我能够让它工作.这段代码有两个问题，第一，正如帕特里克帕克指出的那样，用 printf 替换了 echo -n.第二个是用 openssl 上的 -binary 选项替换 sed 魔法.

I was able to get it working. There were two things wrong with this code, the first, as Patrick Park noted, was replacing the echo -n with printf. The second was replacing the sed magic with the -binary option on openssl.

对比原文:

signature=$(echo -n "$string_to_sign" | openssl dgst -sha256 -mac HMAC -macopt "hexkey:$decoded_hex_key" -binary | sed 's/^.*= //' | base64 -w0)

固定:

signature=$(printf "$string_to_sign" | openssl dgst -sha256 -mac HMAC -macopt "hexkey:$decoded_hex_key" -binary |  base64 -w0)

需要更改 echo，因为 echo -n 不会将 转换为实际的换行符.

The echo change is needed because echo -n will not convert the into actual newlines.

-binary 更改是必需的，因为即使您剥离了坏部分，openssl 仍然以 ascii-encoded-hex 格式输出签名，而不是二进制格式.因此，在将其传递给 base64 之后，结果是十六进制表示的 b64 编码版本，而不是原始值.

The -binary change is needed because even though you are stripping off the bad part, openssl was still outputting the signature in ascii-encoded-hex, not in binary. So after it was passed to base64, the result was the b64 encoded version of the hex representation, instead of the raw value.