I would like to authenticate my S3 requests using this method. For this purpose I have adapted scripts presented here. Here is how it looks like:

#!/bin/sh
file="$2"
bucket="$1"
resource="/${bucket}/${file}"
contentType="$3"
dateValue="`date +'%a, %d %b %Y %H:%M:%S %z'`"
stringToSign="GET\n\n${contentType}\n${dateValue}\n${resource}"
s3Key="$AWS_ACCESS_KEY"
s3Secret="$AWS_SECRET_ACCESS_KEY"
signature=`/bin/echo -en "$stringToSign" | openssl sha1 -hmac ${s3Secret} -binary | base64`
curl -v -H "Host: ${bucket}.s3.amazonaws.com" -H "Date: ${dateValue}" -H "Content-Type: ${contentType}" -H "Authorization: AWS ${s3Key}:${signature}" https://${bucket}.s3.amazonaws.com/${file} 

My file permissions are like this:

and file content type is:

Here is how do I call my script:

./getfile1.sh tmp666 7b5879dd9b894f7fc5a14b895f01abd1.png image/png

Unfortunately I am getting SignatureDoesNotMatch error although StringToSign returned by AWS is matching mine:

<StringToSign>GET

image/png
Wed, 28 Sep 2016 12:46:14 +0200
/tmp666/7b5879dd9b894f7fc5a14b895f01abd1.png</StringToSign>

My IAM user has admin permissions. What am I doing wrong? I have spent half of day trying to solve it and feel powerless.