CODEWITHSUNDEEP
phpformsamazon-s3amazon-web-servicesencode
reggie
reggie

Reputation: 3674

Posting form data to Amazon S3 bucket

I've spent three days now trying to set up a simple posting form to amazon s3. Everytime I get this error:

SignatureDoesNotMatchThe request signature we calculated does not match the signature you provided. Check your key and signing method.

I don't see the problem. :-(

<?php
        $form = array(
            'key'                       => 'queue/1_1_1234567890.wmv',
            'AWSAccessKeyId'            => 'mypublickeyishere',
            'acl'                       => 'public-read',
            'success_action_redirect'   => 'http://someurl.com',
        );

        $form['policy'] = '{
            "expiration": "2015-12-01T12:00:00.000Z",
                "conditions": [
                    {
                        "acl": "'.$form['acl'].'"
                    },
                    {
                        "success_action_redirect": "'.$form['success_action_redirect'].'"
                    },
                    {
                        "bucket": "thenameofmybucket"
                    },
                    [
                        "starts-with",
                        "$key",
                        "queue/"
                    ]
                ]
            }';

    $form['policy_encoded'] = base64_encode($form['policy']);
    $form['signature'] = base64_encode(hash_hmac( 'sha1', base64_encode(utf8_encode($form['policy'])), 'F90mc5kpjuNMPg8XG7iV6bxOzacYhktcw+RVGzpZ'));

?>


<form action="https://thenameofmybucket.s3.amazonaws.com/" method="post" enctype="multipart/form-data">
      <input type="hidden" name="key" value="<?php echo $form['key'] ?>">
      <input type="hidden" name="AWSAccessKeyId" value="<?php echo $form['AWSAccessKeyId'] ?>">
      <input type="hidden" name="acl" value="<?php echo $form['acl'] ?>">
      <input type="hidden" name="success_action_redirect" value="<?php echo $form['success_action_redirect'] ?>">
      <input type="hidden" name="policy" value="<?php echo $form['policy_encoded'] ?>">
      <input type="hidden" name="signature" value="<?php echo $form['signature'] ?>">

      File to upload to S3:
      <input name="file" type="file">
      <br>
      <input type="submit" value="Upload File to S3">
</form>

I substituted the bucket name as well as the private and public keys above.

I followed the instruction to sign the policy meticulously: http://docs.amazonwebservices.com/AmazonS3/2006-03-01/dev/HTTPPOSTForms.html#HTTPPOSTConstructPolicy

What am I missing? Why is the code not working?

Upvotes: 5

Views: 8642

Answers (3)

Marty
Marty

Reputation: 2165

There is no need for that library, you were just missing a parameter. The problem is that you have not set the hash_hmac function to output binary data. To do this, set the fourth parameter to true like so:

$signature = base64_encode(hash_hmac('sha1', $policy_b64, $secret, true));

If you do not set this, it will not be encoding the signature the way that AWS expects it to be.

Upvotes: 16

Devin Ceartas
Devin Ceartas

Reputation: 4829

Already answered your own question I realize, but I wonder if this tutorial (http://aws.amazon.com/articles/1434), which suggests you have to strip out the return characters from the json before doing the base 64 encoding is the root of the problem?

Upvotes: -1

reggie
reggie

Reputation: 3674

Okay, I finally managed to get this done using this sample code library: http://aws.amazon.com/code/Amazon-S3/1618

Upvotes: -1

Related Questions