if (contentMD5String != null) {
try {
contentMD5 = HashCode.fromBytes(
Base64.getDecoder().decode(contentMD5String));
} catch (IllegalArgumentException iae) {
throw new S3Exception(S3ErrorCode.INVALID_DIGEST, iae);
}
if (contentMD5.bits() != MD5.bits()) {
throw new S3Exception(S3ErrorCode.INVALID_DIGEST);
}
}
In handleUploadPart the code only checks for 128 bits and not the actual value, so even if someone sends a wrong MD5 base64 encoded string of file which is 128 bits the code will not throw an error.
if (contentMD5String != null) { try { contentMD5 = HashCode.fromBytes( Base64.getDecoder().decode(contentMD5String)); } catch (IllegalArgumentException iae) { throw new S3Exception(S3ErrorCode.INVALID_DIGEST, iae); } if (contentMD5.bits() != MD5.bits()) { throw new S3Exception(S3ErrorCode.INVALID_DIGEST); } }
In handleUploadPart the code only checks for 128 bits and not the actual value, so even if someone sends a wrong MD5 base64 encoded string of file which is 128 bits the code will not throw an error.