Using Digital Ocean Spaces and/or AWS S3 in Livecode

[AlexM_Cogapp]

Does anyone have any experience using Digital Ocean Spaces in Livecode (or AWS S3)?

I would like to use this online storage service (or something similar) for a project but the authentication protocol of the API relies on SHA256 and HMAC encodings. What is needed is described in pseudo-code below.

I can't work out how to do this in Livecode.

Any help would be much appreciated.

******

canonicalRequest = `
${HTTPMethod}\n
${canonicalURI}\n
${canonicalQueryString}\n
${canonicalHeaders}\n
${signedHeaders}\n
${hashedPayload}
`

stringToSign = "AWS4-HMAC-SHA256" + "\n" +
date(format=ISO08601) + "\n" +
date(format=YYYYMMDD) + "/" + ${REGION} + "/" + "s3/aws4_request" + "\n" +
Hex(SHA256Hash(canonicalRequest))

dateKey = HMAC-SHA256("AWS4" + ${SECRET_KEY}, date(format=YYYYMMDD))
dateRegionKey = HMAC-SHA256(dateKey, ${REGION})
dateRegionServiceKey = HMAC-SHA256(dateRegionKey, "s3")
signingKey = HMAC-SHA256(dateRegionServiceKey, "aws4_request")

signature = Hex(HMAC-SHA256(signingKey, stringToSign))

[isabellspivey]

Hello,
Each HMAC step must use the binary output of the previous step, not hex.

Example (signing key chain):

Code: Select all

put "AWS4" & tSecretKey into tKey
put hash(tDate, tKey, "SHA256") into tDateKey
put hash(tRegion, tDateKey, "SHA256") into tRegionKey
put hash("s3", tRegionKey, "SHA256") into tServiceKey
put hash("aws4_request", tServiceKey, "SHA256") into tSigningKey

Then:

Code: Select all

put hash(tStringToSign, tSigningKey, "SHA256") into tSig
put toLower(binaryEncode("H*", tSig)) into tSignature