Generate cloudfront signed url

gistfile1.txt

"""
Make sure you have "cryptography" and "botocore" installed!
"""

import datetime
import functools

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import padding
from botocore.signers import CloudFrontSigner


def rsa_signer(key_file, message):
    with open(key_file, 'rb') as key_file:
        private_key = serialization.load_pem_private_key(
            key_file.read(),
            password=None,
            backend=default_backend()
        )
    signer = private_key.signer(padding.PKCS1v15(), hashes.SHA1())
    signer.update(message)
    return signer.finalize()


def create_url(url, key_id, key_file):
    """ """
    expire_date = datetime.datetime.utcnow() + datetime.timedelta(days=1)
    signer = functools.partial(rsa_signer, key_file)
    cloudfront_signer = CloudFrontSigner(key_id, signer)
    return cloudfront_signer.generate_presigned_url(url, date_less_than=expire_date)


if __name__ == '__main__':
    import sys

    url = sys.argv[1]
    key_id = sys.argv[2]
    key_file = sys.argv[3]

    print(create_url(url, key_id, key_file))