[thelist] Amazon signature key: check my PHP?

Joel Canfield joel at bizba6.com
Sun Sep 27 11:27:05 CDT 2009

Any PHP experts see an error in how I'm creating this signature key? Testing
on a simple JPEG, it returns the error
SignatureDoesNotMatch The request signature we calculated does not match the
signature you provided. Check your key and signing method.

Since this isn't my code and I'm not PHP smart enough to know anything about
base64_encode, hash_hmac, or sha1 and all that, I'm pretty much stuck.

    define("AWS_S3_KEY", "my real key is here");
    define("AWS_S3_SECRET", "my other real key is here");
    $expires = time()+60*60; // generous, for testing
    $bucket = "bizba6";
    $resource = "camels2.jpg";
    $string_to_sign = "GET\n{$expires}\n/{$bucket}/{$resource}";
    $signature = urlencode(base64_encode(hash_hmac("sha1",
utf8_encode($string_to_sign), AWS_S3_SECRET, true)));
    $authentication_params = "AWSAccessKeyId=".AWS_S3_KEY;
    $authentication_params.= "&Expires={$expires}";
    $authentication_params.= "&Signature={$signature}";
    $link = "
    echo "<a href=\"".htmlentities($link)."\">{$resource}</a>";

Joel at Bizba6.com

More information about the thelist mailing list