[thelist] Amazon S3 for serving video: restricting permissions

Joel Canfield joel at bizba6.com
Sat Aug 29 15:43:17 CDT 2009

> Did you look at any of these example?
> http://developer.amazonwebservices.com/connect/message.jspa?messageID=132740
> I would imagine that PHP or Perl would have modules to build the
> signed and time-limited URL, but haven't looked.

One of those examples is very much like a link Mohan sent earlier (

I missed it, looking at the other resources. Digging back into that example,
I'm now at the point that it doesn't like hash_hmac for some reason. I get
the error

Fatal error: Call to undefined function: hash_hmac() in video.php on line 8

This page seems to indicate it's part of PHP:

so I'm apparently missing something about what PHP is or is not doing. (I've
worked almost entirely in ASP for the past decade, so although I'm okay with
scripting concepts, I'm an absolute neophyte with PHP.)

Here's what I've got in the page (there is literally nothing on this page
other than this, so if I'm missing something obvious, please say so)

    define("AWS_S3_KEY", "I have my real key here");
    define("AWS_S3_SECRET", "I have my secret code here");
    $expires = time()+60*60; // generous, for testing
    $bucket = "I put my bucket name here";
    $resource = "FNBH_Capsity.flv";
    $string_to_sign = "GET\n\n\n{$expires}\n/{$bucket}/{$resource}";
    $signature = urlencode(base64_encode(hash_hmac("sha1",
utf8_encode($string_to_sign), AWS_S3_SECRET, true)));
    $authentication_params = "AWSAccessKeyId=".AWS_S3_KEY;
    $authentication_params.= "&Expires={$expires}";
    $authentication_params.= "&Signature={$signature}";
    $link = "
    echo "<a href=\"".htmlentities($link)."\">Authenticated Link</a>";

More information about the thelist mailing list