curl - 如何使用 cURL 从亚马逊 S3 存储桶中删除文件

Question

我试图从托管在我客户的内部存储中的 s3 存储桶中删除一个文件s3.fidapp.org。我使用了下面的命令，但它没有用。我正在低于错误。

<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your Secret Access Key and signing method.</Message>

查找signingKey的脚本

function hmac_sha256 {key="$1"    
data="$2"    
echo -n "$data" | openssl dgst -sha256 -hmac "$key" -binary | base64| sed 
's/^.* //'}

secret="$1"    
date="$2"    
region="$3"    
service="$4"    
testaws4='AWS4'$secret

s1=$(echo -n $date | openssl sha256 -hmac AWS4$secret | sed 's/^.* //')    
s2=$(echo -n $region | openssl dgst -sha256 -mac HMAC -macopt hexkey:$s1 | 
   sed 's/^.* //')    
s3=$(echo -n $service | openssl dgst -sha256 -mac HMAC -macopt hexkey:$s2 | 
   sed 's/^.* //')    
signingkey=$(echo -n aws4_request | openssl dgst -sha256 -mac HMAC -macopt 
           hexkey:$s3 | sed 's/^.* //')

删除脚本

bucketName="test_bucket"    
accessKey="test-key"    
fileName="test.dat"    
Region="us-east-1"    
DateTime=`date -u +%Y%m%dT%H%M%SZ`    
Date=`date -u +%Y%m%d`    
SecretKey="**********************"    
HashKey=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

CRequest="DELETE\n/test_bucket/\n\nhost:s3.fidapp.org\nx-amz-content- 
          sha256:"$HashKey"\n\nx-amz-date:"$DateTime"\n\nhost;x-amz-content- 
          sha256;x-amz-date\n"$HashKey"\n"    
CRHkey=`echo -en $CRequest|openssl dgst -sha256| cut -d ' ' -f2` 
StringToSign="AWS4-HMAC-SHA256\n"$DateTime"\n"$Date"/us- 
      east-/s3/aws4_request\n"$CRHkey
SigningKey=`sh signing_key.sh $SecretKey $Date $Region s3`

echo -en $StringToSign | openssl dgst -sha256 -mac HMAC -macopt 
      hexkey:$SigningKey | sed 's/^.* //' |cut -d ' ' -f2 > Signature.txt    
cat Signature.txt

AuthorizationHeader="Authorization: AWS4-HMAC-SHA256 
Credential="$accessKey"/"$Date"/us-east-1/s3/aws4_request, 
SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature="`cat 
Signature.txt`

curl -X DELETE https://s3.fidapp.org//${bucketName}/${fileName}    
-H "$AuthorizationHeader"    
-H "host: s3.fidapp.org"    
-H "X-Amz-Content-SHA256: "$HashKey    
-H "X-Amz-Date: "$DateTime

我使用相同的命令将文件上传到 S3 存储桶，替换DELETE为PUT.

如果我遗漏任何内容或者我必须更改命令中的任何内容，请告诉我。