The signing process is used to add authentication information to the requests sent to 3DS OUTSCALE in order to ensure their integrity and authenticity.
The creation of signatures is based on the Hash-based Message Authentication Code (HMAC) protocol, a mechanism for message authentication codes which involves cryptographic hash functions.
When you create requests to 3DS OUTSCALE manually, you need to sign your requests yourself. However, you do not need to sign your requests when you use tools such as the OUTSCALE Command Line Interface (OSC CLI), the AWS Command Line Interface (AWS CLI), or a Software Development Kit (SDK). These tools sign requests automatically with the access key that you specify when you configure them. For more information about OSC CLI and AWS CLI, see respectively Installing and Configuring OSC CLI and Installing and Configuring AWS CLI.
The signing process makes requests more secure as it provides the following:
To sign a request, you first need to use a cryptographic hash function (HMAC) to calculate a hash of the request. You then need to use the value of this hash, your secret key and other information to calculate another hash whose result is the signature. Finally, you add the signature to the request, either in the HTTP
Authorization header or as a value in the query string. In that last case, the signature is part of the URL, which becomes a pre-signed URL. For more information about the creation process of a signature, see the Creation of a Signature section below.
3DS OUTSCALE supports both Signature Version 2 and Signature Version 4. However, we recommend using Signature Version 4 for all OUTSCALE services.
A signature is calculated as follows:
After 3DS OUTSCALE receives the request, it recalculates the signature with the same information and the same hash function you used to sign your request. If the signature calculated by 3DS OUTSCALE matches yours, 3DS OUTSCALE processes the request. Otherwise, 3DS OUTSCALE denies the request.