OK... so I'm almost all the way through the AWS example... I have the hashes calculated correctly with QC3CALCULATEHASH()
I'm having trouble with QC3CALCULATEHMAC() and getting the same result as in the Example.
https://docs.aws.amazon.com/general/latest/gr/sigv4-calculate-signature.html

I have set both prototypes up to do the EBCDIC to ASCII conversion by specifying CCSID(819) on the prototype.
However, I'm having trouble understanding this section of the AWS documentation (specifically the "returns output in binary" part) of creating a signing key.

Do I need to convert each HMAC result to "binary" before the next call? If so, how can someone tell me how to do that?

-- from the webpage above ---
Use the digest (binary format) for the key derivation. Most languages have functions to compute either a binary format hash, commonly called a digest, or a hex-encoded hash, called a hexdigest. The key derivation requires that you use a binary-formatted digest.

The following example show the inputs to derive a signing key and the resulting output, where kSecret = wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY.

HMAC(HMAC(HMAC(HMAC("AWS4" + kSecret,"20150830"),"us-east-1"),"iam"),"aws4_request")

AWS signingKey should be:
c4afb1cc5771d871763a393e44b703571b55cc28424d1a5e86da6ed3c154a4b9

My test code looks like this:

clientSecret = 'wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY'

signingKey =
CalculateHMAC(
CalculateHMAC(
CalculateHMAC(
CalculateHMAC('AWS4'+ clientSecret: '20150830'))
:'us-east-1' )
:'iam' )
:'aws4_request' );

I am not getting the same result.


-----Original Message-----
From: RPG400-L <rpg400-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Greg Wilburn
Sent: Thursday, July 7, 2022 1:37 PM
To: RPG programming on IBM i <rpg400-l@xxxxxxxxxxxxxxxxxx>
Subject: [EXTERNAL] Signing AWS Requests with Signature Version 4

Has anyone accomplished this within RPG?
https://docs.aws.amazon.com/general/latest/gr/sigv4_signing.html

This is necessary for making requests to AWS APIs, and is a precursor to accessing the Selling Partner API endpoints.
I am currently trudging through it, but would rather not "re-invent the wheel" if I don't have to.

TIA,
Greg
[Logo]<https://www.totalbizfulfillment.com/> Greg Wilburn
Director of IT
301.895.3792 ext. 1231
301.895.3895 direct
gwilburn@xxxxxxxxxxxxxxxxxxxxxxx<mailto:gwilburn@xxxxxxxxxxxxxxxxxxxxxxx>
1 Corporate Dr
Grantsville, MD 21536
www.totalbizfulfillment.com<http://www.totalbizfulfillment.com>
--
This is the RPG programming on IBM i (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/rpg400-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related questions.

Help support midrange.com by shopping at amazon.com with our affiliate link: https://amazon.midrange.com



[CAUTION! This email originated outside of the organization. Please do not open attachments or click links from an unknown or suspicious origin.]


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.