AWSSigner icon indicating copy to clipboard operation
AWSSigner copied to clipboard
verified publisher icon NetSPI

Incorrect signature calculation

Open Benaou opened this issue 2 years ago • 0 comments

On certain APIs, it appears the body isn't used for signing in the canonical request (e.g. when the body is part of a multipart upload, this API is one example where this happens)

In the example above, there is an X-Amz-Content-Sha256 header that provides the value UNSIGNED-PAYLOAD that's used in place of the actual body SHA256 in the canonical request when calculating the signature.

Is it possible to add an option to use the value of the X-Amz-Content-Sha256 header instead of the calculated payload SHA256 when signing?

Benaou avatar Oct 18 '23 22:10 Benaou