Open Basho-JIRA opened 9 years ago
As for Multipart Upload Part, AWS S3 adds 'ETag' which is MD5 hash of the content of part object.
Also, ETag
of completed object is MD5 hash of concatenated parts' MD5 hash values. [1]
If riak cs follow this S3 behaivior, both MD5 and SHA256 of payload should be calculated.
For faked x-amx-contet-sha256
, S3 responds with error
XAmzContentSHA256Mismatch
[1]. It can be thought that
authentication is 2-phase, signature calculation (require headers
only) and post accept body sha256 verification.
<?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>XAmzContentSHA256Mismatch</Code>
<Message>The provided 'x-amz-content-sha256' header does not match what was computed.</Message>
<ClientComputedContentSHA256>0000000000000000000000000000000000000000000000000000000000000000</ClientComputedContentSHA256>
<S3ComputedContentSHA256>809fa1ed21450f59827d1e9aec720bbc4b687434fa22283c6cb5dd82a47ab9c0</S3ComputedContentSHA256>
<RequestId>A3D32EA3F062DB15</RequestId>
<HostId>vE48bS9V+VHXMkrCiKdcTGbL/wiRPzFhOor4O5TV1ZT5NUeOFvHx9dOjkHvFrwCv21CvQOXJH4w=</HostId>
</Error>
[1] https://gist.github.com/shino/54cdcb2c8475d9699789 (it includes faked Content-MD5 case too)