RE: How to generate AWS Signature Version 4 in suitescript 2.0

Answered
Hi , Does anyone know how to calculate “aws signature version 4” in suitescript 2.0 . I have tried this code but the signing key appears to be wrong in binary format although it matches with python example provided by aws in hex format but binary format in python is different then suitescript which makes signature different in python(correct signature ) and suitescript 2.0 (Wrong signature).
function getSignatureKey(key, dateStamp, regionName, serviceName) {
var kDate = CryptoJS.HmacSHA256(dateStamp, "AWS4" + key);
var kRegion = CryptoJS.HmacSHA256(regionName, kDate);
var kService = CryptoJS.HmacSHA256(serviceName, kRegion);
var kSigning = CryptoJS.HmacSHA256("aws4_request", kService);
return kSigning;
}

signing_key = getSignatureKey(secret_key, datestamp, region, service); 

var signingsha256Data = CryptoJS.HmacSHA256(encodeURI(string_to_sign),signing_key); 

var signature= CryptoJS.enc.Hex.stringify(signingsha256Data); 


log.debug('Calculated signature is ',signature);
Ahmed Rookie Asked on November 14, 2020 in SuiteScript.
Add Comment
1 Answers
Best answer

Hi Ahmed,

I’ve just run your code in JSFiddle and used the parameters from this page to verify the output:

https://docs.aws.amazon.com/general/latest/gr/sigv4-calculate-signature.html

Here’s the code and it all seems to stack up fine with the expected output:

function getSignatureKey(key, dateStamp, regionName, serviceName) {
  var kDate = CryptoJS.HmacSHA256(dateStamp, "AWS4" + key);
  var kRegion = CryptoJS.HmacSHA256(regionName, kDate);
  var kService = CryptoJS.HmacSHA256(serviceName, kRegion);
  var kSigning = CryptoJS.HmacSHA256("aws4_request", kService);
 
  return kSigning;
}
 
var signing_key = getSignatureKey('wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY', '20150830', 'us-east-1', 'iam');
console.log('Calculated signing key is: ', signing_key.toString(CryptoJS.enc.Hex));
// Output : c4afb1cc5771d871763a393e44b703571b55cc28424d1a5e86da6ed3c154a4b9
 
var string_to_sign = 'AWS4-HMAC-SHA256\n20150830T123600Z\n20150830/us-east1/iam/aws4_request\nf536975d06c0309214f805bb90ccff089219ecd68b2577efef23edd43b7e1a59'
 
var signature = CryptoJS.HmacSHA256(string_to_sign, signing_key).toString(CryptoJS.enc.Hex);
console.log('Calculated signature is: ', signature.toString(CryptoJS.enc.Hex));
// Output : 5d672d79c15b13162d9279b0855cfba6789a8edb4c82c400e06b5924a6f2b5d7

Are you seeing something different that this?

Thanks,

Chris

Intermediate Answered on November 16, 2020.
Add Comment

Your Answer

By posting your answer, you agree to the privacy policy and terms of service.