This site creates secret hash that AWS machine recreates to then accept users commands.
For general public use do not use any secret key value pairs in forms.

(access -- secret) --

hash_hmac exists

request-date=2026-01-23T21:09:10+00:00----shortDate=01-23T21----cred-SigningKey=01-23T21/us-west-1/s3//aws4_request----gmt-utc=Fri,23 Jan 2026 21:09:10 GMT
HMAC_salt=20260123

md5 hash of cred-SigningKey= 7e85c1f8b121c0039afe438e65fc2929

sha1 hash of cred-SigningKey= d69f01bb2fe2fab3aa74544aa8748709556122fc

test... sha256 of empty string must match below 40e62497a4a73b11015489303ddd3a4b9ebdbe6c58ae4205374ebe7a4994e7a8
test... sha256 of empty string must match above 40e62497a4a73b11015489303ddd3a4b9ebdbe6c58ae4205374ebe7a4994e7a8
****hashes match****
sha256 of empty string for aws on 20130708 = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Todays new hashed HMAC_salt=f33cca9fe8ac54c130d7e6d9f317b1bdf3e029dad94eeb471a68ef820e384198

stringToSign= PUT x-amz-acl:public-read /geraldkrug/(filename with extension)
hmachash= a88c410d7d70bea367347dd3c8c64a5f6b41f2f85728191d0bde308213932d6b
hmacRawHash= 07ac0f0c1efca7f882de433293c61b4ad4c465058dc44ab4b39d0544456367e0
bin2hex= 61383863343130643764373062656133363733343764643363386336346135663662343166326638353732383139316430626465333038323133393332643662

Base64_Decode SGVsbG8 = Hello

AWS s3 signature= qIxBDX1wvqNnNH3TyMZKX2tB8vhXKBkdC94wghOTLWs=
AWS s3 signature= qixbdx1wvqnnnh3tymzkx2tb8vhxkbkdc94wghotlws%3D

reverse AWS s3 signature then swap every other character...s=lwotgh4wc9kdkbhx8vtbx2zkym3tnhnnvq1wdxxbqi
reverse AWS s3 signature then swap every other character... s%3Dlwotgh4wc9kdkbhx8vtbx2zkym3tnhnnvq1wdxxbqi
hmacHash is hashed and hashed again... 3e9a13045ccd15dfcbe2894085f1f07714157ab151ba6dbcb478e83b253ee903

S3 Form Upload

Upload "PUT" an image to s3 bucket geraldkrug

Create API URL for service s3 ,,, current as of 3/30/2014

Properly do all fields then select a .png .gif .bmp or .jpg image by clicking the 'Browse' button and press 'Create API URL s3' to build your aws API URL ***>>>

access-
secret-- AND/OR shared secret for hmac salt key
expires-microtime-1769202550.2683 + 604800 sec. max.
host----OR s3-website-us-west-1.amazonaws.com OR s3.amazonaws.com
verb---OR GET OR POST
bucket-
objkey-
time---OR 2026-01-23T21:09:10Z
act----OR GetObject OR PostObject
ver----
algo---OR X-Amz-Algorithm=AWS4-HMAC-SHA1
cred---hostname
date---OR 2026-01-23T21:09:10Z
cont---OR content-type;AWS4-HMAC-SHA256
sig----
uuid---
mtag---
acl----OR private OR authenticated-read
redir--
presys-

upload max. size 1 MB is set, 5GB possible

save code in box as a file>>> {"expiration": "2016-01-01T00:00:00Z", "conditions": [ {"bucket": "geraldkrug"}, ["starts-with", "(filename with extension)", "facebook-1622820999/"], {"acl": "public-read"}, {"success_action_redirect": "http://localhost/"}, ["starts-with", "", "image/"], {"X-Amz-meta-uuid": "14365123651274"}, ["starts-with", "X-Amz-meta-tag", "user-defined-gdk-1769202550.2683"], {"X-Amz-date": "20260123T210910Z" }, ["content-length-range", 0, 1048576] ] }

url---
url----
url-----
information needed inside these areas ( ) must remove the ( and ) around the information you added. UTC/GMT

if you inputted a url into the url fields above you can use the buttons below

url--- use http or field is empty.

Array ( [accessKEY] => AWSaccesskey [date] => YYYYMMDDTHHMMSSZ [date-region-service-tstring] => scope [encode] => lowercase-Base16 [string-to-sign] => Array ( [0] => access [1] => [2] => RequestDate [3] => [4] => CredentialScope [5] => [6] => HashedCanonicalRequest ) )
a:5:{s:9:"accessKEY";s:12:"AWSaccesskey";s:4:"date";s:16:"YYYYMMDDTHHMMSSZ";s:27:"date-region-service-tstring";s:5:"scope";s:6:"encode";s:16:"lowercase-Base16";s:14:"string-to-sign";a:7:{i:0;s:6:"access";i:1;s:1:" ";i:2;s:11:"RequestDate";i:3;s:1:" ";i:4;s:15:"CredentialScope";i:5;s:1:" ";i:6;s:22:"HashedCanonicalRequest";}}
Array ( [accessKEY] => AWSaccesskey [date] => YYYYMMDDTHHMMSSZ [date-region-service-tstring] => scope [encode] => lowercase-Base16 [string-to-sign] => Array ( [0] => access [1] => [2] => RequestDate [3] => [4] => CredentialScope [5] => [6] => HashedCanonicalRequest ) )

Policy=

form 2... do the, Create API URL s3, form twice...then do this form 2

string_to_sign below...all \r and \n removed / is %2F + is %2B = is %3D , is %2C : is %3A

Poli=

Poli=

HMAC_salt=20260123
sha1 poli-signature= CwDKlwZT57AtFmihSczq3/nRo0Q=

sha1 poli-signature= cwdklwzt57atfmihsczq3%2Fnro0q%3D

^^^Copy this as, awss3payload.png , and use it for testing. In this website you encode a string you want to decode... try SGVsbG8 decodes to Hello http://base64-encoder-online.waraxe.us/

There are no aws secret keys within this PHP script, and no aws keys needed for this script :)

This site creates secret hash that AWS machine recreates to then accept users commands. For general public use do not use any secret key value pairs in forms.

Upload "PUT" an image to s3 bucket geraldkrug

Create API URL for service s3 ,,, current as of 3/30/2014

form 2... do the, Create API URL s3, form twice...then do this form 2

^^^Copy this as, awss3payload.png , and use it for testing.
In this website you encode a string you want to decode... try SGVsbG8 decodes to Hello http://base64-encoder-online.waraxe.us/

This site creates secret hash that AWS machine recreates to then accept users commands.
For general public use do not use any secret key value pairs in forms.