the request signature we calculated does not match the signature you provided aws

1 answers
Thread Answer

I want to cors upload my video file from browser to Amazon S3 storage via project. But I keep getting this error:"the request signature we calculated does not match the signature you provided"

Here is the javascript code I have;

function uploadFile() {

var access_key = "xx";
var secret = "xx";
var policy = "xx";
var signature = "xx";

var file = document.getElementById('file').files[0];
var fd = new FormData();

var key = "folder1/"   (new Date).getTime()   '-';

fd.append('key', key);
fd.append('acl', 'public-read-write');
fd.append('Content-Type', file.type);
fd.append('AWSAccessKeyId', access_key);
fd.append('policy', policy)
fd.append('signature', signature);

fd.append("file", file);

var xhr = new XMLHttpRequest();

xhr.upload.addEventListener("progress", uploadProgress, false);
xhr.addEventListener("load", uploadComplete, false);
xhr.addEventListener("error", uploadFailed, false);
xhr.addEventListener("abort", uploadCanceled, false);'POST', '', true);



Here is the policy string ;

                      "\"Id\": \"Policyxxx\","  
                      "\"Version\": \"2012-10-17\","  
                      "\"Statement\": ["  
                          "\"Sid\": \"Stmtxxx\","  
                          "\"Action\": \"s3:*\","  
                          "\"Effect\": \"Allow\","  
                          "\"Resource\": \"arn:aws:s3:::bucketName/*\","  
                          "\"Principal\": \"*\""  

and here is the getsignature method;

 public static string GetS3Signature(string policyStr)
        string b64Policy = Convert.ToBase64String(Encoding.ASCII.GetBytes(policyStr));

        byte[] b64Key = Encoding.ASCII.GetBytes(AwsSecretKey);
        HMACSHA1 hmacSha1 = new HMACSHA1(b64Key);

        var c = Convert.ToBase64String(hmacSha1.ComputeHash(Encoding.ASCII.GetBytes(b64Policy)));
        return c;

What could be the reason for the error


Any conditions which are mentioned in the policy must also be in the form data. For example if you have a condition like

["starts-with", "x-amz-meta-myelement", ""]

Then you have to send that key. If the policy has constraints on content-type or key prefix these may also cause signature errors.