Coverage Report

Created: 2025-06-09 08:44

/src/gdal/curl/lib/http_aws_sigv4.c
Line
Count
Source (jump to first uncovered line)
1
/***************************************************************************
2
 *                                  _   _ ____  _
3
 *  Project                     ___| | | |  _ \| |
4
 *                             / __| | | | |_) | |
5
 *                            | (__| |_| |  _ <| |___
6
 *                             \___|\___/|_| \_\_____|
7
 *
8
 * Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
9
 *
10
 * This software is licensed as described in the file COPYING, which
11
 * you should have received as part of this distribution. The terms
12
 * are also available at https://curl.se/docs/copyright.html.
13
 *
14
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15
 * copies of the Software, and permit persons to whom the Software is
16
 * furnished to do so, under the terms of the COPYING file.
17
 *
18
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19
 * KIND, either express or implied.
20
 *
21
 * SPDX-License-Identifier: curl
22
 *
23
 ***************************************************************************/
24
25
#include "curl_setup.h"
26
27
#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_AWS)
28
29
#include "urldata.h"
30
#include "strcase.h"
31
#include "strdup.h"
32
#include "http_aws_sigv4.h"
33
#include "curl_sha256.h"
34
#include "transfer.h"
35
#include "parsedate.h"
36
#include "sendf.h"
37
#include "escape.h"
38
#include "curlx/strparse.h"
39
40
#include <time.h>
41
42
/* The last 3 #include files should be in this order */
43
#include "curl_printf.h"
44
#include "curl_memory.h"
45
#include "memdebug.h"
46
47
#include "slist.h"
48
49
#define HMAC_SHA256(k, kl, d, dl, o)                \
50
0
  do {                                              \
51
0
    result = Curl_hmacit(&Curl_HMAC_SHA256,         \
52
0
                         (const unsigned char *)k,  \
53
0
                         kl,                        \
54
0
                         (const unsigned char *)d,  \
55
0
                         dl, o);                    \
56
0
    if(result) {                                    \
57
0
      goto fail;                                    \
58
0
    }                                               \
59
0
  } while(0)
60
61
0
#define TIMESTAMP_SIZE 17
62
63
/* hex-encoded with trailing null */
64
0
#define SHA256_HEX_LENGTH (2 * CURL_SHA256_DIGEST_LENGTH + 1)
65
66
0
#define MAX_QUERY_COMPONENTS 128
67
68
struct pair {
69
  struct dynbuf key;
70
  struct dynbuf value;
71
};
72
73
static void dyn_array_free(struct dynbuf *db, size_t num_elements);
74
static void pair_array_free(struct pair *pair_array, size_t num_elements);
75
static CURLcode split_to_dyn_array(const char *source,
76
                                   struct dynbuf db[MAX_QUERY_COMPONENTS],
77
                                   size_t *num_splits);
78
static bool is_reserved_char(const char c);
79
static CURLcode uri_encode_path(struct Curl_str *original_path,
80
                                struct dynbuf *new_path);
81
static CURLcode encode_query_component(char *component, size_t len,
82
                                       struct dynbuf *db);
83
static CURLcode http_aws_decode_encode(const char *in, size_t in_len,
84
                                       struct dynbuf *out);
85
static bool should_urlencode(struct Curl_str *service_name);
86
87
static void sha256_to_hex(char *dst, unsigned char *sha)
88
0
{
89
0
  Curl_hexencode(sha, CURL_SHA256_DIGEST_LENGTH,
90
0
                 (unsigned char *)dst, SHA256_HEX_LENGTH);
91
0
}
92
93
static char *find_date_hdr(struct Curl_easy *data, const char *sig_hdr)
94
0
{
95
0
  char *tmp = Curl_checkheaders(data, sig_hdr, strlen(sig_hdr));
96
97
0
  if(tmp)
98
0
    return tmp;
99
0
  return Curl_checkheaders(data, STRCONST("Date"));
100
0
}
101
102
/* remove whitespace, and lowercase all headers */
103
static void trim_headers(struct curl_slist *head)
104
0
{
105
0
  struct curl_slist *l;
106
0
  for(l = head; l; l = l->next) {
107
0
    const char *value; /* to read from */
108
0
    char *store;
109
0
    size_t colon = strcspn(l->data, ":");
110
0
    Curl_strntolower(l->data, l->data, colon);
111
112
0
    value = &l->data[colon];
113
0
    if(!*value)
114
0
      continue;
115
0
    ++value;
116
0
    store = (char *)CURL_UNCONST(value);
117
118
    /* skip leading whitespace */
119
0
    curlx_str_passblanks(&value);
120
121
0
    while(*value) {
122
0
      int space = 0;
123
0
      while(ISBLANK(*value)) {
124
0
        value++;
125
0
        space++;
126
0
      }
127
0
      if(space) {
128
        /* replace any number of consecutive whitespace with a single space,
129
           unless at the end of the string, then nothing */
130
0
        if(*value)
131
0
          *store++ = ' ';
132
0
      }
133
0
      else
134
0
        *store++ = *value++;
135
0
    }
136
0
    *store = 0; /* null-terminate */
137
0
  }
138
0
}
139
140
/* maximum length for the aws sivg4 parts */
141
0
#define MAX_SIGV4_LEN 64
142
0
#define DATE_HDR_KEY_LEN (MAX_SIGV4_LEN + sizeof("X--Date"))
143
144
/* string been x-PROVIDER-date:TIMESTAMP, I need +1 for ':' */
145
0
#define DATE_FULL_HDR_LEN (DATE_HDR_KEY_LEN + TIMESTAMP_SIZE + 1)
146
147
/* alphabetically compare two headers by their name, expecting
148
   headers to use ':' at this point */
149
static int compare_header_names(const char *a, const char *b)
150
0
{
151
0
  const char *colon_a;
152
0
  const char *colon_b;
153
0
  size_t len_a;
154
0
  size_t len_b;
155
0
  size_t min_len;
156
0
  int cmp;
157
158
0
  colon_a = strchr(a, ':');
159
0
  colon_b = strchr(b, ':');
160
161
0
  DEBUGASSERT(colon_a);
162
0
  DEBUGASSERT(colon_b);
163
164
0
  len_a = colon_a ? (size_t)(colon_a - a) : strlen(a);
165
0
  len_b = colon_b ? (size_t)(colon_b - b) : strlen(b);
166
167
0
  min_len = (len_a < len_b) ? len_a : len_b;
168
169
0
  cmp = strncmp(a, b, min_len);
170
171
  /* return the shorter of the two if one is shorter */
172
0
  if(!cmp)
173
0
    return (int)(len_a - len_b);
174
175
0
  return cmp;
176
0
}
177
178
/* Merge duplicate header definitions by comma delimiting their values
179
   in the order defined the headers are defined, expecting headers to
180
   be alpha-sorted and use ':' at this point */
181
static CURLcode merge_duplicate_headers(struct curl_slist *head)
182
0
{
183
0
  struct curl_slist *curr = head;
184
0
  CURLcode result = CURLE_OK;
185
186
0
  while(curr) {
187
0
    struct curl_slist *next = curr->next;
188
0
    if(!next)
189
0
      break;
190
191
0
    if(compare_header_names(curr->data, next->data) == 0) {
192
0
      struct dynbuf buf;
193
0
      char *colon_next;
194
0
      char *val_next;
195
196
0
      curlx_dyn_init(&buf, CURL_MAX_HTTP_HEADER);
197
198
0
      result = curlx_dyn_add(&buf, curr->data);
199
0
      if(result)
200
0
        return result;
201
202
0
      colon_next = strchr(next->data, ':');
203
0
      DEBUGASSERT(colon_next);
204
0
      val_next = colon_next + 1;
205
206
0
      result = curlx_dyn_addn(&buf, ",", 1);
207
0
      if(result)
208
0
        return result;
209
210
0
      result = curlx_dyn_add(&buf, val_next);
211
0
      if(result)
212
0
        return result;
213
214
0
      free(curr->data);
215
0
      curr->data = curlx_dyn_ptr(&buf);
216
217
0
      curr->next = next->next;
218
0
      free(next->data);
219
0
      free(next);
220
0
    }
221
0
    else {
222
0
      curr = curr->next;
223
0
    }
224
0
  }
225
226
0
  return CURLE_OK;
227
0
}
228
229
/* timestamp should point to a buffer of at last TIMESTAMP_SIZE bytes */
230
static CURLcode make_headers(struct Curl_easy *data,
231
                             const char *hostname,
232
                             char *timestamp,
233
                             const char *provider1,
234
                             size_t plen, /* length of provider1 */
235
                             char **date_header,
236
                             char *content_sha256_header,
237
                             struct dynbuf *canonical_headers,
238
                             struct dynbuf *signed_headers)
239
0
{
240
0
  char date_hdr_key[DATE_HDR_KEY_LEN];
241
0
  char date_full_hdr[DATE_FULL_HDR_LEN];
242
0
  struct curl_slist *head = NULL;
243
0
  struct curl_slist *tmp_head = NULL;
244
0
  CURLcode ret = CURLE_OUT_OF_MEMORY;
245
0
  struct curl_slist *l;
246
0
  bool again = TRUE;
247
248
0
  msnprintf(date_hdr_key, DATE_HDR_KEY_LEN, "X-%.*s-Date",
249
0
            (int)plen, provider1);
250
  /* provider1 ucfirst */
251
0
  Curl_strntolower(&date_hdr_key[2], provider1, plen);
252
0
  date_hdr_key[2] = Curl_raw_toupper(provider1[0]);
253
254
0
  msnprintf(date_full_hdr, DATE_FULL_HDR_LEN,
255
0
            "x-%.*s-date:%s", (int)plen, provider1, timestamp);
256
  /* provider1 lowercase */
257
0
  Curl_strntolower(&date_full_hdr[2], provider1, plen);
258
259
0
  if(!Curl_checkheaders(data, STRCONST("Host"))) {
260
0
    char *fullhost;
261
262
0
    if(data->state.aptr.host) {
263
      /* remove /r/n as the separator for canonical request must be '\n' */
264
0
      size_t pos = strcspn(data->state.aptr.host, "\n\r");
265
0
      fullhost = Curl_memdup0(data->state.aptr.host, pos);
266
0
    }
267
0
    else
268
0
      fullhost = aprintf("host:%s", hostname);
269
270
0
    if(fullhost)
271
0
      head = Curl_slist_append_nodup(NULL, fullhost);
272
0
    if(!head) {
273
0
      free(fullhost);
274
0
      goto fail;
275
0
    }
276
0
  }
277
278
279
0
  if(*content_sha256_header) {
280
0
    tmp_head = curl_slist_append(head, content_sha256_header);
281
0
    if(!tmp_head)
282
0
      goto fail;
283
0
    head = tmp_head;
284
0
  }
285
286
  /* copy user headers to our header list. the logic is based on how http.c
287
     handles user headers.
288
289
     user headers in format 'name:' with no value are used to signal that an
290
     internal header of that name should be removed. those user headers are not
291
     added to this list.
292
293
     user headers in format 'name;' with no value are used to signal that a
294
     header of that name with no value should be sent. those user headers are
295
     added to this list but in the format that they will be sent, ie the
296
     semi-colon is changed to a colon for format 'name:'.
297
298
     user headers with a value of whitespace only, or without a colon or
299
     semi-colon, are not added to this list.
300
     */
301
0
  for(l = data->set.headers; l; l = l->next) {
302
0
    char *dupdata, *ptr;
303
0
    char *sep = strchr(l->data, ':');
304
0
    if(!sep)
305
0
      sep = strchr(l->data, ';');
306
0
    if(!sep || (*sep == ':' && !*(sep + 1)))
307
0
      continue;
308
0
    for(ptr = sep + 1; ISBLANK(*ptr); ++ptr)
309
0
      ;
310
0
    if(!*ptr && ptr != sep + 1) /* a value of whitespace only */
311
0
      continue;
312
0
    dupdata = strdup(l->data);
313
0
    if(!dupdata)
314
0
      goto fail;
315
0
    dupdata[sep - l->data] = ':';
316
0
    tmp_head = Curl_slist_append_nodup(head, dupdata);
317
0
    if(!tmp_head) {
318
0
      free(dupdata);
319
0
      goto fail;
320
0
    }
321
0
    head = tmp_head;
322
0
  }
323
324
0
  trim_headers(head);
325
326
0
  *date_header = find_date_hdr(data, date_hdr_key);
327
0
  if(!*date_header) {
328
0
    tmp_head = curl_slist_append(head, date_full_hdr);
329
0
    if(!tmp_head)
330
0
      goto fail;
331
0
    head = tmp_head;
332
0
    *date_header = aprintf("%s: %s\r\n", date_hdr_key, timestamp);
333
0
  }
334
0
  else {
335
0
    const char *value;
336
0
    const char *endp;
337
0
    value = strchr(*date_header, ':');
338
0
    if(!value) {
339
0
      *date_header = NULL;
340
0
      goto fail;
341
0
    }
342
0
    ++value;
343
0
    curlx_str_passblanks(&value);
344
0
    endp = value;
345
0
    while(*endp && ISALNUM(*endp))
346
0
      ++endp;
347
    /* 16 bytes => "19700101T000000Z" */
348
0
    if((endp - value) == TIMESTAMP_SIZE - 1) {
349
0
      memcpy(timestamp, value, TIMESTAMP_SIZE - 1);
350
0
      timestamp[TIMESTAMP_SIZE - 1] = 0;
351
0
    }
352
0
    else
353
      /* bad timestamp length */
354
0
      timestamp[0] = 0;
355
0
    *date_header = NULL;
356
0
  }
357
358
  /* alpha-sort by header name in a case sensitive manner */
359
0
  do {
360
0
    again = FALSE;
361
0
    for(l = head; l; l = l->next) {
362
0
      struct curl_slist *next = l->next;
363
364
0
      if(next && compare_header_names(l->data, next->data) > 0) {
365
0
        char *tmp = l->data;
366
367
0
        l->data = next->data;
368
0
        next->data = tmp;
369
0
        again = TRUE;
370
0
      }
371
0
    }
372
0
  } while(again);
373
374
0
  ret = merge_duplicate_headers(head);
375
0
  if(ret)
376
0
    goto fail;
377
378
0
  for(l = head; l; l = l->next) {
379
0
    char *tmp;
380
381
0
    if(curlx_dyn_add(canonical_headers, l->data))
382
0
      goto fail;
383
0
    if(curlx_dyn_add(canonical_headers, "\n"))
384
0
      goto fail;
385
386
0
    tmp = strchr(l->data, ':');
387
0
    if(tmp)
388
0
      *tmp = 0;
389
390
0
    if(l != head) {
391
0
      if(curlx_dyn_add(signed_headers, ";"))
392
0
        goto fail;
393
0
    }
394
0
    if(curlx_dyn_add(signed_headers, l->data))
395
0
      goto fail;
396
0
  }
397
398
0
  ret = CURLE_OK;
399
0
fail:
400
0
  curl_slist_free_all(head);
401
402
0
  return ret;
403
0
}
404
405
0
#define CONTENT_SHA256_KEY_LEN (MAX_SIGV4_LEN + sizeof("X--Content-Sha256"))
406
/* add 2 for ": " between header name and value */
407
0
#define CONTENT_SHA256_HDR_LEN (CONTENT_SHA256_KEY_LEN + 2 + \
408
0
                                SHA256_HEX_LENGTH)
409
410
/* try to parse a payload hash from the content-sha256 header */
411
static const char *parse_content_sha_hdr(struct Curl_easy *data,
412
                                         const char *provider1,
413
                                         size_t plen,
414
0
                                         size_t *value_len) {
415
0
  char key[CONTENT_SHA256_KEY_LEN];
416
0
  size_t key_len;
417
0
  const char *value;
418
0
  size_t len;
419
420
0
  key_len = msnprintf(key, sizeof(key), "x-%.*s-content-sha256",
421
0
                      (int)plen, provider1);
422
423
0
  value = Curl_checkheaders(data, key, key_len);
424
0
  if(!value)
425
0
    return NULL;
426
427
0
  value = strchr(value, ':');
428
0
  if(!value)
429
0
    return NULL;
430
0
  ++value;
431
432
0
  curlx_str_passblanks(&value);
433
434
0
  len = strlen(value);
435
0
  while(len > 0 && ISBLANK(value[len-1]))
436
0
    --len;
437
438
0
  *value_len = len;
439
0
  return value;
440
0
}
441
442
static CURLcode calc_payload_hash(struct Curl_easy *data,
443
                                  unsigned char *sha_hash, char *sha_hex)
444
0
{
445
0
  const char *post_data = data->set.postfields;
446
0
  size_t post_data_len = 0;
447
0
  CURLcode result;
448
449
0
  if(post_data) {
450
0
    if(data->set.postfieldsize < 0)
451
0
      post_data_len = strlen(post_data);
452
0
    else
453
0
      post_data_len = (size_t)data->set.postfieldsize;
454
0
  }
455
0
  result = Curl_sha256it(sha_hash, (const unsigned char *) post_data,
456
0
                         post_data_len);
457
0
  if(!result)
458
0
    sha256_to_hex(sha_hex, sha_hash);
459
0
  return result;
460
0
}
461
462
0
#define S3_UNSIGNED_PAYLOAD "UNSIGNED-PAYLOAD"
463
464
static CURLcode calc_s3_payload_hash(struct Curl_easy *data,
465
                                     Curl_HttpReq httpreq,
466
                                     const char *provider1,
467
                                     size_t plen,
468
                                     unsigned char *sha_hash,
469
                                     char *sha_hex, char *header)
470
0
{
471
0
  bool empty_method = (httpreq == HTTPREQ_GET || httpreq == HTTPREQ_HEAD);
472
  /* The request method or filesize indicate no request payload */
473
0
  bool empty_payload = (empty_method || data->set.filesize == 0);
474
  /* The POST payload is in memory */
475
0
  bool post_payload = (httpreq == HTTPREQ_POST && data->set.postfields);
476
0
  CURLcode ret = CURLE_OUT_OF_MEMORY;
477
478
0
  if(empty_payload || post_payload) {
479
    /* Calculate a real hash when we know the request payload */
480
0
    ret = calc_payload_hash(data, sha_hash, sha_hex);
481
0
    if(ret)
482
0
      goto fail;
483
0
  }
484
0
  else {
485
    /* Fall back to s3's UNSIGNED-PAYLOAD */
486
0
    size_t len = sizeof(S3_UNSIGNED_PAYLOAD) - 1;
487
0
    DEBUGASSERT(len < SHA256_HEX_LENGTH); /* 16 < 65 */
488
0
    memcpy(sha_hex, S3_UNSIGNED_PAYLOAD, len);
489
0
    sha_hex[len] = 0;
490
0
  }
491
492
  /* format the required content-sha256 header */
493
0
  msnprintf(header, CONTENT_SHA256_HDR_LEN,
494
0
            "x-%.*s-content-sha256: %s", (int)plen, provider1, sha_hex);
495
496
0
  ret = CURLE_OK;
497
0
fail:
498
0
  return ret;
499
0
}
500
501
static int compare_func(const void *a, const void *b)
502
0
{
503
504
0
  const struct pair *aa = a;
505
0
  const struct pair *bb = b;
506
0
  const size_t aa_key_len = curlx_dyn_len(&aa->key);
507
0
  const size_t bb_key_len = curlx_dyn_len(&bb->key);
508
0
  const size_t aa_value_len = curlx_dyn_len(&aa->value);
509
0
  const size_t bb_value_len = curlx_dyn_len(&bb->value);
510
0
  int compare;
511
512
  /* If one element is empty, the other is always sorted higher */
513
514
  /* Compare keys */
515
0
  if((aa_key_len == 0) && (bb_key_len == 0))
516
0
    return 0;
517
0
  if(aa_key_len == 0)
518
0
    return -1;
519
0
  if(bb_key_len == 0)
520
0
    return 1;
521
0
  compare = strcmp(curlx_dyn_ptr(&aa->key), curlx_dyn_ptr(&bb->key));
522
0
  if(compare) {
523
0
    return compare;
524
0
  }
525
526
  /* Compare values */
527
0
  if((aa_value_len == 0) && (bb_value_len == 0))
528
0
    return 0;
529
0
  if(aa_value_len == 0)
530
0
    return -1;
531
0
  if(bb_value_len == 0)
532
0
    return 1;
533
0
  compare = strcmp(curlx_dyn_ptr(&aa->value), curlx_dyn_ptr(&bb->value));
534
535
0
  return compare;
536
537
0
}
538
539
UNITTEST CURLcode canon_path(const char *q, size_t len,
540
                              struct dynbuf *new_path,
541
                              bool do_uri_encode)
542
0
{
543
0
  CURLcode result = CURLE_OK;
544
545
0
  struct Curl_str original_path;
546
547
0
  curlx_str_assign(&original_path, q, len);
548
549
  /* Normalized path will be either the same or shorter than the original
550
   * path, plus trailing slash */
551
552
0
  if(do_uri_encode)
553
0
    result = uri_encode_path(&original_path, new_path);
554
0
  else
555
0
    result = curlx_dyn_addn(new_path, q, len);
556
557
0
  if(!result) {
558
0
    if(curlx_dyn_len(new_path) == 0)
559
0
      result = curlx_dyn_add(new_path, "/");
560
0
  }
561
562
0
  return result;
563
0
}
564
565
UNITTEST CURLcode canon_query(const char *query, struct dynbuf *dq)
566
0
{
567
0
  CURLcode result = CURLE_OK;
568
569
0
  struct dynbuf query_array[MAX_QUERY_COMPONENTS];
570
0
  struct pair encoded_query_array[MAX_QUERY_COMPONENTS];
571
0
  size_t num_query_components;
572
0
  size_t counted_query_components = 0;
573
0
  size_t index;
574
575
0
  if(!query)
576
0
    return result;
577
578
0
  result = split_to_dyn_array(query, &query_array[0],
579
0
                              &num_query_components);
580
0
  if(result) {
581
0
    goto fail;
582
0
  }
583
584
  /* Create list of pairs, each pair containing an encoded query
585
    * component */
586
587
0
  for(index = 0; index < num_query_components; index++) {
588
0
    const char *in_key;
589
0
    size_t in_key_len;
590
0
    char *offset;
591
0
    size_t query_part_len = curlx_dyn_len(&query_array[index]);
592
0
    char *query_part = curlx_dyn_ptr(&query_array[index]);
593
594
0
    in_key = query_part;
595
596
0
    offset = strchr(query_part, '=');
597
    /* If there is no equals, this key has no value */
598
0
    if(!offset) {
599
0
      in_key_len = strlen(in_key);
600
0
    }
601
0
    else {
602
0
      in_key_len = offset - in_key;
603
0
    }
604
605
0
    curlx_dyn_init(&encoded_query_array[index].key, query_part_len*3 + 1);
606
0
    curlx_dyn_init(&encoded_query_array[index].value, query_part_len*3 + 1);
607
0
    counted_query_components++;
608
609
    /* Decode/encode the key */
610
0
    result = http_aws_decode_encode(in_key, in_key_len,
611
0
                                    &encoded_query_array[index].key);
612
0
    if(result) {
613
0
      goto fail;
614
0
    }
615
616
    /* Decode/encode the value if it exists */
617
0
    if(offset && offset != (query_part + query_part_len - 1)) {
618
0
      size_t in_value_len;
619
0
      const char *in_value = offset + 1;
620
0
      in_value_len = query_part + query_part_len - (offset + 1);
621
0
      result = http_aws_decode_encode(in_value, in_value_len,
622
0
                                      &encoded_query_array[index].value);
623
0
      if(result) {
624
0
        goto fail;
625
0
      }
626
0
    }
627
0
    else {
628
      /* If there is no value, the value is an empty string */
629
0
      curlx_dyn_init(&encoded_query_array[index].value, 2);
630
0
      result = curlx_dyn_addn(&encoded_query_array[index].value, "", 1);
631
0
    }
632
633
0
    if(result) {
634
0
      goto fail;
635
0
    }
636
0
  }
637
638
  /* Sort the encoded query components by key and value */
639
0
  qsort(&encoded_query_array, num_query_components,
640
0
        sizeof(struct pair), compare_func);
641
642
  /* Append the query components together to make a full query string */
643
0
  for(index = 0; index < num_query_components; index++) {
644
645
0
    if(index)
646
0
      result = curlx_dyn_addn(dq, "&", 1);
647
0
    if(!result) {
648
0
      char *key_ptr = curlx_dyn_ptr(&encoded_query_array[index].key);
649
0
      char *value_ptr = curlx_dyn_ptr(&encoded_query_array[index].value);
650
0
      size_t vlen = curlx_dyn_len(&encoded_query_array[index].value);
651
0
      if(value_ptr && vlen) {
652
0
        result = curlx_dyn_addf(dq, "%s=%s", key_ptr, value_ptr);
653
0
      }
654
0
      else {
655
        /* Empty value is always encoded to key= */
656
0
        result = curlx_dyn_addf(dq, "%s=", key_ptr);
657
0
      }
658
0
    }
659
0
    if(result)
660
0
      break;
661
0
  }
662
663
0
fail:
664
0
  if(counted_query_components)
665
    /* the encoded_query_array might not be initialized yet */
666
0
    pair_array_free(&encoded_query_array[0], counted_query_components);
667
0
  dyn_array_free(&query_array[0], num_query_components);
668
0
  return result;
669
0
}
670
671
CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)
672
0
{
673
0
  CURLcode result = CURLE_OUT_OF_MEMORY;
674
0
  struct connectdata *conn = data->conn;
675
0
  const char *line;
676
0
  struct Curl_str provider0;
677
0
  struct Curl_str provider1;
678
0
  struct Curl_str region = { NULL, 0};
679
0
  struct Curl_str service = { NULL, 0};
680
0
  const char *hostname = conn->host.name;
681
0
  time_t clock;
682
0
  struct tm tm;
683
0
  char timestamp[TIMESTAMP_SIZE];
684
0
  char date[9];
685
0
  struct dynbuf canonical_headers;
686
0
  struct dynbuf signed_headers;
687
0
  struct dynbuf canonical_query;
688
0
  struct dynbuf canonical_path;
689
0
  char *date_header = NULL;
690
0
  Curl_HttpReq httpreq;
691
0
  const char *method = NULL;
692
0
  const char *payload_hash = NULL;
693
0
  size_t payload_hash_len = 0;
694
0
  unsigned char sha_hash[CURL_SHA256_DIGEST_LENGTH];
695
0
  char sha_hex[SHA256_HEX_LENGTH];
696
0
  char content_sha256_hdr[CONTENT_SHA256_HDR_LEN + 2] = ""; /* add \r\n */
697
0
  char *canonical_request = NULL;
698
0
  char *request_type = NULL;
699
0
  char *credential_scope = NULL;
700
0
  char *str_to_sign = NULL;
701
0
  const char *user = data->state.aptr.user ? data->state.aptr.user : "";
702
0
  char *secret = NULL;
703
0
  unsigned char sign0[CURL_SHA256_DIGEST_LENGTH] = {0};
704
0
  unsigned char sign1[CURL_SHA256_DIGEST_LENGTH] = {0};
705
0
  char *auth_headers = NULL;
706
707
0
  if(data->set.path_as_is) {
708
0
    failf(data, "Cannot use sigv4 authentication with path-as-is flag");
709
0
    return CURLE_BAD_FUNCTION_ARGUMENT;
710
0
  }
711
712
0
  if(Curl_checkheaders(data, STRCONST("Authorization"))) {
713
    /* Authorization already present, Bailing out */
714
0
    return CURLE_OK;
715
0
  }
716
717
  /* we init those buffers here, so goto fail will free initialized dynbuf */
718
0
  curlx_dyn_init(&canonical_headers, CURL_MAX_HTTP_HEADER);
719
0
  curlx_dyn_init(&canonical_query, CURL_MAX_HTTP_HEADER);
720
0
  curlx_dyn_init(&signed_headers, CURL_MAX_HTTP_HEADER);
721
0
  curlx_dyn_init(&canonical_path, CURL_MAX_HTTP_HEADER);
722
723
  /*
724
   * Parameters parsing
725
   * Google and Outscale use the same OSC or GOOG,
726
   * but Amazon uses AWS and AMZ for header arguments.
727
   * AWS is the default because most of non-amazon providers
728
   * are still using aws:amz as a prefix.
729
   */
730
0
  line = data->set.str[STRING_AWS_SIGV4];
731
0
  if(!line || !*line)
732
0
    line = "aws:amz";
733
734
  /* provider0[:provider1[:region[:service]]]
735
736
     No string can be longer than N bytes of non-whitespace
737
  */
738
0
  if(curlx_str_until(&line, &provider0, MAX_SIGV4_LEN, ':')) {
739
0
    failf(data, "first aws-sigv4 provider cannot be empty");
740
0
    result = CURLE_BAD_FUNCTION_ARGUMENT;
741
0
    goto fail;
742
0
  }
743
0
  if(curlx_str_single(&line, ':') ||
744
0
     curlx_str_until(&line, &provider1, MAX_SIGV4_LEN, ':')) {
745
0
    provider1 = provider0;
746
0
  }
747
0
  else if(curlx_str_single(&line, ':') ||
748
0
          curlx_str_until(&line, &region, MAX_SIGV4_LEN, ':') ||
749
0
          curlx_str_single(&line, ':') ||
750
0
          curlx_str_until(&line, &service, MAX_SIGV4_LEN, ':')) {
751
    /* nothing to do */
752
0
  }
753
754
0
  if(!curlx_strlen(&service)) {
755
0
    const char *p = hostname;
756
0
    if(curlx_str_until(&p, &service, MAX_SIGV4_LEN, '.') ||
757
0
       curlx_str_single(&p, '.')) {
758
0
      failf(data, "aws-sigv4: service missing in parameters and hostname");
759
0
      result = CURLE_URL_MALFORMAT;
760
0
      goto fail;
761
0
    }
762
763
0
    infof(data, "aws_sigv4: picked service %.*s from host",
764
0
          (int)curlx_strlen(&service), curlx_str(&service));
765
766
0
    if(!curlx_strlen(&region)) {
767
0
      if(curlx_str_until(&p, &region, MAX_SIGV4_LEN, '.') ||
768
0
         curlx_str_single(&p, '.')) {
769
0
        failf(data, "aws-sigv4: region missing in parameters and hostname");
770
0
        result = CURLE_URL_MALFORMAT;
771
0
        goto fail;
772
0
      }
773
0
      infof(data, "aws_sigv4: picked region %.*s from host",
774
0
            (int)curlx_strlen(&region), curlx_str(&region));
775
0
    }
776
0
  }
777
778
0
  Curl_http_method(data, conn, &method, &httpreq);
779
780
0
  payload_hash =
781
0
    parse_content_sha_hdr(data, curlx_str(&provider1),
782
0
                          curlx_strlen(&provider1), &payload_hash_len);
783
784
0
  if(!payload_hash) {
785
    /* AWS S3 requires a x-amz-content-sha256 header, and supports special
786
     * values like UNSIGNED-PAYLOAD */
787
0
    bool sign_as_s3 = curlx_str_casecompare(&provider0, "aws") &&
788
0
      curlx_str_casecompare(&service, "s3");
789
790
0
    if(sign_as_s3)
791
0
      result = calc_s3_payload_hash(data, httpreq, curlx_str(&provider1),
792
0
                                    curlx_strlen(&provider1), sha_hash,
793
0
                                    sha_hex, content_sha256_hdr);
794
0
    else
795
0
      result = calc_payload_hash(data, sha_hash, sha_hex);
796
0
    if(result)
797
0
      goto fail;
798
799
0
    payload_hash = sha_hex;
800
    /* may be shorter than SHA256_HEX_LENGTH, like S3_UNSIGNED_PAYLOAD */
801
0
    payload_hash_len = strlen(sha_hex);
802
0
  }
803
804
#ifdef DEBUGBUILD
805
  {
806
    char *force_timestamp = getenv("CURL_FORCETIME");
807
    if(force_timestamp)
808
      clock = 0;
809
    else
810
      clock = time(NULL);
811
  }
812
#else
813
0
  clock = time(NULL);
814
0
#endif
815
0
  result = Curl_gmtime(clock, &tm);
816
0
  if(result) {
817
0
    goto fail;
818
0
  }
819
0
  if(!strftime(timestamp, sizeof(timestamp), "%Y%m%dT%H%M%SZ", &tm)) {
820
0
    result = CURLE_OUT_OF_MEMORY;
821
0
    goto fail;
822
0
  }
823
824
0
  result = make_headers(data, hostname, timestamp,
825
0
                        curlx_str(&provider1), curlx_strlen(&provider1),
826
0
                        &date_header, content_sha256_hdr,
827
0
                        &canonical_headers, &signed_headers);
828
0
  if(result)
829
0
    goto fail;
830
831
0
  if(*content_sha256_hdr) {
832
    /* make_headers() needed this without the \r\n for canonicalization */
833
0
    size_t hdrlen = strlen(content_sha256_hdr);
834
0
    DEBUGASSERT(hdrlen + 3 < sizeof(content_sha256_hdr));
835
0
    memcpy(content_sha256_hdr + hdrlen, "\r\n", 3);
836
0
  }
837
838
0
  memcpy(date, timestamp, sizeof(date));
839
0
  date[sizeof(date) - 1] = 0;
840
841
0
  result = canon_query(data->state.up.query, &canonical_query);
842
0
  if(result)
843
0
    goto fail;
844
845
0
  result = canon_path(data->state.up.path, strlen(data->state.up.path),
846
0
                        &canonical_path,
847
0
                        should_urlencode(&service));
848
0
  if(result)
849
0
    goto fail;
850
0
  result = CURLE_OUT_OF_MEMORY;
851
852
0
  canonical_request =
853
0
    aprintf("%s\n" /* HTTPRequestMethod */
854
0
            "%s\n" /* CanonicalURI */
855
0
            "%s\n" /* CanonicalQueryString */
856
0
            "%s\n" /* CanonicalHeaders */
857
0
            "%s\n" /* SignedHeaders */
858
0
            "%.*s",  /* HashedRequestPayload in hex */
859
0
            method,
860
0
            curlx_dyn_ptr(&canonical_path),
861
0
            curlx_dyn_ptr(&canonical_query) ?
862
0
            curlx_dyn_ptr(&canonical_query) : "",
863
0
            curlx_dyn_ptr(&canonical_headers),
864
0
            curlx_dyn_ptr(&signed_headers),
865
0
            (int)payload_hash_len, payload_hash);
866
0
  if(!canonical_request)
867
0
    goto fail;
868
869
0
  infof(data, "aws_sigv4: Canonical request (enclosed in []) - [%s]",
870
0
    canonical_request);
871
872
0
  request_type = aprintf("%.*s4_request",
873
0
                         (int)curlx_strlen(&provider0), curlx_str(&provider0));
874
0
  if(!request_type)
875
0
    goto fail;
876
877
  /* provider0 is lowercased *after* aprintf() so that the buffer can be
878
     written to */
879
0
  Curl_strntolower(request_type, request_type, curlx_strlen(&provider0));
880
881
0
  credential_scope = aprintf("%s/%.*s/%.*s/%s", date,
882
0
                             (int)curlx_strlen(&region), curlx_str(&region),
883
0
                             (int)curlx_strlen(&service), curlx_str(&service),
884
0
                             request_type);
885
0
  if(!credential_scope)
886
0
    goto fail;
887
888
0
  if(Curl_sha256it(sha_hash, (unsigned char *) canonical_request,
889
0
                   strlen(canonical_request)))
890
0
    goto fail;
891
892
0
  sha256_to_hex(sha_hex, sha_hash);
893
894
  /*
895
   * Google allows using RSA key instead of HMAC, so this code might change
896
   * in the future. For now we only support HMAC.
897
   */
898
0
  str_to_sign = aprintf("%.*s4-HMAC-SHA256\n" /* Algorithm */
899
0
                        "%s\n" /* RequestDateTime */
900
0
                        "%s\n" /* CredentialScope */
901
0
                        "%s",  /* HashedCanonicalRequest in hex */
902
0
                        (int)curlx_strlen(&provider0), curlx_str(&provider0),
903
0
                        timestamp,
904
0
                        credential_scope,
905
0
                        sha_hex);
906
0
  if(!str_to_sign)
907
0
    goto fail;
908
909
  /* make provider0 part done uppercase */
910
0
  Curl_strntoupper(str_to_sign, curlx_str(&provider0),
911
0
                   curlx_strlen(&provider0));
912
913
0
  infof(data, "aws_sigv4: String to sign (enclosed in []) - [%s]",
914
0
    str_to_sign);
915
916
0
  secret = aprintf("%.*s4%s", (int)curlx_strlen(&provider0),
917
0
                   curlx_str(&provider0), data->state.aptr.passwd ?
918
0
                   data->state.aptr.passwd : "");
919
0
  if(!secret)
920
0
    goto fail;
921
  /* make provider0 part done uppercase */
922
0
  Curl_strntoupper(secret, curlx_str(&provider0), curlx_strlen(&provider0));
923
924
0
  HMAC_SHA256(secret, strlen(secret), date, strlen(date), sign0);
925
0
  HMAC_SHA256(sign0, sizeof(sign0),
926
0
              curlx_str(&region), curlx_strlen(&region), sign1);
927
0
  HMAC_SHA256(sign1, sizeof(sign1),
928
0
              curlx_str(&service), curlx_strlen(&service), sign0);
929
0
  HMAC_SHA256(sign0, sizeof(sign0), request_type, strlen(request_type), sign1);
930
0
  HMAC_SHA256(sign1, sizeof(sign1), str_to_sign, strlen(str_to_sign), sign0);
931
932
0
  sha256_to_hex(sha_hex, sign0);
933
934
0
  infof(data, "aws_sigv4: Signature - %s", sha_hex);
935
936
0
  auth_headers = aprintf("Authorization: %.*s4-HMAC-SHA256 "
937
0
                         "Credential=%s/%s, "
938
0
                         "SignedHeaders=%s, "
939
0
                         "Signature=%s\r\n"
940
                         /*
941
                          * date_header is added here, only if it was not
942
                          * user-specified (using CURLOPT_HTTPHEADER).
943
                          * date_header includes \r\n
944
                          */
945
0
                         "%s"
946
0
                         "%s", /* optional sha256 header includes \r\n */
947
0
                         (int)curlx_strlen(&provider0), curlx_str(&provider0),
948
0
                         user,
949
0
                         credential_scope,
950
0
                         curlx_dyn_ptr(&signed_headers),
951
0
                         sha_hex,
952
0
                         date_header ? date_header : "",
953
0
                         content_sha256_hdr);
954
0
  if(!auth_headers) {
955
0
    goto fail;
956
0
  }
957
  /* provider 0 uppercase */
958
0
  Curl_strntoupper(&auth_headers[sizeof("Authorization: ") - 1],
959
0
                   curlx_str(&provider0), curlx_strlen(&provider0));
960
961
0
  free(data->state.aptr.userpwd);
962
0
  data->state.aptr.userpwd = auth_headers;
963
0
  data->state.authhost.done = TRUE;
964
0
  result = CURLE_OK;
965
966
0
fail:
967
0
  curlx_dyn_free(&canonical_query);
968
0
  curlx_dyn_free(&canonical_path);
969
0
  curlx_dyn_free(&canonical_headers);
970
0
  curlx_dyn_free(&signed_headers);
971
0
  free(canonical_request);
972
0
  free(request_type);
973
0
  free(credential_scope);
974
0
  free(str_to_sign);
975
0
  free(secret);
976
0
  free(date_header);
977
0
  return result;
978
0
}
979
980
/*
981
* Frees all allocated strings in a dynbuf pair array, and the dynbuf itself
982
*/
983
984
static void pair_array_free(struct pair *pair_array, size_t num_elements)
985
0
{
986
0
  size_t index;
987
988
0
  for(index = 0; index != num_elements; index++) {
989
0
    curlx_dyn_free(&pair_array[index].key);
990
0
    curlx_dyn_free(&pair_array[index].value);
991
0
  }
992
993
0
}
994
995
/*
996
* Frees all allocated strings in a split dynbuf, and the dynbuf itself
997
*/
998
999
static void dyn_array_free(struct dynbuf *db, size_t num_elements)
1000
0
{
1001
0
  size_t index;
1002
1003
0
  for(index = 0; index < num_elements; index++)
1004
0
    curlx_dyn_free((&db[index]));
1005
0
}
1006
1007
/*
1008
* Splits source string by SPLIT_BY, and creates an array of dynbuf in db.
1009
* db is initialized by this function.
1010
* Caller is responsible for freeing the array elements with dyn_array_free
1011
*/
1012
1013
0
#define SPLIT_BY '&'
1014
1015
static CURLcode split_to_dyn_array(const char *source,
1016
                                   struct dynbuf db[MAX_QUERY_COMPONENTS],
1017
                                   size_t *num_splits_out)
1018
0
{
1019
0
  CURLcode result = CURLE_OK;
1020
0
  size_t len = strlen(source);
1021
0
  size_t pos;         /* Position in result buffer */
1022
0
  size_t start = 0;   /* Start of current segment */
1023
0
  size_t segment_length = 0;
1024
0
  size_t index = 0;
1025
0
  size_t num_splits = 0;
1026
1027
  /* Split source_ptr on SPLIT_BY and store the segment offsets and length in
1028
   * array */
1029
0
  for(pos = 0; pos < len; pos++) {
1030
0
    if(source[pos] == SPLIT_BY) {
1031
0
      if(segment_length) {
1032
0
        curlx_dyn_init(&db[index], segment_length + 1);
1033
0
        result = curlx_dyn_addn(&db[index], &source[start],
1034
0
                                segment_length);
1035
0
        if(result)
1036
0
          goto fail;
1037
1038
0
        segment_length = 0;
1039
0
        index++;
1040
0
        if(++num_splits == MAX_QUERY_COMPONENTS) {
1041
0
          result = CURLE_TOO_LARGE;
1042
0
          goto fail;
1043
0
        }
1044
0
      }
1045
0
      start = pos + 1;
1046
0
    }
1047
0
    else {
1048
0
      segment_length++;
1049
0
    }
1050
0
  }
1051
1052
0
  if(segment_length) {
1053
0
    curlx_dyn_init(&db[index], segment_length + 1);
1054
0
    result = curlx_dyn_addn(&db[index], &source[start], segment_length);
1055
0
    if(!result) {
1056
0
      if(++num_splits == MAX_QUERY_COMPONENTS)
1057
0
        result = CURLE_TOO_LARGE;
1058
0
    }
1059
0
  }
1060
0
fail:
1061
0
  *num_splits_out = num_splits;
1062
0
  return result;
1063
0
}
1064
1065
1066
static bool is_reserved_char(const char c)
1067
0
{
1068
0
  return (ISALNUM(c) || ISURLPUNTCS(c));
1069
0
}
1070
1071
static CURLcode uri_encode_path(struct Curl_str *original_path,
1072
                                struct dynbuf *new_path)
1073
0
{
1074
0
  const char *p = curlx_str(original_path);
1075
0
  size_t i;
1076
1077
0
  for(i = 0; i < curlx_strlen(original_path); i++) {
1078
    /* Do not encode slashes or unreserved chars from RFC 3986 */
1079
0
    CURLcode result = CURLE_OK;
1080
0
    unsigned char c = p[i];
1081
0
    if(is_reserved_char(c) || c == '/')
1082
0
      result = curlx_dyn_addn(new_path, &c, 1);
1083
0
    else
1084
0
      result = curlx_dyn_addf(new_path, "%%%02X", c);
1085
0
    if(result)
1086
0
      return result;
1087
0
  }
1088
1089
0
  return CURLE_OK;
1090
0
}
1091
1092
1093
static CURLcode encode_query_component(char *component, size_t len,
1094
                                       struct dynbuf *db)
1095
0
{
1096
0
  size_t i;
1097
0
  for(i = 0; i < len; i++) {
1098
0
    CURLcode result = CURLE_OK;
1099
0
    unsigned char this_char = component[i];
1100
1101
0
    if(is_reserved_char(this_char))
1102
      /* Escape unreserved chars from RFC 3986 */
1103
0
      result = curlx_dyn_addn(db, &this_char, 1);
1104
0
    else if(this_char == '+')
1105
      /* Encode '+' as space */
1106
0
      result = curlx_dyn_add(db, "%20");
1107
0
    else
1108
0
      result = curlx_dyn_addf(db, "%%%02X", this_char);
1109
0
    if(result)
1110
0
      return result;
1111
0
  }
1112
1113
0
  return CURLE_OK;
1114
0
}
1115
1116
/*
1117
* Populates a dynbuf containing url_encode(url_decode(in))
1118
*/
1119
1120
static CURLcode http_aws_decode_encode(const char *in, size_t in_len,
1121
                                       struct dynbuf *out)
1122
0
{
1123
0
  char *out_s;
1124
0
  size_t out_s_len;
1125
0
  CURLcode result =
1126
0
    Curl_urldecode(in, in_len, &out_s, &out_s_len, REJECT_NADA);
1127
1128
0
  if(!result) {
1129
0
    result = encode_query_component(out_s, out_s_len, out);
1130
0
    Curl_safefree(out_s);
1131
0
  }
1132
0
  return result;
1133
0
}
1134
1135
static bool should_urlencode(struct Curl_str *service_name)
1136
0
{
1137
  /*
1138
   * These services require unmodified (not additionally url encoded) URL
1139
   * paths.
1140
   * should_urlencode == true is equivalent to should_urlencode_uri_path
1141
   * from the AWS SDK. Urls are already normalized by the curl url parser
1142
   */
1143
1144
0
  if(curlx_str_cmp(service_name, "s3") ||
1145
0
     curlx_str_cmp(service_name, "s3-express") ||
1146
0
     curlx_str_cmp(service_name, "s3-outposts")) {
1147
0
    return false;
1148
0
  }
1149
0
  return true;
1150
0
}
1151
1152
#endif /* !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_AWS) */