Example #1
0
func (s *Sign4Suite) TestSignStringToSign(c *C) {
	sts := "AWS4-HMAC-SHA256\n20110909T233600Z\n20110909/us-east-1/iam/aws4_request\n3511de7e95d28ecd39e9513b642aee07e54f4941150d8df8bf94b328ef7e55e2"
	ssts, err := sign4.SignStringToSign(sts, "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY")
	c.Assert(err, IsNil)
	//fmt.Println("ssts:", ssts)
	c.Assert(ssts, Equals, "ced6826de92d2bdeed8f846f0bf508e8559e98e4b0199114b84c54174deb456c")

}
Example #2
0
func (s *Sign4Suite) TestAWSSuite(c *C) {
	if *testSuiteDir == "" {
		c.Skip("-test-suite-dir not provided, skipping aws4 testsuite")
	}

	accessKey := "AKIDEXAMPLE"
	secretKey := "wJalrXUtnFEMI/K7MDENG+bPxRfiCYEXAMPLEKEY"
	regionName := "us-east-1"
	serviceName := "host"

	tests := []string{"get-header-value-trim", "get-vanilla-query", "get-relative",
		"get-relative-relative", "get-slash", "get-slash-dot-slash",
		"get-slashes", "get-slash-pointless-dot", "get-space", "get-unreserved",
		"get-utf8", "get-vanilla", "get-vanilla-empty-query-key", "get-vanilla-query",
		"get-vanilla-query-order-key", "get-vanilla-query-order-key-case",
		"get-vanilla-query-order-value", "get-vanilla-query-unreserved",
		"get-vanilla-ut8-query", "post-header-key-case", "post-header-key-sort",
		"post-header-value-case", "post-vanilla", "post-vanilla-empty-query-value",
		"post-vanilla-query",
		//"post-vanilla-query-nonunreserved" // this one is pretty pathological, FIXME ?
		//"post-vanilla-query-space"		// don't think this a valid http request (a space in the URI?)
		"post-x-www-form-urlencoded", "post-x-www-form-urlencoded-parameters",
	}
	// broken tests: "get-header-key-duplicate", "get-header-value-order"
	// see https://forums.aws.amazon.com/thread.jspa?messageID=491017

	//buff := new(bytes.Buffer)

	for _, test := range tests {
		c.Log("TestAWSSuite test: %v", test)
		reqFileName := filepath.Join(*testSuiteDir, test+".req")
		creqFileName := filepath.Join(*testSuiteDir, test+".creq")
		stsFileName := filepath.Join(*testSuiteDir, test+".sts")
		sreqFileName := filepath.Join(*testSuiteDir, test+".sreq")

		readBytes, err := ioutil.ReadFile(reqFileName)
		c.Assert(err, IsNil)
		//fmt.Println("readBytes:\n", readBytes)

		// canonical request
		canonReq, err := sign4.CanonicalRequest(string(readBytes))
		c.Assert(err, IsNil)
		readBytes, err = ioutil.ReadFile(creqFileName)
		c.Assert(err, IsNil)
		c.Assert(canonReq.CanonicalRequest, Equals, string(readBytes))

		// string to sign
		t, err := getTimeFromCR(canonReq)
		c.Assert(err, IsNil)
		credentialScope := sign4.CredentialScope(*t, regionName, serviceName)
		stringToSign := sign4.StringToSign(canonReq.CanonicalRequest, credentialScope, *t)

		readBytes, err = ioutil.ReadFile(stsFileName)
		c.Assert(err, IsNil)
		c.Assert(stringToSign, Equals, string(readBytes))

		// signed
		signature, err := sign4.SignStringToSign(stringToSign, secretKey)
		c.Assert(err, IsNil)
		authHdrVal := sign4.AuthHeaderValue(signature, accessKey, credentialScope, canonReq)

		// Authorized value
		sreq, err := getAWSSuiteReq(sreqFileName)
		c.Assert(err, IsNil)
		c.Assert(authHdrVal, Not(Equals), "")
		c.Assert(authHdrVal, Equals, sreq.Header.Get("Authorization"))
	}
}