Accessing Azure blob storage using bash, curl
I was able to get it working.There were two things wrong with this code, the first, as Patrick Park noted, was replacing the echo -n
with printf
. The second was replacing the sed
magic with the -binary
option on openssl.
Compare the original:
signature=$(echo -n "$string_to_sign" | openssl dgst -sha256 -mac HMAC -macopt "hexkey:$decoded_hex_key" -binary | sed 's/^.*= //' | base64 -w0)
with the fixed:
signature=$(printf "$string_to_sign" | openssl dgst -sha256 -mac HMAC -macopt "hexkey:$decoded_hex_key" -binary | base64 -w0)
The echo change is needed because echo -n
will not convert the \n
into actual newlines.
The -binary
change is needed because even though you are stripping off the bad part, openssl was still outputting the signature in ascii-encoded-hex, not in binary. So after it was passed to base64
, the result was the b64 encoded version of the hex representation, instead of the raw value.
Looking at the REST API documentation and your code above, I believe there's an issue with the way you're constructing canonicalized_resource
string. You're missing the query parameters in that string. Your canonicalized_resource
string should be:
canonicalized_resource="/${storage_account}/${container_name}\ncomp:list\nrestype:container"