This site creates secret hash that AWS machine recreates to then accept users commands.
For general public use do not use any secret key value pairs in forms.

(access -- secret) --

hash_hmac exists

request-date=2026-02-19T01:17:15+00:00----shortDate=02-19T01----cred-SigningKey=02-19T01/us-west-1/s3//aws4_request----gmt-utc=Thu,19 Feb 2026 01:17:15 GMT
HMAC_salt=20260219

md5 hash of cred-SigningKey= 0bf93ebb5e377fae546090645d3de0a7

sha1 hash of cred-SigningKey= 418dd089c97811f59593ea156f8ed1f7e75b1155

test... sha256 of empty string must match below 9139c73056f7e715a9b24c2f4712b08ceda442c0a047a1338b37c2c935a5ff60
test... sha256 of empty string must match above 9139c73056f7e715a9b24c2f4712b08ceda442c0a047a1338b37c2c935a5ff60
****hashes match****
sha256 of empty string for aws on 20130708 = e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Todays new hashed HMAC_salt=f119431082068bc97b3ca12438850f788c09b710b101eac5785536f5efb6387f

stringToSign= PUT x-amz-acl:public-read /geraldkrug/(filename with extension)
hmachash= baecc0c60be383f2b5061cc72bd3545f3cf5fdb90eb97c9f3a0901fffa801c27
hmacRawHash= 8a1939cbdccd6d201fb61fe700fc5ff8cbdbeaaede79d417276b2826c5548fb0
bin2hex= 62616563633063363062653338336632623530363163633732626433353435663363663566646239306562393763396633613039303166666661383031633237

Base64_Decode SGVsbG8 = Hello

AWS s3 signature= uuzAxgvjg/K1BhzHK9NUXzz1/bkOuXyfOgkB//qAHCc=
AWS s3 signature= uuzaxgvjg%2Fk1bhzhk9nuxzz1%2Fbkouxyfogkb%2F%2Fqahcc%3D

reverse AWS s3 signature then swap every other character...c=hcqa//kbogyfuxko/bz1xznuk9zhbhk1g/vjxgzauu
reverse AWS s3 signature then swap every other character... c%3Dhcqa%2F%2Fkbogyfuxko%2Fbz1xznuk9zhbhk1g%2Fvjxgzauu
hmacHash is hashed and hashed again... f19b9159d21d913d5f533b5a229876fe790eb5f5f461036b714461b4b6f18ddc

S3 Form Upload

Upload "PUT" an image to s3 bucket geraldkrug

Create API URL for service s3 ,,, current as of 3/30/2014

Properly do all fields then select a .png .gif .bmp or .jpg image by clicking the 'Browse' button and press 'Create API URL s3' to build your aws API URL ***>>>

access-
secret-- AND/OR shared secret for hmac salt key
expires-microtime-1771463835.2729 + 604800 sec. max.
host----OR s3-website-us-west-1.amazonaws.com OR s3.amazonaws.com
verb---OR GET OR POST
bucket-
objkey-
time---OR 2026-02-19T01:17:15Z
act----OR GetObject OR PostObject
ver----
algo---OR X-Amz-Algorithm=AWS4-HMAC-SHA1
cred---hostname
date---OR 2026-02-19T01:17:15Z
cont---OR content-type;AWS4-HMAC-SHA256
sig----
uuid---
mtag---
acl----OR private OR authenticated-read
redir--
presys-

upload max. size 1 MB is set, 5GB possible

save code in box as a file>>> {"expiration": "2016-01-01T00:00:00Z", "conditions": [ {"bucket": "geraldkrug"}, ["starts-with", "(filename with extension)", "facebook-1622820999/"], {"acl": "public-read"}, {"success_action_redirect": "http://localhost/"}, ["starts-with", "", "image/"], {"X-Amz-meta-uuid": "14365123651274"}, ["starts-with", "X-Amz-meta-tag", "user-defined-gdk-1771463835.273"], {"X-Amz-date": "20260219T011715Z" }, ["content-length-range", 0, 1048576] ] }

url---
url----
url-----
information needed inside these areas ( ) must remove the ( and ) around the information you added. UTC/GMT

if you inputted a url into the url fields above you can use the buttons below

url--- use http or field is empty.

Array ( [accessKEY] => AWSaccesskey [date] => YYYYMMDDTHHMMSSZ [date-region-service-tstring] => scope [encode] => lowercase-Base16 [string-to-sign] => Array ( [0] => access [1] => [2] => RequestDate [3] => [4] => CredentialScope [5] => [6] => HashedCanonicalRequest ) )
a:5:{s:9:"accessKEY";s:12:"AWSaccesskey";s:4:"date";s:16:"YYYYMMDDTHHMMSSZ";s:27:"date-region-service-tstring";s:5:"scope";s:6:"encode";s:16:"lowercase-Base16";s:14:"string-to-sign";a:7:{i:0;s:6:"access";i:1;s:1:" ";i:2;s:11:"RequestDate";i:3;s:1:" ";i:4;s:15:"CredentialScope";i:5;s:1:" ";i:6;s:22:"HashedCanonicalRequest";}}
Array ( [accessKEY] => AWSaccesskey [date] => YYYYMMDDTHHMMSSZ [date-region-service-tstring] => scope [encode] => lowercase-Base16 [string-to-sign] => Array ( [0] => access [1] => [2] => RequestDate [3] => [4] => CredentialScope [5] => [6] => HashedCanonicalRequest ) )

Policy=

form 2... do the, Create API URL s3, form twice...then do this form 2

string_to_sign below...all \r and \n removed / is %2F + is %2B = is %3D , is %2C : is %3A

Poli=

Poli=

HMAC_salt=20260219
sha1 poli-signature= pyRmJTdyev1cPsxdTpvSZaOCwgc=

sha1 poli-signature= pyrmjtdyev1cpsxdtpvszaocwgc%3D

^^^Copy this as, awss3payload.png , and use it for testing. In this website you encode a string you want to decode... try SGVsbG8 decodes to Hello http://base64-encoder-online.waraxe.us/

There are no aws secret keys within this PHP script, and no aws keys needed for this script :)

This site creates secret hash that AWS machine recreates to then accept users commands. For general public use do not use any secret key value pairs in forms.

Upload "PUT" an image to s3 bucket geraldkrug

Create API URL for service s3 ,,, current as of 3/30/2014

form 2... do the, Create API URL s3, form twice...then do this form 2

^^^Copy this as, awss3payload.png , and use it for testing.
In this website you encode a string you want to decode... try SGVsbG8 decodes to Hello http://base64-encoder-online.waraxe.us/

This site creates secret hash that AWS machine recreates to then accept users commands.
For general public use do not use any secret key value pairs in forms.