API Query results error "The request signature we calculated does not match the signature you provided"

Question

I am doing EC2 API query and facing error "The request signature we calculated does not match the signature you provided."

The fact is that i have taken care of everything in EC2 documentation (SignatureVersion 2) but still i am facing this error and cant figure out the problem.

Here are details:

1) signin string:

s="""GET\n
ec2.amazonaws.com\n
/\n   
AWSAccessKeyId=access_id&Action=DescribeSecurityGroups&SignatureMethod=HmacSHA256   
&SignatureVersion=2&Timestamp=2013-10-06T14%3A15%3A30&Version=2013-08-15"""

2) Python code to generate Signature:

#!/bin/env python2.7

import hmac
import hashlib
import base64

s="""GET\n
ec2.amazonaws.com\n
/\n
AWSAccessKeyId=acces_id&Action=DescribeSecurityGroups&
SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2013-10-  
06T14%3A15%3A30&Version=2013-08-15"""

signature=base64.b64encode(hmac.new("secret_key_id", msg=s,  
digestmod=hashlib.sha256).digest())
print(signature)

3) browser request:

https://ec2.amazonaws.com/?AWSAccessKeyId=access_id&Action=DescribeSecurityGroups&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2013-10-06T14%3A15%3A30&Version=2013-08-15&Signature=cccccccccccccccccc

Thanks

Answer 1

You need to URL encode the base-64 string:

>>> import urllib
>>> urllib.quote('4kvPV1bHGaayNg4u6OfiQh6U5IcI8wiJY+YBZddkI0c=')
'4kvPV1bHGaayNg4u6OfiQh6U5IcI8wiJY%2BYBZddkI0c%3D'