Darabonba Signature Utility

Common errors

• ModuleNotFoundError: No module named 'alibabacloud.darabonba.signature_util'

  cause Incorrect import path used; the Python module name does not directly match the PyPI package name structure.
  fix Change the import statement to `from alibabacloud_darabonba_signature_util_py.util import Darabonba_SignatureUtil`.

• TypeError: expected bytes, str found

  cause The signing functions (`get_h_macsha1`, `get_h_macsha256`) were called with `str` objects instead of `bytes` objects.
  fix Ensure all string inputs (string to sign, secret key) are converted to UTF-8 bytes using `bytes(my_string, 'utf-8')` before passing them to the signing functions.

Warnings

• gotcha The actual Python module name for imports (`alibabacloud_darabonba_signature_util_py`) differs from the PyPI package name (`alibabacloud-darabonba-signature-util`). Forgetting this can lead to `ModuleNotFoundError`.
  Fix: Always use `from alibabacloud_darabonba_signature_util_py.util import Darabonba_SignatureUtil`.
• gotcha Signing functions like `get_h_macsha1` and `get_h_macsha256` expect `bytes` objects for both the string to sign and the secret key, not standard Python `str` objects. Passing `str` will result in a `TypeError`.
  Fix: Convert strings to bytes using `bytes(my_string, 'utf-8')` before passing them to signing functions.
• gotcha This library provides low-level cryptographic primitives. It is primarily an internal component of the Alibaba Cloud SDK. Direct use by end-users for custom security implementations should be done with extreme caution, as incorrect usage of raw crypto can lead to severe security vulnerabilities.
  Fix: Prefer using higher-level SDK functions for authentication if available, or consult security experts if implementing custom signing logic.

Install

• pip install alibabacloud-darabonba-signature-util Install latest version

Imports

• Darabonba_SignatureUtil
  wrong:

  from alibabacloud.darabonba.signature_util import Darabonba_SignatureUtil

  correct:

  from alibabacloud_darabonba_signature_util_py.util import Darabonba_SignatureUtil

  The actual Python package name installed by pip (`alibabacloud-darabonba-signature-util`) provides the module `alibabacloud_darabonba_signature_util_py`.

Quickstart

This quickstart demonstrates how to use `Darabonba_SignatureUtil` to sign a string using HMAC-SHA1 and HMAC-SHA256, which are common requirements for authenticating requests to cloud services. It highlights the critical step of converting input strings to UTF-8 bytes before passing them to the signing functions, and then base64 encoding the resulting signature bytes.

import os
import base64
from alibabacloud_darabonba_signature_util_py.util import Darabonba_SignatureUtil

# These credentials would typically be loaded securely, e.g., from environment variables
access_key_id = os.environ.get("ALIBABA_CLOUD_ACCESS_KEY_ID", "YOUR_ACCESS_KEY_ID")
access_key_secret = os.environ.get("ALIBABA_CLOUD_ACCESS_KEY_SECRET", "YOUR_ACCESS_KEY_SECRET")

# Example string to sign, often a canonicalized HTTP request string
string_to_sign = "GET\n\n\n1442129102\n/oss/"

# The signing functions expect bytes, so convert strings to utf-8 bytes
try:
    signed_bytes_sha1 = Darabonba_SignatureUtil.get_h_macsha1(
        bytes(string_to_sign, 'utf-8'),
        bytes(access_key_secret, 'utf-8')
    )
    signature_sha1 = base64.b64encode(signed_bytes_sha1).decode('utf-8')

    signed_bytes_sha256 = Darabonba_SignatureUtil.get_h_macsha256(
        bytes(string_to_sign, 'utf-8'),
        bytes(access_key_secret, 'utf-8')
    )
    signature_sha256 = base64.b64encode(signed_bytes_sha256).decode('utf-8')

    print(f"String to Sign: '{string_to_sign}'")
    print(f"HMAC-SHA1 Signature (Base64 Encoded): {signature_sha1}")
    print(f"HMAC-SHA256 Signature (Base64 Encoded): {signature_sha256}")
except Exception as e:
    print(f"An error occurred: {e}")
    print("Please ensure ALIBABA_CLOUD_ACCESS_KEY_ID and ALIBABA_CLOUD_ACCESS_KEY_SECRET are set.")