Got it. It's super stupid. The key they give to feed the HMAC-SHA256 is actually a base64 string that needs to be decoded. It's not mentionned in the docs and I missed the constructor of the Signer in Ruby:
# Public: Initialize the Signer. # # access_key - The access_key encoded in Base64. Defaults to the one # in the global configuration. def initialize(access_key=Azure.config.storage_access_key) @access_key = Base64.strict_decode64(access_key) end Tests are passing now :) Thanks for your patience Sven! On Thu, Jun 19, 2014 at 4:01 PM, Sven Van Caekenberghe <s...@stfx.eu> wrote: > > On 19 Jun 2014, at 15:52, François Stephany <tulipe.mouta...@gmail.com> > wrote: > > > > > > > > > You might want to have a look at the code in Zinc-AWS (group AWS in > ConfigurationOfZincHTTPComponents), in particular ZnAWSS3Client and > ZnAWSS3RequestSignatureTool - it is using similar request signing but does > HMAC-SHA1. > > > > > > Thanks! I wasn't aware of the existence of ZnAWS. > > > Actually, i'm currently using the HMAC-SHA256 implementation of the > CloudFork. > > > > Is that an all Smalltalk implementation ? > > Because it would be really good to have SHA256 in the image. > > > > Yes it is. The class comment says: > > > > " > > > http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf > This class represnets the implementation of CFSHA256 as describied above. > > Please direct questions or comments about this implementation to Ron > Teitelbaum: r...@usmedrec.com > > This code was extensively coppied from SHA1 by Luciano Notarfrancesco > lnotarfrance...@yahoo.com > > " > > > > It seems to work for AWS, I wonder what I'm doing wrong here... > > You have to be 100% sure that the SHA256, HMAC-SHA256 code works (as > opposed to the SHA1, HMAC-SHA1 code) then you absolutely need examples: a > known canonical string and keys with a Base64 signature output. Start by > making sure you can replicate this in your reference implementation (Ruby, > Java, C#) and then start to go to Pharo. > > Look *very* carefully at each element of the canonical string, one letter > difference, one header, punctuation, whitespace, case, date or time format > difference will break the whole thing - that is the point of being a > signature. > > >
