我必须使用aws kms加密来加密用户表数据,我已经重新考虑以下代码对我不起作用,抛出错误'请求中包含的安全令牌无效。 AWS HTTP错误:客户端错误:POST https://kms.us-east-1.amazonaws.com
导致400 Bad Request
响应:'有人可以帮助我吗?
我的代码是
<?php
use Aws\Kms\KmsClient;
// Somewhere in the controller or model
$this->load->config('aws');
// Not needed for EC2 instance role based authorization - for my local instance only
$key = $this->config->item('aws_s3_access_key');
$secret = $this->config->item('aws_s3_secret_key');
$orig = 'encrypt me please...';
$cryptic = 'CiD/AT9S0xQbpFXHDdw7Mq42htuEVj0vwvZzfR+9GRZCahKbAQEBAgB4/wE/UtMUG6RVxw3cOzKuNobbhFY9L8L2c30fvRkWQmoAAAByMHAGCSqGSIb3DQEHBqBjMGECAQAwXAYJKoZIhvcNAQcBMB4GCWCGSAFlAwQBLjARBAxvNDVWPh6W4STdWakCARCAL/nzjIDZ8uQWAMWI1VBoNPt+TCe9qZMMbY1d1PnVjlJGa/BcVdAyN9KruzEOcFl6';
// Testing the encrypt and decrypt cycle
$kms = KmsClient::factory([
'credentials' => [
'key' => $key,
'secret' => $secret,
],
'region' => 'us-east-1',
]);
// Encrypt - should match $cryptic
$result = $kms->encrypt([
'KeyId' => 'alias/argus-db-crypt-local',
'Plaintext' => $orig,
]);
var_dump(base64_encode($result->get('CiphertextBlob')));
// Decrypt - should match $orig
$result = $kms->decrypt([
'CiphertextBlob' => base64_decode($cryptic),
]);
var_dump($result->get('Plaintext'));
您必须使用不正确的ACCESS / SECRET密钥对。
尝试转到帐户页面上的安全凭据:点击右上角的名称 - >我的安全凭据
然后在那里生成访问密钥并在.env
文件中使用这些访问密钥