Hi - is there an automatic way to generate a temporary URL for private S3 files (which require HMAC SHA1 encryption)?
if you have a solution, please tell me ;)
Here's a C++ example that worked for me. I'll try to make this an example for all languages on example-code.com
CkCrypt2 crypt; const char *awsSecretKey = "***"; const char *accessKey = "***"; const char *bucket = "chilkat100"; const char *path = "starfish.jpg"; CkDateTime dt; dt.SetFromCurrentSystemTime(); CkString strDt; bool bGetAsLocalTime = false; strDt.appendInt((int)dt.GetAsUnixTime(bGetAsLocalTime) + 3600); // 1 hour in the future. CkString strUrl; strUrl.append("https://s3.amazonaws.com/#{S3_BUCKET}/#{path}?AWSAccessKeyId=#{S3_ACCESS_KEY_ID}&Expires=#{expire_date}&Signature=#{signature}"); strUrl.replaceFirstOccurance("#{S3_ACCESS_KEY_ID}",accessKey); strUrl.replaceFirstOccurance("#{S3_BUCKET}",bucket); strUrl.replaceFirstOccurance("#{path}",path); strUrl.replaceFirstOccurance("#{expire_date}",strDt.getString()); // Now for the signature. CkString strCan; strCan.append("GET\n\n\n#{expire_date}\n/#{S3_BUCKET}/#{path}"); strCan.replaceFirstOccurance("#{S3_BUCKET}",bucket); strCan.replaceFirstOccurance("#{path}",path); strCan.replaceFirstOccurance("#{expire_date}",strDt.getString()); CkString strHmac; crypt.SetHmacKeyString(awsSecretKey); crypt.HmacStringENC(strCan.getString(),strHmac); strHmac.urlEncode("ansi"); strUrl.replaceFirstOccurance("#{signature}",strHmac.getString()); printf("%s\n",strUrl.getString());
My ASP function
' #########################################################
' Generates a temporary S3 SHA-1 signed request.
' PARAMETERS
' s3FilePath = relative S3 file path e.g. "/path/to/file"
' ttlMin = number of minutes
' AWS_BUCKET, AWS_SECRET, AWS_ACCESS_KEY need to be declared globally
function getAWSLink(s3FilePath, ttlMin)
expires = dateDiff("s","01/01/1970 00:00:00", dateAdd("n",ttlMin,now())) '-- get Unix time
strToSign = "GET" & vbLf & vbLf & vbLf & expires & vbLf & "/" & AWS_BUCKET & s3FilePath
set crypt = Server.CreateObject("Chilkat.Crypt2")
success = crypt.UnlockComponent("license-key")
crypt.HashAlgorithm = "sha1"
crypt.EncodingMode = "base64"
crypt.charset = "utf-8"
crypt.SetHmacKeyString AWS_SECRET
signature = crypt.HmacStringENC(strToSign)
set crypt = nothing
output = "http://" & AWS_BUCKET & ".s3.amazonaws.com" & s3FilePath & "?AWSAccessKeyId=" & AWS_ACCESS_KEY & "&Expires=" & expires & "&Signature=" & server.urlencode(signature)
getAWSLink = output
end function
Here's a new feature in to-be-released v9.5.0.46
Android: Generate S3 Signed URL
Classic ASP: Generate S3 Signed URL
Delphi ActiveX: Generate S3 Signed URL
Delphi DLL: Generate S3 Signed URL
Objective-C: Generate S3 Signed URL
PHP ActiveX: Generate S3 Signed URL
PHP Extension: Generate S3 Signed URL
PowerShell: Generate S3 Signed URL
Python: Generate S3 Signed URL
SQL Server: Generate S3 Signed URL
Unicode C: Generate S3 Signed URL
Unicode C++: Generate S3 Signed URL
VB.NET: Generate S3 Signed URL
VBScript: Generate S3 Signed URL