我正在运行的命令序列是:
$ aws kms sign --key-id 29245e92-1763-4369-871b-d8646e23c40a --message "Hello world!" --signing-algorithm RSASSA_PSS_SHA_256
{
"KeyId": "arn:aws:kms:eu-west-2:445875827267:key/29245e92-1763-4369-871b-d8646e23c40a",
"Signature": "T8eYRCTFuigdnHCuYytLscu9EGcdg9UJupPwVB1F3vEENgnkQR37ZPbn5nPr6CTahX+AXTXLFXf8trxRHKoy8997vfuyMaH3RwhFYBDJiAYdJQeBWSyqw5TIwOAnjAYNwJHuX2N8RY2+yKA1vHARNtOiHUesrc/+6eMbaf+ZTJEhY3aIuThW3cjCjnWSoaC44NIMuXfTOVMBhfoKuMW+IZSjH4cCxgj1MaR2sumnCwRW6irTRQOo/NBaxV/8NUWO9RMavDyFpeoxotNGFK0MNhbia4wkady5Dw0orWZSMI30kly66I5ubu+wVgX14GLIiSZofd9Y7RzHmvxL2MTxiQ==",
"SigningAlgorithm": "RSASSA_PSS_SHA_256"
}
$ aws kms verify --key-id 29245e92-1763-4369-871b-d8646e23c40a --message "Hello world!" --signature T8eYRCTFuigdnHCuYytLscu9EGcdg9UJupPwVB1F3vEENgnkQR37ZPbn5nPr6CTahX+AXTXLFXf8trxRHKoy8997vfuyMaH3RwhFYBDJiAYdJQeBWSyqw5TIwOAnjAYNwJHuX2N8RY2+yKA1vHARNtOiHUesrc/+6eMbaf+ZTJEhY3aIuThW3cjCjnWSoaC44NIMuXfTOVMBhfoKuMW+IZSjH4cCxgj1MaR2sumnCwRW6irTRQOo/NBaxV/8NUWO9RMavDyFpeoxotNGFK0MNhbia4wkady5Dw0orWZSMI30kly66I5ubu+wVgX14GLIiSZofd9Y7RzHmvxL2MTxiQ== --signing-algorithm RSASSA_PSS_SHA_256
An error occurred (KMSInvalidSignatureException) when calling the Verify operation:
这肯定行得通吗?我在这里错过了什么?
从Anon的注释中解决,除非需要使用fileb://:例如
$aws kms verify --key-id 29245e92-1763-4369-871b-d8646e23c40a --message "Hello world!" --signature fileb://raw.sig --signing-algorithm RSASSA_PSS_SHA_256
{
"KeyId": "arn:aws:kms:eu-west-2:445875827267:key/29245e92-1763-4369-871b-d8646e23c40a",
"SignatureValid": true,
"SigningAlgorithm": "RSASSA_PSS_SHA_256"
}