Fix off-by-one error

haydenbaker · haydenbaker · commit 1ea28c434d05 · 2023-09-28T15:37:24.000-07:00
diff --git a/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/crt/internal/signer/AwsChunkedV4aPayloadSigner.java b/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/crt/internal/signer/AwsChunkedV4aPayloadSigner.java
@@ -113,7 +113,7 @@ public void beforeSigning(SdkHttpRequest.Builder request, ContentStreamProvider
 
         switch (checksum) {
             case STREAMING_ECDSA_SIGNED_PAYLOAD: {
-                long extensionsLength = 161; // ;chunk-signature:<sigv4a-ecsda hex signature, 64 bytes>
+                long extensionsLength = 161; // ;chunk-signature:<sigv4a-ecsda hex signature, 144 bytes>
                 encodedContentLength += calculateChunksLength(contentLength, extensionsLength);
                 break;
             }
@@ -124,12 +124,12 @@ public void beforeSigning(SdkHttpRequest.Builder request, ContentStreamProvider
                 encodedContentLength += calculateChunksLength(contentLength, 0);
                 break;
             case STREAMING_ECDSA_SIGNED_PAYLOAD_TRAILER: {
-                long extensionsLength = 161; // ;chunk-signature:<sigv4a-ecsda hex signature, 64 bytes>
+                long extensionsLength = 161; // ;chunk-signature:<sigv4a-ecsda hex signature, 144 bytes>
                 encodedContentLength += calculateChunksLength(contentLength, extensionsLength);
                 if (checksumAlgorithm != null) {
                     encodedContentLength += calculateChecksumTrailerLength(checksumHeaderName(checksumAlgorithm));
                 }
-                encodedContentLength += 170; // x-amz-trailer-signature:<sigv4a-ecsda hex signature, 64 bytes>\r\n
+                encodedContentLength += 170; // x-amz-trailer-signature:<sigv4a-ecsda hex signature, 144 bytes>\r\n
                 break;
             }
             default:
@@ -177,7 +177,7 @@ private long calculateChunksLength(long contentLength, long extensionsLength) {
         long remainingBytes = contentLength % chunkSize;
         if (remainingBytes > 0) {
             long remainingChunkHeaderLength = Long.toHexString(remainingBytes).length();
-            lengthInBytes += remainingChunkHeaderLength + 1 + extensionsLength + 2 + remainingBytes + 2;
+            lengthInBytes += remainingChunkHeaderLength + extensionsLength + 2 + remainingBytes + 2;
         }
 
         // final chunk
diff --git a/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/AwsChunkedV4PayloadSigner.java b/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/AwsChunkedV4PayloadSigner.java
@@ -194,7 +194,7 @@ private long calculateChunksLength(long contentLength, long extensionsLength) {
         long remainingBytes = contentLength % chunkSize;
         if (remainingBytes > 0) {
             long remainingChunkHeaderLength = Long.toHexString(remainingBytes).length();
-            lengthInBytes += remainingChunkHeaderLength + 1 + extensionsLength + 2 + remainingBytes + 2;
+            lengthInBytes += remainingChunkHeaderLength + extensionsLength + 2 + remainingBytes + 2;
         }
 
         // final chunk
diff --git a/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/util/SignerUtils.java b/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/util/SignerUtils.java
@@ -255,6 +255,10 @@ public static byte[] hash(String text) {
         return hash(text.getBytes(StandardCharsets.UTF_8));
     }
 
+    /**
+     * Consume entire stream and return the number of bytes - the stream will NOT be reset upon completion, so if it needs to
+     * be read again, the caller MUST reset the stream.
+     */
     private static int readAll(InputStream inputStream) {
         try {
             byte[] buffer = new byte[4096];
diff --git a/core/http-auth-aws/src/test/java/software/amazon/awssdk/http/auth/aws/internal/signer/DefaultAwsV4HttpSignerTest.java b/core/http-auth-aws/src/test/java/software/amazon/awssdk/http/auth/aws/internal/signer/DefaultAwsV4HttpSignerTest.java
@@ -175,7 +175,7 @@ public void sign_WithChunkEncodingTrue_DelegatesToAwsChunkedPayloadSigner() {
 
         assertThat(signedRequest.request().firstMatchingHeader("x-amz-content-sha256"))
             .hasValue("STREAMING-AWS4-HMAC-SHA256-PAYLOAD");
-        Assertions.assertThat(signedRequest.request().firstMatchingHeader(Header.CONTENT_LENGTH)).hasValue("194");
+        Assertions.assertThat(signedRequest.request().firstMatchingHeader(Header.CONTENT_LENGTH)).hasValue("193");
         assertThat(signedRequest.request().firstMatchingHeader("x-amz-decoded-content-length")).hasValue("20");
     }
 
@@ -194,7 +194,7 @@ public void sign_WithChunkEncodingTrueAndChecksumAlgorithm_DelegatesToAwsChunked
 
         assertThat(signedRequest.request().firstMatchingHeader("x-amz-content-sha256"))
             .hasValue("STREAMING-AWS4-HMAC-SHA256-PAYLOAD-TRAILER");
-        Assertions.assertThat(signedRequest.request().firstMatchingHeader(Header.CONTENT_LENGTH)).hasValue("315");
+        Assertions.assertThat(signedRequest.request().firstMatchingHeader(Header.CONTENT_LENGTH)).hasValue("314");
         assertThat(signedRequest.request().firstMatchingHeader("x-amz-decoded-content-length")).hasValue("20");
         assertThat(signedRequest.request().firstMatchingHeader("x-amz-trailer")).hasValue("x-amz-checksum-crc32");
     }
@@ -215,7 +215,7 @@ public void sign_WithPayloadSigningFalseAndChunkEncodingTrueAndTrailer_Delegates
 
         assertThat(signedRequest.request().firstMatchingHeader("x-amz-content-sha256"))
             .hasValue("STREAMING-UNSIGNED-PAYLOAD-TRAILER");
-        Assertions.assertThat(signedRequest.request().firstMatchingHeader(Header.CONTENT_LENGTH)).hasValue("63");
+        Assertions.assertThat(signedRequest.request().firstMatchingHeader(Header.CONTENT_LENGTH)).hasValue("62");
         assertThat(signedRequest.request().firstMatchingHeader("x-amz-decoded-content-length")).hasValue("20");
         assertThat(signedRequest.request().firstMatchingHeader("x-amz-trailer")).hasValue("x-amz-checksum-crc32");
     }

Original file line number	Diff line number	Diff line change
`@@ -194,7 +194,7 @@ private long calculateChunksLength(long contentLength, long extensionsLength) {`
`194`	`194`	`long remainingBytes = contentLength % chunkSize;`
`195`	`195`	`if (remainingBytes > 0) {`
`196`	`196`	`long remainingChunkHeaderLength = Long.toHexString(remainingBytes).length();`
`197`		`- lengthInBytes += remainingChunkHeaderLength + 1 + extensionsLength + 2 + remainingBytes + 2;`
	`197`	`+ lengthInBytes += remainingChunkHeaderLength + extensionsLength + 2 + remainingBytes + 2;`
`198`	`198`	`}`
`199`	`199`
`200`	`200`	`// final chunk`