= chr(hexdec(substr($str, $i, 2)));
    }
    return base64_encode($raw);
}

function constructSig($str) {
    global $secretKey;
    $str = utf8_encode($str);   
    $secretKey = utf8_encode($secretKey);   
    $hasher =& new Crypt_HMAC($secretKey, "sha1");
    $signature = hex2b64($hasher->hash($str));      
    return ($signature);
} 


 $expire = time()+1000;
 $resource = "/demo/files/clouds.jpg";
 $date = gmdate("D, d M Y G:i:s T");
 $mime = "image/jpeg";

 $stringToSign = "PUT\n";
 $stringToSign .= "\n";
 $stringToSign .= "$mime\n"; 
 $stringToSign .= "$date\n";
 $stringToSign .= $resource;
 $req =& new HTTP_Request("http://nameofmine.s3.amazonaws.com/files/clouds.jpg");
 $req->setMethod("PUT"); 
 $req->addHeader("Date",$date);
 $req->addHeader("Authorization", "AWS " . $keyId . ":" . constructSig($stringToSign));
 $req->addHeader("Content-Type",$mime);  
 $req->setBody(file_get_contents($file_path));
 $req->sendRequest();
 $responseCode = $req->getResponseCode();
 $responseString = $req->getResponseBody();
 echo $responseCode;

As you see you have to use Crypto, HTTP pear plugins

Upvotes: 2

tix3
tix3

Reputation: 1152

The function seems ok (it is the same as the one used in amazon AWS SDK) so make sure that there is no whitespace in front or after the copied key.

Upvotes: 0

Related Questions