Weird item used by server in string to sign. Can someone help.


  • After more than a year I end up in signature issue.. :(

    I believed get blob used to use following string to sign.. But clearly not.

    'GET\n\n\n\n\n\n\n\n\n\n\n\nx-ms-date:Sun, 09 Jun 2013 19:53:43 GMT\nx-ms-version:2011-08-18\n/myaccount/752758aa-383b-4553-8bd5-23c5e9942e49gps.txt'.

    What does this item represent in the below -> 0x8D032935C56C8DE or 0x8D032940C786C05.

    • Its for Get Blob request through simple http protocols.
    • Also worst thing is the first time I send a request, it works and then on it fails.

    Sample Error 1 - The MAC signature found in the HTTP request '4mcVWHx49zVUuf9lepz/iaiNm+NI9SzsUwRtasuEF9o=' is not the same as any computed signature. Server used following string to sign: 'GET\n\n\n\n\n\n\nSat, 08 Jun 2013 19:13:15 GMT\n\n\"0x8D032935C56C8DE\"\n\n\nx-ms-date:Sun, 09 Jun 2013 20:56:04 GMT\nx-ms-version:2011-08-18\n/myaccount/752758aa-383b-4553-8bd5-23c5e9942e49gps.txt'.

    Sample Error 2 - 'GET\n\n\n\n\n\n\nSat, 08 Jun 2013 19:18:10 GMT\n\n\"0x8D032940C786C05\"\n\n\nx-ms-date:Sun, 09 Jun 2013 20:47:55 GMT\nx-ms-version:2011-08-18\n/myaccount/e7a21b65-6f0d-4ac8-8cc6-05d9954093d6gps.txt'


    Sunday, June 09, 2013 9:12 PM


  • The "weird" item you've mentioned is the "ETag" value for the blob. If you look at the documentation for creating signature string here, it follows the following pattern:

    StringToSign = VERB + "\n" +
                   Content-Encoding + "\n"
                   Content-Language + "\n"
                   Content-Length + "\n"
                   Content-MD5 + "\n" +
                   Content-Type + "\n" +
                   Date + "\n" +
                   If-Modified-Since + "\n"
                   If-Match + "\n"
                   If-None-Match + "\n"
                   If-Unmodified-Since + "\n"
                   Range + "\n"
                   CanonicalizedHeaders + 

    Can you please ensure that you're passing any conditional headers ("If-Match" or "If-None-Match") as one of your request headers. If you're passing them, then you would need to include those in your signature calculation as well.

    Hope this helps.

    Monday, June 10, 2013 3:12 AM