/
payload-check.go
49 lines (44 loc) · 1.33 KB
/
payload-check.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
package signature
import (
"bytes"
"encoding/base64"
"encoding/hex"
"io/ioutil"
"github.com/emicklei/go-restful"
log "github.com/sirupsen/logrus"
. "github.com/opensds/multi-cloud/s3/error"
)
func PayloadCheck(request *restful.Request, response *restful.Response) error {
r := request.Request
payload, err := ioutil.ReadAll(r.Body)
if err != nil {
log.Errorf("Read body failed: %v\n", err)
return ErrInternalError
}
// Verify Content-Md5, if payload is set.
inputMd5Sum := r.Header.Get("Content-Md5")
if inputMd5Sum != "" {
// check if it is valid
_, err := base64.StdEncoding.DecodeString(inputMd5Sum)
if err != nil {
log.Errorln("ErrInvalidDigest")
return ErrInvalidDigest
}
if inputMd5Sum != base64.StdEncoding.EncodeToString(sumMD5(payload)) {
log.Errorln("ErrBadDigest")
return ErrBadDigest
}
}
// Verify Content-Sha256, this is normally used for authv4.
inputSha256Sum := r.Header.Get(XAMZContentSha256)
if inputSha256Sum != "" && inputSha256Sum != UnsignedPayload {
if r.Header.Get(XAMZContentSha256) != hex.EncodeToString(sum256(payload)) {
log.Errorln("hashedPayload:", hex.EncodeToString(sum256(payload)), ", received:",
r.Header.Get(XAMZContentSha256))
return ErrContentSHA256Mismatch
}
}
// Populate back the payload.
r.Body = ioutil.NopCloser(bytes.NewReader(payload))
return nil
}