I have been able to use OpenSSL to construct/validate each stage of the signing process. Here is what I have. Hope it's useful to others.

**************************************************************************************


Other version of OpenSSL might not work. Only tested with OpenSSL 1.0.1 14 Mar 2012 in Ubuntu and OpenSSL 1.0.1e 11 Feb 2013 in Cygwin

Partner ID: Test
creationRequestId: Test001
AWS Access Key: fake-aws-key
AWS Secret Key: fake-secret-key
Timestamp: 20140205T171524Z


kSecret: 4157533466616b652d7365637265742d6b6579
kDate: 41b8dd5e0d1716ba90401d46b58b12d500accdd2ea9c2b22a2d275946c9d978e
kRegion: 7b47360ce7afbe1b839e0b0e55834df99979a5414bc7f846b17c9374d230d45d
kService: 68136b0a64b2d01c8934370288b46500243645e468f521503e0d1fa73526d409
kSigning: 27cb9f5b991c2933f5faae716e99bd50c66a45811b1424128269312bdd570dff


http://docs.aws.amazon.com/general/latest/gr/signature-v4-test-suite.html


Output generated by OpenSSL command
===================================

########## payload ########## (Step A6.2)



Method 1
========
echo -n "<CreateGiftCardRequest><creationRequestId>Test001</creationRequestId><partnerId>Test</partnerId><value><currencyCode>USD</currencyCode><amount>10</amount></value></CreateGiftCardRequest>"  | openssl dgst -sha256



Output = 50bf24a091a7463bb4a2661f93a7299c94774bc81f9fddf02af2925922b869dc

########## Hashed Canonical Request ########## (Step A8)



Method 1
========
echo -n "POST
/CreateGiftCard

accept:charset=UTF-8
content-type:charset=UTF-8
host:agcod-v2-gamma.amazon.com
x-amz-date:20140205T171524Z
x-amz-target:com.amazonaws.agcod.AGCODService.CreateGiftCard

accept;content-type;host;x-amz-date;x-amz-target
50bf24a091a7463bb4a2661f93a7299c94774bc81f9fddf02af2925922b869dc"  | openssl dgst -sha256


Output = 7d9f2765e4f23e85d3dce4ae264dac4f784c152f3746aff45ac7f3afd7fad649


########## kSecret ########## (Step C1.1)



Method 1
========
echo -n "AWS4fake-secret-key" | xxd -c 256 -ps


Output = 4157533466616b652d7365637265742d6b6579

########## kDate ########## (Step C1.2)



Method 1
========
echo -n  "20140205" | openssl dgst -sha256 -mac Hmac -macopt hexkey:4157533466616b652d7365637265742d6b6579


Output = 41b8dd5e0d1716ba90401d46b58b12d500accdd2ea9c2b22a2d275946c9d978e

########## kRegion ########## (Step C1.3)



Method 1
========
echo -n  "us-east-1" | openssl dgst -sha256 -mac Hmac -macopt hexkey:41b8dd5e0d1716ba90401d46b58b12d500accdd2ea9c2b22a2d275946c9d978e


Output = 7b47360ce7afbe1b839e0b0e55834df99979a5414bc7f846b17c9374d230d45d


########## kService ########## (Step C1.4)



Method 1
========
echo -n  "AGCODService" | openssl dgst -sha256 -mac Hmac -macopt hexkey:7b47360ce7afbe1b839e0b0e55834df99979a5414bc7f846b17c9374d230d45d


Output = 68136b0a64b2d01c8934370288b46500243645e468f521503e0d1fa73526d409

########## kSigning ########## (Step C1.5)


Method 1
========
echo -n  "aws4_request" | openssl dgst -sha256 -mac Hmac -macopt hexkey:68136b0a64b2d01c8934370288b46500243645e468f521503e0d1fa73526d409


Output = 27cb9f5b991c2933f5faae716e99bd50c66a45811b1424128269312bdd570dff

########## Signature ########## (Step C2)


Method 1
========
echo -n "AWS4-HMAC-SHA256
20140205T171524Z
20140205/us-east-1/AGCODService/aws4_request
7d9f2765e4f23e85d3dce4ae264dac4f784c152f3746aff45ac7f3afd7fad649" | openssl dgst -sha256 -mac Hmac -macopt hexkey:27cb9f5b991c2933f5faae716e99bd50c66a45811b1424128269312bdd570dff


Output = e32110cf663ed86460621dff12bb1139afe29d015584d208df09f149fa1b69d1



---------------------------------



output generated by Java code
=============================

PAYLOAD:
<CreateGiftCardRequest><creationRequestId>Test001</creationRequestId><partnerId>Test</partnerId><value><currencyCode>USD</currencyCode><amount>10</amount></value></CreateGiftCardRequest>

HASHED PAYLOAD:
50bf24a091a7463bb4a2661f93a7299c94774bc81f9fddf02af2925922b869dc

CANONICAL REQUEST:
POST
/CreateGiftCard

accept:charset=UTF-8
content-type:charset=UTF-8
host:agcod-v2-gamma.amazon.com
x-amz-date:20140205T171524Z
x-amz-target:com.amazonaws.agcod.AGCODService.CreateGiftCard
accept;content-type;host;x-amz-date;x-amz-target
50bf24a091a7463bb4a2661f93a7299c94774bc81f9fddf02af2925922b869dc

HASHED CANONICAL REQUEST:
7d9f2765e4f23e85d3dce4ae264dac4f784c152f3746aff45ac7f3afd7fad649

STRING TO SIGN:
AWS4-HMAC-SHA256
20140205T171524Z
20140205/us-east-1/AGCODService/aws4_request
7d9f2765e4f23e85d3dce4ae264dac4f784c152f3746aff45ac7f3afd7fad649

DERIVED SIGNING KEY:
27cb9f5b991c2933f5faae716e99bd50c66a45811b1424128269312bdd570dff

SIGNATURE:
e32110cf663ed86460621dff12bb1139afe29d015584d208df09f149fa1b69d1

ENDPOINT:
agcod-v2-gamma.amazon.com

SIGNED REQUEST
POST /CreateGiftCard HTTP/1.1
content-type:charset=UTF-8
host:agcod-v2-gamma.amazon.com
x-amz-date:20140205T171524Z
x-amz-target:com.amazonaws.agcod.AGCODService.CreateGiftCard
Authorization:AWS4-HMAC-SHA256 Credential=fake-aws-key/20140205/us-east-1/AGCODService/aws4_request, SignedHeaders=accept;content-type;host;x-amz-date;x-amz-target, Signature=e32110cf663ed86460621dff12bb1139afe29d015584d208df09f149fa1b69d1
<CreateGiftCardRequest><creationRequestId>Test001</creationRequestId><partnerId>Test</partnerId><value><currencyCode>USD</currencyCode><amount>10</amount></value></CreateGiftCardRequest>