How can I generate the HMAC signature required to send Amazon SES email over HTTP?

I am using Amazon SAS to send email over HTTP post, for example:

https://email.us-east-1.amazonaws.com/?Action=SendEmail&Source=user%40example.com&Destination.ToAddresses.member.1=allan%40example.com&Message.Subject.Data=This%20is%20the%20subject%20line.&Message.Body.Text.Data=Hello.%20I%20hope%20you%20are%20having%20a%20good%20day.

      

However, in the HTTP header, it asks for X-Amzn-Authorization, which consists of:

X-Amzn-Authorization: AWS3-HTTPS AWSAccessKeyId=<Your AWS Access Key ID>, Algorithm=HmacSHA256, Signature=<Signature>

      

I was wondering how to calculate the signature? Is this just my secret passkey?

A shown here on Amazon's documentation site .

+3


source to share


1 answer


NO - secret access key secret for a reason. Never transmit it over the wire, otherwise you will give anyone sniffing it full access to your AWS account - they can use it to turn off all your gaze, remove all S3 Buckets - everything.

The signature is a "Signed Request". you take the content of the request and create a hash key hash for message hashing (HMAC) using your secret as the hash key. Since your secret key is only known to you and Amazon, when amazon receives a request, they will also accept the content of your request and hash it based on your private key - if they receive the same hash as your signed request, then they know the request is not tampered with ... If they are different from each other, the request could be maliciously forged or compromised, so they will reject it.



More details here: https://www.jokecamp.com/blog/examples-of-creating-base64-hashes-using-hmac-sha256-in-different-languages/

Including code for calculating HMAC.

+4


source







All Articles