0 
String stringToSign = "GET" + "\n" +
                    "webservices.amazon.com" + "\n" +
                    "/onca/xml" + "\n" +
                    "AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&ItemId=0679722769&Operation=ItemLookup&ResponeGroup=ItemAttributes%2COffers%2CImages%2CReviews&Service=AWSECommerceService&Timestamp=2009-01-01T12%3A00%3A00Z&Version=2009-01-06";


    SecretKeySpec keySpec = new SecretKeySpec(
            "1234567890".getBytes(),
            "HmacSHA256");

    Mac mac = Mac.getInstance("HmacSHA256");
    mac.init(keySpec);


    byte[] result = mac.doFinal(stringToSign.getBytes());
    String encodedResult = Base64.encodeBase64String(result);
    System.out.println("encodedResult: "+encodedResult);

    String urlEncodedResult = URLEncoder.encode(encodedResult, "UTF-8").replace("+", "%2B").replace("*", "%2A").replace("%7E", "~");
    System.out.println("ulrEncodedResult: "+urlEncodedResult);

这是针对 AWS 的 REST 身份验证。我得到的结果是: ulrEncodedResult: k1T%2FqvVoXgEvmdFhTEh71vLDznqEVCyKcslA5RRSB6s%3D

预期的结果是:ulrEncodedResult: M%2Fy0%2BEAFFGaUAp4bWv%2FWEuXYah99pVsxvqtAuC8YN7I%3D

验证的所有确切步骤都显示在这里:http ://docs.aws.amazon.com/AWSECommerceService/2011-08-01/DG/rest-signature.html

谁能发现我犯的错误?

4

1 回答 1

0

一个问题是:

"1234567890".getBytes()

和这个

stringToSign.getBytes()

不要指定使用的字符编码(例如 UTF8)。这将取决于您的平台或 JVM 设置,这可能与您想要的不同(我怀疑是 UTF8)。我更喜欢使用getBytes(CharSet)变体。

于 2013-07-03T09:15:33.647 回答