MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 12:52:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

Generate and use access/secret keys properly (#3498)

Browse Source
This commit is contained in:
Bala FA
2016-12-26 23:51:23 +05:30
committed by Harshavardhana
parent 6ee27daac1
commit e8ce3b64ed
42 changed files with 429 additions and 447 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
cmd/signature-v4.go
View File

@@ -171,7 +171,7 @@ func doesPolicySignatureV4Match(formValues map[string]string) APIErrorCode {
}
// Verify if the access key id matches.
if credHeader.accessKey != cred.AccessKeyID {
if credHeader.accessKey != cred.AccessKey {
return ErrInvalidAccessKeyID
}
@@ -188,7 +188,7 @@ func doesPolicySignatureV4Match(formValues map[string]string) APIErrorCode {
}
// Get signing key.
signingKey := getSigningKey(cred.SecretAccessKey, t, region)
signingKey := getSigningKey(cred.SecretKey, t, region)
// Get signature.
newSignature := getSignature(signingKey, formValues["Policy"])
@@ -217,7 +217,7 @@ func doesPresignedSignatureMatch(hashedPayload string, r *http.Request, region s
}
// Verify if the access key id matches.
if pSignValues.Credential.accessKey != cred.AccessKeyID {
if pSignValues.Credential.accessKey != cred.AccessKey {
return ErrInvalidAccessKeyID
}
@@ -268,7 +268,7 @@ func doesPresignedSignatureMatch(hashedPayload string, r *http.Request, region s
query.Set("X-Amz-Date", t.Format(iso8601Format))
query.Set("X-Amz-Expires", strconv.Itoa(expireSeconds))
query.Set("X-Amz-SignedHeaders", getSignedHeaders(extractedSignedHeaders))
query.Set("X-Amz-Credential", cred.AccessKeyID+"/"+getScope(t, sRegion))
query.Set("X-Amz-Credential", cred.AccessKey+"/"+getScope(t, sRegion))
// Save other headers available in the request parameters.
for k, v := range req.URL.Query() {
@@ -313,7 +313,7 @@ func doesPresignedSignatureMatch(hashedPayload string, r *http.Request, region s
presignedStringToSign := getStringToSign(presignedCanonicalReq, t, region)
// Get hmac presigned signing key.
presignedSigningKey := getSigningKey(cred.SecretAccessKey, t, region)
presignedSigningKey := getSigningKey(cred.SecretKey, t, region)
// Get new signature.
newSignature := getSignature(presignedSigningKey, presignedStringToSign)
@@ -369,7 +369,7 @@ func doesSignatureMatch(hashedPayload string, r *http.Request, region string) AP
}
// Verify if the access key id matches.
if signV4Values.Credential.accessKey != cred.AccessKeyID {
if signV4Values.Credential.accessKey != cred.AccessKey {
return ErrInvalidAccessKeyID
}
@@ -410,7 +410,7 @@ func doesSignatureMatch(hashedPayload string, r *http.Request, region string) AP
stringToSign := getStringToSign(canonicalRequest, t, region)
// Get hmac signing key.
signingKey := getSigningKey(cred.SecretAccessKey, t, region)
signingKey := getSigningKey(cred.SecretKey, t, region)
// Calculate signature.
newSignature := getSignature(signingKey, stringToSign)