2
function S3_delete($s3_array)
{ 

    $AWSAccessKeyId = 'youraccesskey';
    $AWSSecretAccessKey = 'yoursecretaccesskey';
    $BucketName = 'yourbucket';
    $AWSRegion = 'ap-south-1'; 

    $canonical_uri="/images/coupon_images/medium_banner/2019091810352344157.jpg";

    $encoded_uri = str_replace('%2F', '/', rawurlencode($canonical_uri));

    if($AWSRegion == 'us-east-1') {
        $hostname = trim($BucketName .".s3.amazonaws.com");
        $header_string = "host:" . $hostname . "\n";
        $signed_headers_string = "host";
    } else {
        $hostname =  trim($BucketName . ".s3-" . $AWSRegion . ".amazonaws.com");
        $header_string = "host:" . $hostname . "\n";
        $signed_headers_string = "host";
    }

    $date_text = gmdate('Ymd', time());
    $time_text = gmdate('Ymd\THis\Z');
    $algorithm = 'AWS4-HMAC-SHA256';
    $scope = $date_text . "/" . $AWSRegion . "/s3/aws4_request";

    $x_amz_params = array(
        'X-Amz-Algorithm' => $algorithm,
        'X-Amz-Credential' => $AWSAccessKeyId . '/' . $scope,
        'X-Amz-Date' => $time_text,
        'X-Amz-SignedHeaders' => $signed_headers_string
    );

    $expires = 72000;
    if ($expires > 0) {
        $x_amz_params['X-Amz-Expires'] = $expires;
    }
    ksort($x_amz_params);

    $query_string = "";
    foreach ($x_amz_params as $key => $value) {
        $query_string .= rawurlencode($key) . '=' . rawurlencode($value) . "&";
    }
    $query_string = substr($query_string, 0, -1);

    $canonical_request = "DELETE\n" . $encoded_uri . "\n" . $query_string . "\n" . $header_string . "\n" . $signed_headers_string . "\nUNSIGNED-PAYLOAD";
    $string_to_sign = $algorithm . "\n" . $time_text . "\n" . $scope . "\n" . hash('sha256', $canonical_request, false);
    $signing_key = hash_hmac('sha256', 'aws4_request', hash_hmac('sha256', 's3', hash_hmac('sha256', $AWSRegion, hash_hmac('sha256', $date_text, 'AWS4' . $AWSSecretAccessKey, true), true), true), true);
    $signature = hash_hmac('sha256', $string_to_sign, $signing_key);

    $url = 'https://' . $hostname . $encoded_uri . '?' . $query_string . '&X-Amz-Signature=' . $signature;

    $ch = curl_init($url);
    curl_setopt($ch, CURLOPT_HEADER, false);
    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "GET");
    curl_setopt($ch, CURLOPT_HTTPHEADER);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    curl_exec($ch);
    return $httpcode = curl_getinfo($ch);
}

above code give response like this,

SignatureDoesNotMatchThe request signature we calculated does not match the signature you provided. Check your key and signing method.AKIAJKLJAHRPH4X4FSMQAWS4-HMAC-SHA256 20190919T053115Z 20190919/ap-south-1/s3/aws4_request

Dhiraj Maurya
  • 41
  • 6
  • **[You should not switch off `CURLOPT_SSL_VERIFYHOST` or `CURLOPT_SSL_VERIFYPEER`](https://paragonie.com/blog/2017/10/certainty-automated-cacert-pem-management-for-php-software)**. It could be a security risk! [Here is how to get the certificate bundle if your server is missing one](https://stackoverflow.com/a/32095378/1839439) – Dharman Oct 02 '19 at 22:42

1 Answers1

1

100% work the below code..

S3_delete('201909251745545.jpg','imagesbook/post_blog/'); //call function

function S3_delete($filename,$path)
{ 
    $file_name = $filename; 
    $file_delete_path = $path;

    $aws_access_key_id = 'your-accress-key';
    $aws_secret_access_key = 'your-secret-access-key';
    $bucket_name = 'your-bucket-name';
    $aws_region = 'your-region'; // Enter your aws region Ex. us-east-1
    $host_name = $bucket_name . '.s3.amazonaws.com';
    $content_acl = 'public-read';
    $content_type = ''; 
    $content='';
    $content_title = $file_delete_path.$file_name;
    $aws_service_name = 's3';

    $timestamp = gmdate('Ymd\THis\Z');
    $date = gmdate('Ymd');

    $request_headers = array();
    $request_headers['Content-Type'] = $content_type;
    $request_headers['Date'] = $timestamp;
    $request_headers['Host'] = $host_name;
    $request_headers['x-amz-acl'] = $content_acl;
    $request_headers['x-amz-content-sha256'] = hash('sha256',"");
    ksort($request_headers);

    $canonical_headers = [];
    foreach($request_headers as $key => $value)
    {
        $canonical_headers[] = strtolower($key) . ":" . $value;
    }
    $canonical_headers = implode("\n", $canonical_headers);


    $signed_headers = [];
    foreach($request_headers as $key => $value)
    {
        $signed_headers[] = strtolower($key);
    }
    $signed_headers = implode(";", $signed_headers);

    $canonical_request = [];
    $canonical_request[] = "DELETE";
    $canonical_request[] = "/" . $content_title;
    $canonical_request[] = "";
    $canonical_request[] = $canonical_headers;
    $canonical_request[] = "";
    $canonical_request[] = $signed_headers;
    $canonical_request[] = hash('sha256', $content);
    $canonical_request = implode("\n", $canonical_request);
    $hashed_canonical_request = hash('sha256', $canonical_request);

    $scope = [];
    $scope[] = $date;
    $scope[] = $aws_region;
    $scope[] = $aws_service_name;
    $scope[] = "aws4_request";

    $string_to_sign = [];
    $string_to_sign[] = "AWS4-HMAC-SHA256"; 
    $string_to_sign[] = $timestamp; 
    $string_to_sign[] = implode('/', $scope);
    $string_to_sign[] = $hashed_canonical_request;
    $string_to_sign = implode("\n", $string_to_sign);

    $kSecret = 'AWS4' . $aws_secret_access_key;
    $kDate = hash_hmac('sha256', $date, $kSecret, true);
    $kRegion = hash_hmac('sha256', $aws_region, $kDate, true);
    $kService = hash_hmac('sha256', $aws_service_name, $kRegion, true);
    $kSigning = hash_hmac('sha256', 'aws4_request', $kService, true);

    $signature = hash_hmac('sha256', $string_to_sign, $kSigning);

    $authorization = [
        'Credential=' . $aws_access_key_id . '/' . implode('/', $scope),
        'SignedHeaders=' . $signed_headers,
        'Signature=' . $signature
    ];
    $authorization = 'AWS4-HMAC-SHA256' . ' ' . implode( ',', $authorization);

    $curl_headers = [ 'Authorization: ' . $authorization ];
    foreach($request_headers as $key => $value) 
    {
     $curl_headers[] = $key . ": " . $value;
    }

    $url = 'https://' . $host_name . '/' . $content_title;
    $ch = curl_init($url);
    curl_setopt($ch, CURLOPT_HEADER, false);
    curl_setopt($ch, CURLOPT_HTTPHEADER, $curl_headers);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, false);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
    curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "DELETE");
    return curl_exec($ch); // return response data 1
    //$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    //curl_close($ch);
    //return $httpcode;
}
Dhiraj Maurya
  • 41
  • 6
  • **[You should not switch off `CURLOPT_SSL_VERIFYHOST` or `CURLOPT_SSL_VERIFYPEER`](https://paragonie.com/blog/2017/10/certainty-automated-cacert-pem-management-for-php-software)**. It could be a security risk! [Here is how to get the certificate bundle if your server is missing one](https://stackoverflow.com/a/32095378/1839439) – Dharman Oct 02 '19 at 22:42