Skip to content

Amazon S3 signature calculation in JavaScript

On pp. 478-479 of Chapter 16 of my mashup book on online storage APIs, I show how to how to reproduce the calculation of an API signature in Amazon S3 in Python and PHP. Recently, because I now want to access S3 from within the browser, I have figured out how to do the same example using JavaScript. Specifically, the following is a Chickenfoot script that generates the correct signature.   (Note that the code depends on Paul Johnson's sha1.js library. (See his instructions on how to use the library. I had to consult the page to learn about the b64pad variable).):

// reproduce results on pp. 478-479 of
// Pro Web 2.0 Mashups

// http://docs.amazonwebservices.com/AmazonS3/2006-03-01/RESTAuthentication.html
// http://pajhome.org.uk/crypt/md5/instructions.html

include("D:\\Document\\JavaScriptLib\\sha1.js");

var AWSAccessKeyId = "0PN5J17HBGZHT7JJ3X82";
var AWSSecretAccessKey = "uV3F3YluFJax1cknvbcGwgjvx4QpvB+leU8dUj2o";
var Expires = '1175139620';
var HTTPVerb = "GET"
var ContentMD5 = ""
var ContentType = ""
var CanonicalizedAmzHeaders = ""
var CanonicalizedResource = "/johnsmith/photos/puppy.jpg"
var string_to_sign = HTTPVerb + "\n" + ContentMD5 + "\n" + ContentType + "\n" + 
  Expires + "\n" + CanonicalizedAmzHeaders + CanonicalizedResource
output(string_to_sign);

b64pad = "="; // needed for "strict RFC compliance"
var sig = b64_hmac_sha1(AWSSecretAccessKey , string_to_sign);
output ("|"+sig+"|");

Post a Comment

You must be logged in to post a comment.