2021-04-18 12:41:13 -07:00
|
|
|
// Copyright (c) 2015-2021 MinIO, Inc.
|
|
|
|
//
|
|
|
|
// This file is part of MinIO Object Storage stack
|
|
|
|
//
|
|
|
|
// This program is free software: you can redistribute it and/or modify
|
|
|
|
// it under the terms of the GNU Affero General Public License as published by
|
|
|
|
// the Free Software Foundation, either version 3 of the License, or
|
|
|
|
// (at your option) any later version.
|
|
|
|
//
|
|
|
|
// This program is distributed in the hope that it will be useful
|
|
|
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
// GNU Affero General Public License for more details.
|
|
|
|
//
|
|
|
|
// You should have received a copy of the GNU Affero General Public License
|
|
|
|
// along with this program. If not, see <http://www.gnu.org/licenses/>.
|
2016-08-08 20:56:29 -07:00
|
|
|
|
2016-08-18 16:23:42 -07:00
|
|
|
// Package cmd This file implements helper functions to validate Streaming AWS
|
2016-08-08 20:56:29 -07:00
|
|
|
// Signature Version '4' authorization header.
|
2016-08-18 16:23:42 -07:00
|
|
|
package cmd
|
2016-08-08 20:56:29 -07:00
|
|
|
|
|
|
|
import (
|
|
|
|
"bufio"
|
|
|
|
"bytes"
|
|
|
|
"encoding/hex"
|
|
|
|
"errors"
|
2023-05-05 19:53:12 -07:00
|
|
|
"fmt"
|
2016-08-08 20:56:29 -07:00
|
|
|
"hash"
|
|
|
|
"io"
|
|
|
|
"net/http"
|
2023-05-05 19:53:12 -07:00
|
|
|
"strings"
|
2016-08-08 20:56:29 -07:00
|
|
|
"time"
|
|
|
|
|
2022-08-30 01:57:16 +02:00
|
|
|
"github.com/dustin/go-humanize"
|
2021-06-01 14:59:40 -07:00
|
|
|
"github.com/minio/minio/internal/auth"
|
2022-05-27 06:00:19 -07:00
|
|
|
"github.com/minio/minio/internal/hash/sha256"
|
2021-06-01 14:59:40 -07:00
|
|
|
xhttp "github.com/minio/minio/internal/http"
|
2016-08-08 20:56:29 -07:00
|
|
|
)
|
|
|
|
|
|
|
|
// Streaming AWS Signature Version '4' constants.
|
|
|
|
const (
|
2023-05-05 19:53:12 -07:00
|
|
|
emptySHA256 = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
|
|
|
|
streamingContentSHA256 = "STREAMING-AWS4-HMAC-SHA256-PAYLOAD"
|
|
|
|
streamingContentSHA256Trailer = "STREAMING-AWS4-HMAC-SHA256-PAYLOAD-TRAILER"
|
|
|
|
signV4ChunkedAlgorithm = "AWS4-HMAC-SHA256-PAYLOAD"
|
|
|
|
signV4ChunkedAlgorithmTrailer = "AWS4-HMAC-SHA256-TRAILER"
|
|
|
|
streamingContentEncoding = "aws-chunked"
|
|
|
|
awsTrailerHeader = "X-Amz-Trailer"
|
|
|
|
trailerKVSeparator = ":"
|
2016-08-08 20:56:29 -07:00
|
|
|
)
|
|
|
|
|
|
|
|
// getChunkSignature - get chunk signature.
|
2023-05-05 19:53:12 -07:00
|
|
|
// Does not update anything in cr.
|
|
|
|
func (cr *s3ChunkedReader) getChunkSignature() string {
|
|
|
|
hashedChunk := hex.EncodeToString(cr.chunkSHA256Writer.Sum(nil))
|
|
|
|
|
2016-08-08 20:56:29 -07:00
|
|
|
// Calculate string to sign.
|
2023-05-05 19:53:12 -07:00
|
|
|
alg := signV4ChunkedAlgorithm + "\n"
|
|
|
|
stringToSign := alg +
|
|
|
|
cr.seedDate.Format(iso8601Format) + "\n" +
|
|
|
|
getScope(cr.seedDate, cr.region) + "\n" +
|
|
|
|
cr.seedSignature + "\n" +
|
2016-08-08 20:56:29 -07:00
|
|
|
emptySHA256 + "\n" +
|
|
|
|
hashedChunk
|
|
|
|
|
|
|
|
// Get hmac signing key.
|
2023-05-05 19:53:12 -07:00
|
|
|
signingKey := getSigningKey(cr.cred.SecretKey, cr.seedDate, cr.region, serviceS3)
|
|
|
|
|
|
|
|
// Calculate signature.
|
|
|
|
newSignature := getSignature(signingKey, stringToSign)
|
|
|
|
|
|
|
|
return newSignature
|
|
|
|
}
|
|
|
|
|
|
|
|
// getTrailerChunkSignature - get trailer chunk signature.
|
|
|
|
func (cr *s3ChunkedReader) getTrailerChunkSignature() string {
|
|
|
|
hashedChunk := hex.EncodeToString(cr.chunkSHA256Writer.Sum(nil))
|
|
|
|
|
|
|
|
// Calculate string to sign.
|
|
|
|
alg := signV4ChunkedAlgorithmTrailer + "\n"
|
|
|
|
stringToSign := alg +
|
|
|
|
cr.seedDate.Format(iso8601Format) + "\n" +
|
|
|
|
getScope(cr.seedDate, cr.region) + "\n" +
|
|
|
|
cr.seedSignature + "\n" +
|
|
|
|
hashedChunk
|
|
|
|
|
|
|
|
// Get hmac signing key.
|
|
|
|
signingKey := getSigningKey(cr.cred.SecretKey, cr.seedDate, cr.region, serviceS3)
|
2016-08-08 20:56:29 -07:00
|
|
|
|
|
|
|
// Calculate signature.
|
|
|
|
newSignature := getSignature(signingKey, stringToSign)
|
|
|
|
|
|
|
|
return newSignature
|
|
|
|
}
|
|
|
|
|
|
|
|
// calculateSeedSignature - Calculate seed signature in accordance with
|
2022-08-26 12:52:29 -07:00
|
|
|
// - http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-streaming.html
|
|
|
|
//
|
2016-08-08 20:56:29 -07:00
|
|
|
// returns signature, error otherwise if the signature mismatches or any other
|
|
|
|
// error while parsing and validating.
|
2023-05-05 19:53:12 -07:00
|
|
|
func calculateSeedSignature(r *http.Request, trailers bool) (cred auth.Credentials, signature string, region string, date time.Time, errCode APIErrorCode) {
|
2016-08-08 20:56:29 -07:00
|
|
|
// Copy request.
|
|
|
|
req := *r
|
|
|
|
|
|
|
|
// Save authorization header.
|
2019-07-02 22:34:32 -07:00
|
|
|
v4Auth := req.Header.Get(xhttp.Authorization)
|
2016-08-08 20:56:29 -07:00
|
|
|
|
|
|
|
// Parse signature version '4' header.
|
2021-11-25 13:06:25 -08:00
|
|
|
signV4Values, errCode := parseSignV4(v4Auth, globalSite.Region, serviceS3)
|
2016-08-08 20:56:29 -07:00
|
|
|
if errCode != ErrNone {
|
2018-10-09 14:00:01 -07:00
|
|
|
return cred, "", "", time.Time{}, errCode
|
2016-08-08 20:56:29 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
// Payload streaming.
|
|
|
|
payload := streamingContentSHA256
|
2023-05-05 19:53:12 -07:00
|
|
|
if trailers {
|
|
|
|
payload = streamingContentSHA256Trailer
|
|
|
|
}
|
2016-08-08 20:56:29 -07:00
|
|
|
|
|
|
|
// Payload for STREAMING signature should be 'STREAMING-AWS4-HMAC-SHA256-PAYLOAD'
|
2019-07-02 22:34:32 -07:00
|
|
|
if payload != req.Header.Get(xhttp.AmzContentSha256) {
|
2018-10-09 14:00:01 -07:00
|
|
|
return cred, "", "", time.Time{}, ErrContentSHA256Mismatch
|
2016-08-08 20:56:29 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
// Extract all the signed headers along with its values.
|
2017-04-05 15:08:33 -07:00
|
|
|
extractedSignedHeaders, errCode := extractSignedHeaders(signV4Values.SignedHeaders, r)
|
2016-08-09 21:43:15 +05:30
|
|
|
if errCode != ErrNone {
|
2018-10-09 14:00:01 -07:00
|
|
|
return cred, "", "", time.Time{}, errCode
|
2016-08-09 21:43:15 +05:30
|
|
|
}
|
2018-10-09 14:00:01 -07:00
|
|
|
|
2021-08-12 18:07:08 -07:00
|
|
|
cred, _, errCode = checkKeyValid(r, signV4Values.Credential.accessKey)
|
2018-11-07 06:40:03 -08:00
|
|
|
if errCode != ErrNone {
|
|
|
|
return cred, "", "", time.Time{}, errCode
|
2016-08-08 20:56:29 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
// Verify if region is valid.
|
2017-06-21 11:30:34 -07:00
|
|
|
region = signV4Values.Credential.scope.region
|
2016-08-08 20:56:29 -07:00
|
|
|
|
|
|
|
// Extract date, if not present throw error.
|
|
|
|
var dateStr string
|
2020-03-19 00:19:29 +01:00
|
|
|
if dateStr = req.Header.Get("x-amz-date"); dateStr == "" {
|
2016-08-08 20:56:29 -07:00
|
|
|
if dateStr = r.Header.Get("Date"); dateStr == "" {
|
2018-10-09 14:00:01 -07:00
|
|
|
return cred, "", "", time.Time{}, ErrMissingDateHeader
|
2016-08-08 20:56:29 -07:00
|
|
|
}
|
|
|
|
}
|
2018-11-07 06:40:03 -08:00
|
|
|
|
2016-08-08 20:56:29 -07:00
|
|
|
// Parse date header.
|
|
|
|
var err error
|
|
|
|
date, err = time.Parse(iso8601Format, dateStr)
|
|
|
|
if err != nil {
|
2018-10-09 14:00:01 -07:00
|
|
|
return cred, "", "", time.Time{}, ErrMalformedDate
|
2016-08-08 20:56:29 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
// Query string.
|
2021-08-07 22:43:01 -07:00
|
|
|
queryStr := req.Form.Encode()
|
2016-08-08 20:56:29 -07:00
|
|
|
|
|
|
|
// Get canonical request.
|
2017-04-05 17:00:24 -07:00
|
|
|
canonicalRequest := getCanonicalRequest(extractedSignedHeaders, payload, queryStr, req.URL.Path, req.Method)
|
2016-08-08 20:56:29 -07:00
|
|
|
|
|
|
|
// Get string to sign from canonical request.
|
2017-02-06 13:09:09 -08:00
|
|
|
stringToSign := getStringToSign(canonicalRequest, date, signV4Values.Credential.getScope())
|
2016-08-08 20:56:29 -07:00
|
|
|
|
|
|
|
// Get hmac signing key.
|
2019-02-27 17:46:55 -08:00
|
|
|
signingKey := getSigningKey(cred.SecretKey, signV4Values.Credential.scope.date, region, serviceS3)
|
2016-08-08 20:56:29 -07:00
|
|
|
|
|
|
|
// Calculate signature.
|
|
|
|
newSignature := getSignature(signingKey, stringToSign)
|
|
|
|
|
|
|
|
// Verify if signature match.
|
2018-01-02 07:30:02 +01:00
|
|
|
if !compareSignatureV4(newSignature, signV4Values.Signature) {
|
2018-10-09 14:00:01 -07:00
|
|
|
return cred, "", "", time.Time{}, ErrSignatureDoesNotMatch
|
2016-08-08 20:56:29 -07:00
|
|
|
}
|
|
|
|
|
2024-01-17 23:03:17 -08:00
|
|
|
// Return calculated signature.
|
2018-10-09 14:00:01 -07:00
|
|
|
return cred, newSignature, region, date, ErrNone
|
2016-08-08 20:56:29 -07:00
|
|
|
}
|
|
|
|
|
2016-11-22 18:18:22 -08:00
|
|
|
const maxLineLength = 4 * humanize.KiByte // assumed <= bufio.defaultBufSize 4KiB
|
2016-08-08 20:56:29 -07:00
|
|
|
|
|
|
|
// lineTooLong is generated as chunk header is bigger than 4KiB.
|
|
|
|
var errLineTooLong = errors.New("header line too long")
|
|
|
|
|
2021-09-09 14:37:07 -07:00
|
|
|
// malformed encoding is generated when chunk header is wrongly formed.
|
2016-08-08 20:56:29 -07:00
|
|
|
var errMalformedEncoding = errors.New("malformed chunked encoding")
|
|
|
|
|
2021-09-09 14:37:07 -07:00
|
|
|
// chunk is considered too big if its bigger than > 16MiB.
|
|
|
|
var errChunkTooBig = errors.New("chunk too big: choose chunk size <= 16MiB")
|
|
|
|
|
2016-08-08 20:56:29 -07:00
|
|
|
// newSignV4ChunkedReader returns a new s3ChunkedReader that translates the data read from r
|
|
|
|
// out of HTTP "chunked" format before returning it.
|
|
|
|
// The s3ChunkedReader returns io.EOF when the final 0-length chunk is read.
|
|
|
|
//
|
|
|
|
// NewChunkedReader is not needed by normal applications. The http package
|
|
|
|
// automatically decodes chunking when reading response bodies.
|
2023-05-05 19:53:12 -07:00
|
|
|
func newSignV4ChunkedReader(req *http.Request, trailer bool) (io.ReadCloser, APIErrorCode) {
|
|
|
|
cred, seedSignature, region, seedDate, errCode := calculateSeedSignature(req, trailer)
|
2016-08-08 20:56:29 -07:00
|
|
|
if errCode != ErrNone {
|
|
|
|
return nil, errCode
|
|
|
|
}
|
2018-09-19 16:52:05 -07:00
|
|
|
|
2023-05-05 19:53:12 -07:00
|
|
|
if trailer {
|
|
|
|
// Discard anything unsigned.
|
|
|
|
req.Trailer = make(http.Header)
|
|
|
|
trailers := req.Header.Values(awsTrailerHeader)
|
|
|
|
for _, key := range trailers {
|
|
|
|
req.Trailer.Add(key, "")
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
req.Trailer = nil
|
|
|
|
}
|
2016-08-08 20:56:29 -07:00
|
|
|
return &s3ChunkedReader{
|
2023-05-05 19:53:12 -07:00
|
|
|
trailers: req.Trailer,
|
2016-08-08 20:56:29 -07:00
|
|
|
reader: bufio.NewReader(req.Body),
|
2018-09-19 16:52:05 -07:00
|
|
|
cred: cred,
|
2016-08-08 20:56:29 -07:00
|
|
|
seedSignature: seedSignature,
|
|
|
|
seedDate: seedDate,
|
2017-06-21 11:30:34 -07:00
|
|
|
region: region,
|
2016-08-08 20:56:29 -07:00
|
|
|
chunkSHA256Writer: sha256.New(),
|
2021-03-16 21:33:40 +01:00
|
|
|
buffer: make([]byte, 64*1024),
|
2023-05-05 19:53:12 -07:00
|
|
|
debug: false,
|
2016-08-08 20:56:29 -07:00
|
|
|
}, ErrNone
|
|
|
|
}
|
|
|
|
|
|
|
|
// Represents the overall state that is required for decoding a
|
|
|
|
// AWS Signature V4 chunked reader.
|
|
|
|
type s3ChunkedReader struct {
|
2021-03-16 21:33:40 +01:00
|
|
|
reader *bufio.Reader
|
|
|
|
cred auth.Credentials
|
|
|
|
seedSignature string
|
|
|
|
seedDate time.Time
|
|
|
|
region string
|
2023-05-05 19:53:12 -07:00
|
|
|
trailers http.Header
|
2021-03-16 21:33:40 +01:00
|
|
|
|
2016-08-08 20:56:29 -07:00
|
|
|
chunkSHA256Writer hash.Hash // Calculates sha256 of chunk data.
|
2021-03-16 21:33:40 +01:00
|
|
|
buffer []byte
|
|
|
|
offset int
|
2016-08-08 20:56:29 -07:00
|
|
|
err error
|
2023-05-05 19:53:12 -07:00
|
|
|
debug bool // Print details on failure. Add your own if more are needed.
|
2016-08-08 20:56:29 -07:00
|
|
|
}
|
|
|
|
|
2017-10-21 22:30:34 -07:00
|
|
|
func (cr *s3ChunkedReader) Close() (err error) {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2021-09-09 14:37:07 -07:00
|
|
|
// Now, we read one chunk from the underlying reader.
|
|
|
|
// A chunk has the following format:
|
2022-08-26 12:52:29 -07:00
|
|
|
//
|
|
|
|
// <chunk-size-as-hex> + ";chunk-signature=" + <signature-as-hex> + "\r\n" + <payload> + "\r\n"
|
2021-09-09 14:37:07 -07:00
|
|
|
//
|
|
|
|
// First, we read the chunk size but fail if it is larger
|
|
|
|
// than 16 MiB. We must not accept arbitrary large chunks.
|
|
|
|
// One 16 MiB is a reasonable max limit.
|
|
|
|
//
|
|
|
|
// Then we read the signature and payload data. We compute the SHA256 checksum
|
|
|
|
// of the payload and verify that it matches the expected signature value.
|
|
|
|
//
|
|
|
|
// The last chunk is *always* 0-sized. So, we must only return io.EOF if we have encountered
|
|
|
|
// a chunk with a chunk size = 0. However, this chunk still has a signature and we must
|
|
|
|
// verify it.
|
|
|
|
const maxChunkSize = 16 << 20 // 16 MiB
|
|
|
|
|
2016-08-08 20:56:29 -07:00
|
|
|
// Read - implements `io.Reader`, which transparently decodes
|
|
|
|
// the incoming AWS Signature V4 streaming signature.
|
|
|
|
func (cr *s3ChunkedReader) Read(buf []byte) (n int, err error) {
|
2023-05-05 19:53:12 -07:00
|
|
|
if cr.err != nil {
|
|
|
|
if cr.debug {
|
|
|
|
fmt.Printf("s3ChunkedReader: Returning err: %v (%T)\n", cr.err, cr.err)
|
|
|
|
}
|
|
|
|
return 0, cr.err
|
|
|
|
}
|
|
|
|
defer func() {
|
|
|
|
if err != nil && err != io.EOF {
|
|
|
|
if cr.debug {
|
|
|
|
fmt.Println("Read err:", err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}()
|
2021-03-16 21:33:40 +01:00
|
|
|
// First, if there is any unread data, copy it to the client
|
|
|
|
// provided buffer.
|
|
|
|
if cr.offset > 0 {
|
|
|
|
n = copy(buf, cr.buffer[cr.offset:])
|
|
|
|
if n == len(buf) {
|
|
|
|
cr.offset += n
|
|
|
|
return n, nil
|
|
|
|
}
|
|
|
|
cr.offset = 0
|
|
|
|
buf = buf[n:]
|
|
|
|
}
|
|
|
|
|
|
|
|
var size int
|
2016-10-10 14:12:32 +05:30
|
|
|
for {
|
2021-03-16 21:33:40 +01:00
|
|
|
b, err := cr.reader.ReadByte()
|
|
|
|
if err == io.EOF {
|
|
|
|
err = io.ErrUnexpectedEOF
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
|
|
cr.err = err
|
|
|
|
return n, cr.err
|
|
|
|
}
|
|
|
|
if b == ';' { // separating character
|
|
|
|
break
|
2016-08-08 20:56:29 -07:00
|
|
|
}
|
2021-03-16 21:33:40 +01:00
|
|
|
|
|
|
|
// Manually deserialize the size since AWS specified
|
|
|
|
// the chunk size to be of variable width. In particular,
|
|
|
|
// a size of 16 is encoded as `10` while a size of 64 KB
|
|
|
|
// is `10000`.
|
|
|
|
switch {
|
|
|
|
case b >= '0' && b <= '9':
|
|
|
|
size = size<<4 | int(b-'0')
|
|
|
|
case b >= 'a' && b <= 'f':
|
|
|
|
size = size<<4 | int(b-('a'-10))
|
|
|
|
case b >= 'A' && b <= 'F':
|
|
|
|
size = size<<4 | int(b-('A'-10))
|
|
|
|
default:
|
|
|
|
cr.err = errMalformedEncoding
|
|
|
|
return n, cr.err
|
|
|
|
}
|
2021-09-09 14:37:07 -07:00
|
|
|
if size > maxChunkSize {
|
|
|
|
cr.err = errChunkTooBig
|
2021-03-16 21:33:40 +01:00
|
|
|
return n, cr.err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Now, we read the signature of the following payload and expect:
|
|
|
|
// chunk-signature=" + <signature-as-hex> + "\r\n"
|
|
|
|
//
|
|
|
|
// The signature is 64 bytes long (hex-encoded SHA256 hash) and
|
|
|
|
// starts with a 16 byte header: len("chunk-signature=") + 64 == 80.
|
|
|
|
var signature [80]byte
|
|
|
|
_, err = io.ReadFull(cr.reader, signature[:])
|
|
|
|
if err == io.EOF {
|
|
|
|
err = io.ErrUnexpectedEOF
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
|
|
cr.err = err
|
|
|
|
return n, cr.err
|
|
|
|
}
|
|
|
|
if !bytes.HasPrefix(signature[:], []byte("chunk-signature=")) {
|
|
|
|
cr.err = errMalformedEncoding
|
|
|
|
return n, cr.err
|
|
|
|
}
|
|
|
|
b, err := cr.reader.ReadByte()
|
|
|
|
if err == io.EOF {
|
|
|
|
err = io.ErrUnexpectedEOF
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
|
|
cr.err = err
|
|
|
|
return n, cr.err
|
|
|
|
}
|
|
|
|
if b != '\r' {
|
|
|
|
cr.err = errMalformedEncoding
|
|
|
|
return n, cr.err
|
|
|
|
}
|
|
|
|
b, err = cr.reader.ReadByte()
|
|
|
|
if err == io.EOF {
|
|
|
|
err = io.ErrUnexpectedEOF
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
|
|
cr.err = err
|
|
|
|
return n, cr.err
|
|
|
|
}
|
|
|
|
if b != '\n' {
|
|
|
|
cr.err = errMalformedEncoding
|
|
|
|
return n, cr.err
|
|
|
|
}
|
|
|
|
|
|
|
|
if cap(cr.buffer) < size {
|
|
|
|
cr.buffer = make([]byte, size)
|
|
|
|
} else {
|
|
|
|
cr.buffer = cr.buffer[:size]
|
|
|
|
}
|
|
|
|
|
|
|
|
// Now, we read the payload and compute its SHA-256 hash.
|
|
|
|
_, err = io.ReadFull(cr.reader, cr.buffer)
|
|
|
|
if err == io.EOF && size != 0 {
|
|
|
|
err = io.ErrUnexpectedEOF
|
|
|
|
}
|
|
|
|
if err != nil && err != io.EOF {
|
|
|
|
cr.err = err
|
|
|
|
return n, cr.err
|
|
|
|
}
|
2023-05-05 19:53:12 -07:00
|
|
|
|
|
|
|
// Once we have read the entire chunk successfully, we verify
|
|
|
|
// that the received signature matches our computed signature.
|
|
|
|
cr.chunkSHA256Writer.Write(cr.buffer)
|
|
|
|
newSignature := cr.getChunkSignature()
|
|
|
|
if !compareSignatureV4(string(signature[16:]), newSignature) {
|
|
|
|
cr.err = errSignatureMismatch
|
|
|
|
return n, cr.err
|
|
|
|
}
|
|
|
|
cr.seedSignature = newSignature
|
|
|
|
cr.chunkSHA256Writer.Reset()
|
|
|
|
|
|
|
|
// If the chunk size is zero we return io.EOF. As specified by AWS,
|
|
|
|
// only the last chunk is zero-sized.
|
|
|
|
if len(cr.buffer) == 0 {
|
|
|
|
if cr.debug {
|
|
|
|
fmt.Println("EOF. Reading Trailers:", cr.trailers)
|
|
|
|
}
|
|
|
|
if cr.trailers != nil {
|
|
|
|
err = cr.readTrailers()
|
|
|
|
if cr.debug {
|
|
|
|
fmt.Println("trailers returned:", err, "now:", cr.trailers)
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
|
|
cr.err = err
|
|
|
|
return 0, err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
cr.err = io.EOF
|
|
|
|
return n, cr.err
|
|
|
|
}
|
|
|
|
|
2021-03-16 21:33:40 +01:00
|
|
|
b, err = cr.reader.ReadByte()
|
2022-12-05 20:18:50 +01:00
|
|
|
if b != '\r' || err != nil {
|
2023-05-05 19:53:12 -07:00
|
|
|
if cr.debug {
|
|
|
|
fmt.Printf("want %q, got %q\n", "\r", string(b))
|
|
|
|
}
|
2021-03-16 21:33:40 +01:00
|
|
|
cr.err = errMalformedEncoding
|
|
|
|
return n, cr.err
|
|
|
|
}
|
|
|
|
b, err = cr.reader.ReadByte()
|
|
|
|
if err == io.EOF {
|
|
|
|
err = io.ErrUnexpectedEOF
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
|
|
cr.err = err
|
|
|
|
return n, cr.err
|
|
|
|
}
|
|
|
|
if b != '\n' {
|
2023-05-05 19:53:12 -07:00
|
|
|
if cr.debug {
|
|
|
|
fmt.Printf("want %q, got %q\n", "\r", string(b))
|
|
|
|
}
|
2021-03-16 21:33:40 +01:00
|
|
|
cr.err = errMalformedEncoding
|
|
|
|
return n, cr.err
|
2016-08-08 20:56:29 -07:00
|
|
|
}
|
2021-03-16 21:33:40 +01:00
|
|
|
|
2023-05-05 19:53:12 -07:00
|
|
|
cr.offset = copy(buf, cr.buffer)
|
|
|
|
n += cr.offset
|
|
|
|
return n, err
|
|
|
|
}
|
|
|
|
|
|
|
|
// readTrailers will read all trailers and populate cr.trailers with actual values.
|
|
|
|
func (cr *s3ChunkedReader) readTrailers() error {
|
2023-08-01 08:45:57 -07:00
|
|
|
if cr.debug {
|
|
|
|
fmt.Printf("pre trailer sig: %s\n", cr.seedSignature)
|
|
|
|
}
|
2023-05-05 19:53:12 -07:00
|
|
|
var valueBuffer bytes.Buffer
|
|
|
|
// Read value
|
|
|
|
for {
|
|
|
|
v, err := cr.reader.ReadByte()
|
|
|
|
if err != nil {
|
|
|
|
if err == io.EOF {
|
|
|
|
return io.ErrUnexpectedEOF
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if v != '\r' {
|
|
|
|
valueBuffer.WriteByte(v)
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
// End of buffer, do not add to value.
|
|
|
|
v, err = cr.reader.ReadByte()
|
|
|
|
if err != nil {
|
|
|
|
if err == io.EOF {
|
|
|
|
return io.ErrUnexpectedEOF
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if v != '\n' {
|
|
|
|
return errMalformedEncoding
|
|
|
|
}
|
|
|
|
break
|
2021-03-16 21:33:40 +01:00
|
|
|
}
|
|
|
|
|
2023-05-05 19:53:12 -07:00
|
|
|
// Read signature
|
|
|
|
var signatureBuffer bytes.Buffer
|
|
|
|
for {
|
|
|
|
v, err := cr.reader.ReadByte()
|
|
|
|
if err != nil {
|
|
|
|
if err == io.EOF {
|
|
|
|
return io.ErrUnexpectedEOF
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if v != '\r' {
|
|
|
|
signatureBuffer.WriteByte(v)
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
var tmp [3]byte
|
|
|
|
_, err = io.ReadFull(cr.reader, tmp[:])
|
|
|
|
if err != nil {
|
|
|
|
if err == io.EOF {
|
|
|
|
return io.ErrUnexpectedEOF
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if string(tmp[:]) != "\n\r\n" {
|
|
|
|
if cr.debug {
|
|
|
|
fmt.Printf("signature, want %q, got %q", "\n\r\n", string(tmp[:]))
|
|
|
|
}
|
|
|
|
return errMalformedEncoding
|
|
|
|
}
|
|
|
|
// No need to write final newlines to buffer.
|
|
|
|
break
|
2021-03-16 21:33:40 +01:00
|
|
|
}
|
|
|
|
|
2023-05-05 19:53:12 -07:00
|
|
|
// Verify signature.
|
|
|
|
sig := signatureBuffer.Bytes()
|
|
|
|
if !bytes.HasPrefix(sig, []byte("x-amz-trailer-signature:")) {
|
|
|
|
if cr.debug {
|
|
|
|
fmt.Printf("prefix, want prefix %q, got %q", "x-amz-trailer-signature:", string(sig))
|
|
|
|
}
|
|
|
|
return errMalformedEncoding
|
|
|
|
}
|
2023-08-01 08:45:57 -07:00
|
|
|
|
|
|
|
// TODO: It seems like we may have to be prepared to rewrite and sort trailing headers:
|
|
|
|
// https://docs.aws.amazon.com/IAM/latest/UserGuide/create-signed-request.html
|
|
|
|
|
|
|
|
// Any value must end with a newline.
|
|
|
|
// Not all clients send that.
|
|
|
|
trailerRaw := valueBuffer.Bytes()
|
|
|
|
if len(trailerRaw) > 0 && trailerRaw[len(trailerRaw)-1] != '\n' {
|
|
|
|
valueBuffer.Write([]byte{'\n'})
|
|
|
|
}
|
2023-05-05 19:53:12 -07:00
|
|
|
sig = sig[len("x-amz-trailer-signature:"):]
|
|
|
|
sig = bytes.TrimSpace(sig)
|
|
|
|
cr.chunkSHA256Writer.Write(valueBuffer.Bytes())
|
|
|
|
wantSig := cr.getTrailerChunkSignature()
|
|
|
|
if !compareSignatureV4(string(sig), wantSig) {
|
|
|
|
if cr.debug {
|
2023-07-13 11:33:11 +08:00
|
|
|
fmt.Printf("signature, want: %q, got %q\nSignature buffer: %q\n", wantSig, string(sig), valueBuffer.String())
|
2023-05-05 19:53:12 -07:00
|
|
|
}
|
|
|
|
return errSignatureMismatch
|
|
|
|
}
|
|
|
|
|
|
|
|
// Parse trailers.
|
|
|
|
wantTrailers := make(map[string]struct{}, len(cr.trailers))
|
|
|
|
for k := range cr.trailers {
|
|
|
|
wantTrailers[strings.ToLower(k)] = struct{}{}
|
|
|
|
}
|
|
|
|
input := bufio.NewScanner(bytes.NewReader(valueBuffer.Bytes()))
|
|
|
|
for input.Scan() {
|
|
|
|
line := strings.TrimSpace(input.Text())
|
|
|
|
if line == "" {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
// Find first separator.
|
|
|
|
idx := strings.IndexByte(line, trailerKVSeparator[0])
|
|
|
|
if idx <= 0 || idx >= len(line) {
|
|
|
|
if cr.debug {
|
|
|
|
fmt.Printf("index, ':' not found in %q\n", line)
|
|
|
|
}
|
|
|
|
return errMalformedEncoding
|
|
|
|
}
|
|
|
|
key := line[:idx]
|
|
|
|
value := line[idx+1:]
|
|
|
|
if _, ok := wantTrailers[key]; !ok {
|
|
|
|
if cr.debug {
|
|
|
|
fmt.Printf("%q not found in %q\n", key, cr.trailers)
|
|
|
|
}
|
|
|
|
return errMalformedEncoding
|
|
|
|
}
|
|
|
|
cr.trailers.Set(key, value)
|
|
|
|
delete(wantTrailers, key)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Check if we got all we want.
|
|
|
|
if len(wantTrailers) > 0 {
|
|
|
|
return io.ErrUnexpectedEOF
|
|
|
|
}
|
|
|
|
return nil
|
2016-08-08 20:56:29 -07:00
|
|
|
}
|
|
|
|
|
2016-10-10 14:12:32 +05:30
|
|
|
// readCRLF - check if reader only has '\r\n' CRLF character.
|
2016-08-08 20:56:29 -07:00
|
|
|
// returns malformed encoding if it doesn't.
|
2016-10-10 14:12:32 +05:30
|
|
|
func readCRLF(reader io.Reader) error {
|
|
|
|
buf := make([]byte, 2)
|
|
|
|
_, err := io.ReadFull(reader, buf[:2])
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if buf[0] != '\r' || buf[1] != '\n' {
|
|
|
|
return errMalformedEncoding
|
2016-08-08 20:56:29 -07:00
|
|
|
}
|
2016-10-10 14:12:32 +05:30
|
|
|
return nil
|
2016-08-08 20:56:29 -07:00
|
|
|
}
|
|
|
|
|
|
|
|
// Read a line of bytes (up to \n) from b.
|
|
|
|
// Give up if the line exceeds maxLineLength.
|
|
|
|
// The returned bytes are owned by the bufio.Reader
|
|
|
|
// so they are only valid until the next bufio read.
|
|
|
|
func readChunkLine(b *bufio.Reader) ([]byte, []byte, error) {
|
|
|
|
buf, err := b.ReadSlice('\n')
|
|
|
|
if err != nil {
|
|
|
|
// We always know when EOF is coming.
|
|
|
|
// If the caller asked for a line, there should be a line.
|
|
|
|
if err == io.EOF {
|
|
|
|
err = io.ErrUnexpectedEOF
|
|
|
|
} else if err == bufio.ErrBufferFull {
|
|
|
|
err = errLineTooLong
|
|
|
|
}
|
|
|
|
return nil, nil, err
|
|
|
|
}
|
|
|
|
if len(buf) >= maxLineLength {
|
|
|
|
return nil, nil, errLineTooLong
|
|
|
|
}
|
|
|
|
// Parse s3 specific chunk extension and fetch the values.
|
|
|
|
hexChunkSize, hexChunkSignature := parseS3ChunkExtension(buf)
|
|
|
|
return hexChunkSize, hexChunkSignature, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// trimTrailingWhitespace - trim trailing white space.
|
|
|
|
func trimTrailingWhitespace(b []byte) []byte {
|
|
|
|
for len(b) > 0 && isASCIISpace(b[len(b)-1]) {
|
|
|
|
b = b[:len(b)-1]
|
|
|
|
}
|
|
|
|
return b
|
|
|
|
}
|
|
|
|
|
|
|
|
// isASCIISpace - is ascii space?
|
|
|
|
func isASCIISpace(b byte) bool {
|
|
|
|
return b == ' ' || b == '\t' || b == '\n' || b == '\r'
|
|
|
|
}
|
|
|
|
|
|
|
|
// Constant s3 chunk encoding signature.
|
|
|
|
const s3ChunkSignatureStr = ";chunk-signature="
|
|
|
|
|
|
|
|
// parses3ChunkExtension removes any s3 specific chunk-extension from buf.
|
|
|
|
// For example,
|
2022-08-26 12:52:29 -07:00
|
|
|
//
|
|
|
|
// "10000;chunk-signature=..." => "10000", "chunk-signature=..."
|
2016-08-08 20:56:29 -07:00
|
|
|
func parseS3ChunkExtension(buf []byte) ([]byte, []byte) {
|
|
|
|
buf = trimTrailingWhitespace(buf)
|
|
|
|
semi := bytes.Index(buf, []byte(s3ChunkSignatureStr))
|
|
|
|
// Chunk signature not found, return the whole buffer.
|
|
|
|
if semi == -1 {
|
|
|
|
return buf, nil
|
|
|
|
}
|
|
|
|
return buf[:semi], parseChunkSignature(buf[semi:])
|
|
|
|
}
|
|
|
|
|
|
|
|
// parseChunkSignature - parse chunk signature.
|
|
|
|
func parseChunkSignature(chunk []byte) []byte {
|
|
|
|
chunkSplits := bytes.SplitN(chunk, []byte(s3ChunkSignatureStr), 2)
|
|
|
|
return chunkSplits[1]
|
|
|
|
}
|
|
|
|
|
|
|
|
// parse hex to uint64.
|
|
|
|
func parseHexUint(v []byte) (n uint64, err error) {
|
|
|
|
for i, b := range v {
|
|
|
|
switch {
|
|
|
|
case '0' <= b && b <= '9':
|
2021-11-16 09:28:29 -08:00
|
|
|
b -= '0'
|
2016-08-08 20:56:29 -07:00
|
|
|
case 'a' <= b && b <= 'f':
|
|
|
|
b = b - 'a' + 10
|
|
|
|
case 'A' <= b && b <= 'F':
|
|
|
|
b = b - 'A' + 10
|
|
|
|
default:
|
|
|
|
return 0, errors.New("invalid byte in chunk length")
|
|
|
|
}
|
|
|
|
if i == 16 {
|
|
|
|
return 0, errors.New("http chunk length too large")
|
|
|
|
}
|
|
|
|
n <<= 4
|
|
|
|
n |= uint64(b)
|
|
|
|
}
|
|
|
|
return
|
|
|
|
}
|