How to Calculate an RFC 2104-compliant HMAC for AWS signature version 2 using pure Bash and OpenSSL

Here is a way to Calculate an RFC 2104-compliant HMAC for AWS signature version 2 :

echo -en "The string to be signed" | openssl dgst -sha256 -hmac YourSecretKey -binary | openssl enc -base64

"The string to be signed" has to be defined following AWS instructions : http://docs.amazonwebservices.com/AWSEC2/latest/UserGuide/

"The string to be signed" must be URLEncoded
ScratchPad here : http://meyerweb.com/eric/tools/dencoder/

If you don't have the "-hmac" option with OpenSSL, it means your openssl is too old : "openssl version" should tell you

You can install a newer OpenSSL with something like :

cd /usr/local/src/
wget http://www.openssl.org/source/openssl-0.9.8k.tar.gz
tar xvzf openssl-0.9.8k.tar.gz
cd openssl-0.9.8k
./config --prefix=/usr/local
make
make install
export PATH=/usr/local/bin:$PATH

Be really carefull to use "echo -n" or you would have a trailing newline charactere that would
mess up the StringToSign

Use "echo -e" with "\n" if you need to sign a string with ASCII newline

I was looking for a way to do that in pure Bash for a while;

No Perl, No Python ... just Bash

Hope this help