https://stackoverflow.com/questions/21586322
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianThere are inherent flaws to sha-1 but they don't carry over to hmac-sha-1, so there's no need to worry.
That being said, I actually did find the documentation you were looking for here.
More secure S3 URLs
-
07-10-2022 - |
Frage
I am currently following Amazon's documentation to sign S3 URL's for download. Using hmac-sha1 is good but I want something more secure since there are inherent flaws as of 2010. Also, it is good marketing too to use strong encryption. I KNOW that others are using 256-bit encryption when signing their URLs. I too would like to use sha256 or sha512, but it seems like Amazon's docs don't tell you how this is possible. They only reference hmac-sha1 (which I'm currently using w/ succcess).
Signature = URL-Encode( Base64( HMAC-SHA1( YourSecretAccessKeyID, UTF-8-Encoding-Of( StringToSign ) ) ) );
How would I go about using something more secure?
Thanks
Lösung
Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow
