I was trying to delete a file from s3 bucket which is hosted in my client's in-house storage s3.fidapp.org. I used below command but it didn't work. I'm getting below error.
<Error><Code>SignatureDoesNotMatch</Code><Message>The request signature we calculated does not match the signature you provided. Check your Secret Access Key and signing method.</Message>
Script to find signingKey
function hmac_sha256 {key="$1"
data="$2"
echo -n "$data" | openssl dgst -sha256 -hmac "$key" -binary | base64| sed
's/^.* //'}
secret="$1"
date="$2"
region="$3"
service="$4"
testaws4='AWS4'$secret
s1=$(echo -n $date | openssl sha256 -hmac AWS4$secret | sed 's/^.* //')
s2=$(echo -n $region | openssl dgst -sha256 -mac HMAC -macopt hexkey:$s1 |
sed 's/^.* //')
s3=$(echo -n $service | openssl dgst -sha256 -mac HMAC -macopt hexkey:$s2 |
sed 's/^.* //')
signingkey=$(echo -n aws4_request | openssl dgst -sha256 -mac HMAC -macopt
hexkey:$s3 | sed 's/^.* //')
Delete Script
bucketName="test_bucket"
accessKey="test-key"
fileName="test.dat"
Region="us-east-1"
DateTime=`date -u +%Y%m%dT%H%M%SZ`
Date=`date -u +%Y%m%d`
SecretKey="**********************"
HashKey=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
CRequest="DELETE\n/test_bucket/\n\nhost:s3.fidapp.org\nx-amz-content-
sha256:"$HashKey"\n\nx-amz-date:"$DateTime"\n\nhost;x-amz-content-
sha256;x-amz-date\n"$HashKey"\n"
CRHkey=`echo -en $CRequest|openssl dgst -sha256| cut -d ' ' -f2`
StringToSign="AWS4-HMAC-SHA256\n"$DateTime"\n"$Date"/us-
east-/s3/aws4_request\n"$CRHkey
SigningKey=`sh signing_key.sh $SecretKey $Date $Region s3`
echo -en $StringToSign | openssl dgst -sha256 -mac HMAC -macopt
hexkey:$SigningKey | sed 's/^.* //' |cut -d ' ' -f2 > Signature.txt
cat Signature.txt
AuthorizationHeader="Authorization: AWS4-HMAC-SHA256
Credential="$accessKey"/"$Date"/us-east-1/s3/aws4_request,
SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature="`cat
Signature.txt`
curl -X DELETE https://s3.fidapp.org//${bucketName}/${fileName}
-H "$AuthorizationHeader"
-H "host: s3.fidapp.org"
-H "X-Amz-Content-SHA256: "$HashKey
-H "X-Amz-Date: "$DateTime
I used same command to upload a file to S3 bucket by replacing DELETE with PUT.
Please let me know if I'm missing anything or I have to change anything in the command.
Error code SignatureDoesNotMatch generally comes when the signature we calculate and provide in our curl does not match with the corresponding matching signature prepared by S3 or Minio server based upon the headers we provide. Please make sure the headers provided in curl command match the content you have in your signature.
Also, in the URL which you have provided in your curl delete request, there seems to be an extra '/' after https://s3.fidapp.org/.