Home/ Questions/Q 9249049
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-18T10:05:46+00:00

I have a PHP function that generates signed Amazon S3 URL’s as below: if(!function_exists(‘el_crypto_hmacSHA1’)){

  • 0

I have a PHP function that generates signed Amazon S3 URL’s as below:

  if(!function_exists('el_crypto_hmacSHA1')){
    /**
    * Calculate the HMAC SHA1 hash of a string.
    *
    * @param string $key The key to hash against
    * @param string $data The data to hash
    * @param int $blocksize Optional blocksize
    * @return string HMAC SHA1
    */
    function el_crypto_hmacSHA1($key, $data, $blocksize = 64) {
        if (strlen($key) > $blocksize) $key = pack('H*', sha1($key));
        $key = str_pad($key, $blocksize, chr(0x00));
        $ipad = str_repeat(chr(0x36), $blocksize);
        $opad = str_repeat(chr(0x5c), $blocksize);
        $hmac = pack( 'H*', sha1(
        ($key ^ $opad) . pack( 'H*', sha1(
          ($key ^ $ipad) . $data
        ))
      ));
        return base64_encode($hmac);
    }
  }

  if(!function_exists('el_s3_getTemporaryLink')){
    /**
    * Create temporary URLs to your protected Amazon S3 files.
    *
    * @param string $accessKey Your Amazon S3 access key
    * @param string $secretKey Your Amazon S3 secret key
    * @param string $bucket The bucket (bucket.s3.amazonaws.com)
    * @param string $path The target file path
    * @param int $expires In minutes
    * @return string Temporary Amazon S3 URL
    * @see http://awsdocs.s3.amazonaws.com/S3/20060301/s3-dg-20060301.pdf
    */

    function el_s3_getTemporaryLink($accessKey, $secretKey, $bucket, $path, $expires = 5) {
      // Calculate expiry time
      $expires = time() + intval(floatval($expires) * 60);
      // Fix the path; encode and sanitize
      $path = str_replace('%2F', '/', rawurlencode($path = ltrim($path, '/')));
      // Path for signature starts with the bucket
      $signpath = '/'. $bucket .'/'. $path;
      // S3 friendly string to sign
      $signsz = implode("\n", $pieces = array('GET', null, null, $expires, $signpath));
      // Calculate the hash
      $signature = el_crypto_hmacSHA1($secretKey, $signsz);
      // Glue the URL ...
      $url = sprintf('https://%s/%s', $bucket, $path);
      // ... to the query string ...
      $qs = http_build_query($pieces = array(
        'AWSAccessKeyId' => $accessKey,
        'Expires' => $expires,
        'Signature' => $signature,
      ));
      // ... and return the URL!
      return $url.'?'.$qs;
    }

    }

I have one page with a form button that i use to download a zip file:

<?php
// Grab the file url
$file_url = get_post_meta($post->ID, 'file_url', true);
// Grab just the filename with extension
$file_name = basename($file_url); 

// AWS details                  
$accessKey = "AKIAJJLX2F7GUDTQ23AA";
$secretKey = "<REMOVED>";
$bucket_name = "media.themixtapesite.com";

// Create new S3 Expiry URL
$download_url = el_s3_getTemporaryLink($accessKey, $secretKey, $bucket_name, $file_name);


if (is_user_logged_in()) { ?>
<div class="download_button_div">
<?php echo '<form action="'.$download_url.'" class="download_button_div">'; ?>
<!--Download counter-->
<input type="hidden" name="download_counter" value="<?php (int)$download_count = get_post_meta($post->ID, 'download_counter', true);
$download_count++;
update_post_meta($post->ID, 'download_counter', $download_count); ?>">
<button type='submit' class='download_button'>Download</button>
</form>

As you can see i simply set the Form Action to the URL of the file i want to download.
This works fine. It generates a signed, expiring S3 URL and downloads the file.

On another page, i use the same function, but a slightly different form and this is to download a single mp3 file:

<?php
// Grab the file url
$file_url = $mp3s;
// Grab just the filename with extension
$file_name = basename($file_url); 

// AWS details                  
$accessKey = "AKIAJJLX2F7GUDTQ23AA";
$secretKey = "<REMOVED>";
$bucket_name = "mixtape2.s3.amazonaws.com";

// Create new S3 Expiry URL
$download_url = el_s3_getTemporaryLink($accessKey, $secretKey, $bucket_name, $file_name);
?>

<!--Download individual MP3 file direct from player-->

<span style="right:27px; position:absolute;">
<form action="download_file.php" method="post" name="downloadform">
<input name="file_name" value="<?php echo basename($mp3s); ?>" type="hidden">
<input name="real_file" value="<?php echo $download_url; ?>" type="hidden">
<input type="image" src="download.jpg" border="0" width="17" alt="Download the MP3" />
</form>

As you can see on this form i submit the form using POST to another file called ‘download_file.php’ for processing. The ‘download_file.php’ is simply a file which forces the download of an mp3 file rather than opening it in the browser:

<?php
if(isset($_POST['file_name'])){
$player_file = $_POST['file_name'];
header('Content-type: audio/mpeg3');
header('Content-Disposition: attachment; filename="themixtapesite_'.$player_file.'"');
readfile($_POST['real_file']);
exit();
}
?>

The problem i have, on the second page (where i submit to ‘download_file.php), the URL generated doesn’t work. If i submit the form it simply downloads a file of 0kb.
If i view source then copy and paste the link in to the browser i get an S3 error message telling me the Signature Does Not Match.

I don’t understand why my first page works, but my second page doesn’t. The URL’s are both generated using the same function??

Any help appreciated.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Thanks to @orique for spotting i had entered my bucket name incorrectly.
    Silly mistake… Coding blindness!

    • 0