todgru · August 9, 2022 18:42
diff --git a/s3push.sh b/s3push.sh
 #!/bin/bash

 fileLocal="filename.ext"
 bucket="name-of-bucket"
 s3dir="nameofdirectory/"
 region="us-east-2"
 storageClass="STANDARD"

 awsAccess='XXXXXXXXXXXXXXXXXXXX'
 awsSecret='0000000000aaaaaaaaaa0000000000aaaaaaaaaa'  #Make sure to use credentials with WRITE access to the bucket

 awsStringSign4() {
  kSecret="AWS4$1"
  kDate=$(printf         '%s' "$2" | openssl dgst -sha256 -hex -mac HMAC -macopt "key:${kSecret}"     2>/dev/null | sed 's/^.* //')
  kRegion=$(printf       '%s' "$3" | openssl dgst -sha256 -hex -mac HMAC -macopt "hexkey:${kDate}"    2>/dev/null | sed 's/^.* //')
  kService=$(printf      '%s' "$4" | openssl dgst -sha256 -hex -mac HMAC -macopt "hexkey:${kRegion}"  2>/dev/null | sed 's/^.* //')
  kSigning=$(printf 'aws4_request' | openssl dgst -sha256 -hex -mac HMAC -macopt "hexkey:${kService}" 2>/dev/null | sed 's/^.* //')
  signedString=$(printf  '%s' "$5" | openssl dgst -sha256 -hex -mac HMAC -macopt "hexkey:${kSigning}" 2>/dev/null | sed 's/^.* //')
  printf '%s' "${signedString}"
 }

 # Initialize defaults

 fileRemote="${fileLocal}"

 echo "Uploading" "${fileLocal}" "->" "${bucket}" "${region}" "${s3dir}" "${storageClass}"

 # Initialize helper variables

 httpReq='PUT'
 authType='AWS4-HMAC-SHA256'
 service='s3'
 baseUrl=".${service}.${region}.amazonaws.com"
 dateValueS=$(date -u +'%Y%m%d')
 dateValueL=$(date -u +'%Y%m%dT%H%M%SZ')
 if hash file 2>/dev/null; then
  contentType="$(file -b --mime-type "${fileLocal}")"
 else
  contentType='application/octet-stream'
 fi

 # 0. Hash the file to be uploaded

 if [ -f "${fileLocal}" ]; then
  payloadHash=$(openssl dgst -sha256 -hex < "${fileLocal}" 2>/dev/null | sed 's/^.* //')
 else
  echo "File not found: '${fileLocal}'"
  exit 1
 fi

 # 1. Create canonical request

 # NOTE: order significant in ${headerList} and ${canonicalRequest}

 headerList='content-type;host;x-amz-content-sha256;x-amz-date;x-amz-server-side-encryption;x-amz-storage-class'

 canonicalRequest="\
 ${httpReq}
 /${s3dir}${fileRemote}

 content-type:${contentType}
 host:${bucket}${baseUrl}
 x-amz-content-sha256:${payloadHash}
 x-amz-date:${dateValueL}
 x-amz-server-side-encryption:AES256
 x-amz-storage-class:${storageClass}

 ${headerList}
 ${payloadHash}"

 # Hash it

 canonicalRequestHash=$(printf '%s' "${canonicalRequest}" | openssl dgst -sha256 -hex 2>/dev/null | sed 's/^.* //')

 # 2. Create string to sign

 stringToSign="\
 ${authType}
 ${dateValueL}
 ${dateValueS}/${region}/${service}/aws4_request
 ${canonicalRequestHash}"

 # 3. Sign the string

 signature=$(awsStringSign4 "${awsSecret}" "${dateValueS}" "${region}" "${service}" "${stringToSign}")

 # Upload

 curl -v -s -L --proto-redir =https -X "${httpReq}" -T "${fileLocal}" \
  -H "Content-Type: ${contentType}" \
  -H "Host: ${bucket}${baseUrl}" \
  -H "X-Amz-Content-SHA256: ${payloadHash}" \
  -H "X-Amz-Date: ${dateValueL}" \
  -H "X-Amz-Server-Side-Encryption: AES256" \
  -H "X-Amz-Storage-Class: ${storageClass}" \
  -H "Authorization: ${authType} Credential=${awsAccess}/${dateValueS}/${region}/${service}/aws4_request, SignedHeaders=${headerList}, Signature=${signature}" \
  "https://${bucket}${baseUrl}/${s3dir}${fileRemote}"
	#!/bin/bash

	fileLocal="filename.ext"
	bucket="name-of-bucket"
	s3dir="nameofdirectory/"
	region="us-east-2"
	storageClass="STANDARD"

	awsAccess='XXXXXXXXXXXXXXXXXXXX'
	awsSecret='0000000000aaaaaaaaaa0000000000aaaaaaaaaa' #Make sure to use credentials with WRITE access to the bucket

	awsStringSign4() {
	kSecret="AWS4$1"
	kDate=$(printf '%s' "$2" \| openssl dgst -sha256 -hex -mac HMAC -macopt "key:${kSecret}" 2>/dev/null \| sed 's/^.* //')
	kRegion=$(printf '%s' "$3" \| openssl dgst -sha256 -hex -mac HMAC -macopt "hexkey:${kDate}" 2>/dev/null \| sed 's/^.* //')
	kService=$(printf '%s' "$4" \| openssl dgst -sha256 -hex -mac HMAC -macopt "hexkey:${kRegion}" 2>/dev/null \| sed 's/^.* //')
	kSigning=$(printf 'aws4_request' \| openssl dgst -sha256 -hex -mac HMAC -macopt "hexkey:${kService}" 2>/dev/null \| sed 's/^.* //')
	signedString=$(printf '%s' "$5" \| openssl dgst -sha256 -hex -mac HMAC -macopt "hexkey:${kSigning}" 2>/dev/null \| sed 's/^.* //')
	printf '%s' "${signedString}"
	}

	# Initialize defaults

	fileRemote="${fileLocal}"

	echo "Uploading" "${fileLocal}" "->" "${bucket}" "${region}" "${s3dir}" "${storageClass}"

	# Initialize helper variables

	httpReq='PUT'
	authType='AWS4-HMAC-SHA256'
	service='s3'
	baseUrl=".${service}.${region}.amazonaws.com"
	dateValueS=$(date -u +'%Y%m%d')
	dateValueL=$(date -u +'%Y%m%dT%H%M%SZ')
	if hash file 2>/dev/null; then
	contentType="$(file -b --mime-type "${fileLocal}")"
	else
	contentType='application/octet-stream'
	fi

	# 0. Hash the file to be uploaded

	if [ -f "${fileLocal}" ]; then
	payloadHash=$(openssl dgst -sha256 -hex < "${fileLocal}" 2>/dev/null \| sed 's/^.* //')
	else
	echo "File not found: '${fileLocal}'"
	exit 1
	fi

	# 1. Create canonical request

	# NOTE: order significant in ${headerList} and ${canonicalRequest}

	headerList='content-type;host;x-amz-content-sha256;x-amz-date;x-amz-server-side-encryption;x-amz-storage-class'

	canonicalRequest="\
	${httpReq}
	/${s3dir}${fileRemote}

	content-type:${contentType}
	host:${bucket}${baseUrl}
	x-amz-content-sha256:${payloadHash}
	x-amz-date:${dateValueL}
	x-amz-server-side-encryption:AES256
	x-amz-storage-class:${storageClass}

	${headerList}
	${payloadHash}"

	# Hash it

	canonicalRequestHash=$(printf '%s' "${canonicalRequest}" \| openssl dgst -sha256 -hex 2>/dev/null \| sed 's/^.* //')

	# 2. Create string to sign

	stringToSign="\
	${authType}
	${dateValueL}
	${dateValueS}/${region}/${service}/aws4_request
	${canonicalRequestHash}"

	# 3. Sign the string

	signature=$(awsStringSign4 "${awsSecret}" "${dateValueS}" "${region}" "${service}" "${stringToSign}")

	# Upload

	curl -v -s -L --proto-redir =https -X "${httpReq}" -T "${fileLocal}" \
	-H "Content-Type: ${contentType}" \
	-H "Host: ${bucket}${baseUrl}" \
	-H "X-Amz-Content-SHA256: ${payloadHash}" \
	-H "X-Amz-Date: ${dateValueL}" \
	-H "X-Amz-Server-Side-Encryption: AES256" \
	-H "X-Amz-Storage-Class: ${storageClass}" \
	-H "Authorization: ${authType} Credential=${awsAccess}/${dateValueS}/${region}/${service}/aws4_request, SignedHeaders=${headerList}, Signature=${signature}" \
	"https://${bucket}${baseUrl}/${s3dir}${fileRemote}"