-
Notifications
You must be signed in to change notification settings - Fork 654
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
aws/signer/v4/middleware.go: GetSignedRequestSignature cuts Signature= wrong for indexes > 0 #2830
Comments
Hi @tqh , Can you please give us some more details about how this is broken? like log the signature that does not get extracted? Can you please provide additional info so we may take a closer look? Thanks, |
Here is a sample which prints
|
For the record, the IAM docs on sigv4 don't say much about whitespace or lack thereof, but I just checked against SQS and they allow any or no whitespace around the components of the signature they expect. e.g. all of these are accepted by SQS
So yes, we can definitely improve the parsing logic a bit here. |
This issue is now closed. Comments on closed issues are hard for our team to see. |
Acknowledgements
go get -u github.com/aws/aws-sdk-go-v2/...
)Describe the bug
Some s3 clients, like s3cmd, does not have
Signature=
directly after,
.While GetSignedRequestSignature tries to handle that case with
idx >= 0
it does not use idx when cutting the string.This causes the result to contain random non hex data in sig and you get an error about invalid hex:
encoding/hex: invalid byte: U+0053 'S'
Regression Issue
Expected Behavior
GetSignedRequestSignature(r *http.Request) to return a signature
Current Behavior
GetSignedRequestSignature(r *http.Request) returns error
encoding/hex: invalid byte: U+0053 'S'
Reproduction Steps
Using
s3cmd ls
for a service that uses validationPossible Solution
Missing index when cutting string
sig := p[len(authHeaderSignatureElem):]
should be
sig := p[len(authHeaderSignatureElem) + idx:]
Additional Information/Context
Confirmed that adding idx as suggested solves the issue locally.
AWS Go SDK V2 Module Versions Used
v1.32.2
Compiler and Version used
go version go1.22.5 linux/amd64
Operating System and version
Linux amd64
The text was updated successfully, but these errors were encountered: