The MAC signature found in the HTTP request '…' is not the same as any computed signature

Question

I\'m sending the following request in Postman to retrieve a simple .jpg from Azure Blob storage at this URL https://steamo.blob.core.windows.net/testcontainer/dog.jpg

<

Answer 1

Authentication for Azure Storage is not simply a matter of providing the access key (that is not very secure). You need to create a signature string that represents the given request, sign the string with the HMAC-SHA256 algorithm (using your storage key to sign), and encode the result in base 64. See https://msdn.microsoft.com/en-us/library/azure/dd179428.aspx for full details, including how to construct the signature string.

Answer 2

Just got this working, here's my code:

string signWithAccountKey(string stringToSign, string accountKey)
{
    var hmacsha = new System.Security.Cryptography.HMACSHA256();
    hmacsha.Key = Convert.FromBase64String(accountKey);
    var signature = hmacsha.ComputeHash(Encoding.UTF8.GetBytes(stringToSign));
    return Convert.ToBase64String(signature);
}