This site creates secret hash that AWS machine recreates to then accept users commands.
For general public use do not use any secret key value pairs in forms.

(access -- secret) --

hash_hmac exists

request-date=2025-12-12T09:27:23+00:00----shortDate=12-12T09----cred-SigningKey=12-12T09/us-west-1/s3//aws4_request----gmt-utc=Fri,12 Dec 2025 09:27:23 GMT

HMAC salt = key = null
HMAC_salt=20251212

md5 hash of cred-SigningKey= 415b18665b2617de24819ae91ba714b7

sha1 hash of cred-SigningKey= 3f1b97de9dcb9e1af6615476fb6dd2c5be12cb9f

test... sha256 of empty string must match below cba911265c753b87297bd2eb1dfe38ae05001be961049546b3e246f105ba57ea
test... sha256 of empty string must match above cba911265c753b87297bd2eb1dfe38ae05001be961049546b3e246f105ba57ea
****hashes match****
sha256 of empty string for aws on 20130708 = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Todays new hashed HMAC_salt=2ba1f76205722fef43f93159037aeb8162ed1b8671b813ce7aa00e23a77b23c4

stringToSign= PUT x-amz-acl:public-read /geraldkrug/(filename with extension)
hmachash= 39fac073f8247028893b8457a9aa82dddfd891348390f890bfcb33b542cb1768
hmacRawHash= 47f30343a41976cf347af65af080e244a98b5304cef26a4b40287981d1230e32
bin2hex= 33396661633037336638323437303238383933623834353761396161383264646466643839313334383339306638393062666362333362353432636231373638

Base64_Decode SGVsbG8 = Hello

AWS s3 signature= OfrAc/gkcCiJO4RXqaqC3d/YkTSDkPiQv8sztULLF2g=
AWS s3 signature= ofrac%2Fgkccijo4rxqaqc3d%2Fyktsdkpiqv8sztullf2g%3D

reverse AWS s3 signature then swap every other character...g=f2lltuszv8iqkpsdkt/y3dqcqarxo4ijccgkc/raof
reverse AWS s3 signature then swap every other character... g%3Df2lltuszv8iqkpsdkt%2Fy3dqcqarxo4ijccgkc%2Fraof
hmacHash is hashed and hashed again... 97dfcc5e773c7f8a75ff95501b3a294d87e36895037d03b352a7f1a094d6ff18

S3 Form Upload

Upload "PUT" an image to s3 bucket geraldkrug

Create API URL for service s3 ,,, current as of 3/30/2014

Properly do all fields then select a .png .gif .bmp or .jpg image by clicking the 'Browse' button and press 'Create API URL s3' to build your aws API URL ***>>>

access-
secret-- AND/OR shared secret for hmac salt key
expires-microtime-1765531643.615 + 604800 sec. max.
host----OR s3-website-us-west-1.amazonaws.com OR s3.amazonaws.com
verb---OR GET OR POST
bucket-
objkey-
time---OR 2025-12-12T09:27:23Z
act----OR GetObject OR PostObject
ver----
algo---OR X-Amz-Algorithm=AWS4-HMAC-SHA1
cred---hostname
date---OR 2025-12-12T09:27:23Z
cont---OR content-type;AWS4-HMAC-SHA256
sig----
uuid---
mtag---
acl----OR private OR authenticated-read
redir--
presys-

upload max. size 1 MB is set, 5GB possible

save code in box as a file>>> {"expiration": "2016-01-01T00:00:00Z", "conditions": [ {"bucket": "geraldkrug"}, ["starts-with", "(filename with extension)", "facebook-1622820999/"], {"acl": "public-read"}, {"success_action_redirect": "http://localhost/"}, ["starts-with", "", "image/"], {"X-Amz-meta-uuid": "14365123651274"}, ["starts-with", "X-Amz-meta-tag", "user-defined-gdk-1765531643.615"], {"X-Amz-date": "20251212T092723Z" }, ["content-length-range", 0, 1048576] ] }

url---
url----
url-----
information needed inside these areas ( ) must remove the ( and ) around the information you added. UTC/GMT

if you inputted a url into the url fields above you can use the buttons below

url--- use http or field is empty.

Array ( [accessKEY] => AWSaccesskey [date] => YYYYMMDDTHHMMSSZ [date-region-service-tstring] => scope [encode] => lowercase-Base16 [string-to-sign] => Array ( [0] => access [1] => [2] => RequestDate [3] => [4] => CredentialScope [5] => [6] => HashedCanonicalRequest ) )
a:5:{s:9:"accessKEY";s:12:"AWSaccesskey";s:4:"date";s:16:"YYYYMMDDTHHMMSSZ";s:27:"date-region-service-tstring";s:5:"scope";s:6:"encode";s:16:"lowercase-Base16";s:14:"string-to-sign";a:7:{i:0;s:6:"access";i:1;s:1:" ";i:2;s:11:"RequestDate";i:3;s:1:" ";i:4;s:15:"CredentialScope";i:5;s:1:" ";i:6;s:22:"HashedCanonicalRequest";}}
Array ( [accessKEY] => AWSaccesskey [date] => YYYYMMDDTHHMMSSZ [date-region-service-tstring] => scope [encode] => lowercase-Base16 [string-to-sign] => Array ( [0] => access [1] => [2] => RequestDate [3] => [4] => CredentialScope [5] => [6] => HashedCanonicalRequest ) )

Policy=

form 2... do the, Create API URL s3, form twice...then do this form 2

string_to_sign below...all \r and \n removed / is %2F + is %2B = is %3D , is %2C : is %3A

Poli=

Poli=

HMAC_salt=20251212
sha1 poli-signature= I2egOnSrIj72CuBur2S1YjBgTlI=

sha1 poli-signature= i2egonsrij72cubur2s1yjbgtli%3D

^^^Copy this as, awss3payload.png , and use it for testing. In this website you encode a string you want to decode... try SGVsbG8 decodes to Hello http://base64-encoder-online.waraxe.us/

There are no aws secret keys within this PHP script, and no aws keys needed for this script :)

This site creates secret hash that AWS machine recreates to then accept users commands. For general public use do not use any secret key value pairs in forms.

Upload "PUT" an image to s3 bucket geraldkrug

Create API URL for service s3 ,,, current as of 3/30/2014

form 2... do the, Create API URL s3, form twice...then do this form 2

^^^Copy this as, awss3payload.png , and use it for testing.
In this website you encode a string you want to decode... try SGVsbG8 decodes to Hello http://base64-encoder-online.waraxe.us/

This site creates secret hash that AWS machine recreates to then accept users commands.
For general public use do not use any secret key value pairs in forms.