http_aws_sigv4: add additional verbose log statements

To use curl as a tool for troubleshooting SigV4 signing, it is useful to have the 'Canonical Request', 'String To Sign' and 'Signature' calculations output. Closes #16952
2026-04-15 03:21:41 +03:00 · 2025-04-03 22:42:04 +00:00 · 2025-04-03 22:42:04 +00:00 · c871dcb612
commit c871dcb612
parent b809629f8c
1 changed files with 7 additions and 1 deletions
--- a/lib/http_aws_sigv4.c
+++ b/lib/http_aws_sigv4.c
@ -813,7 +813,8 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)
  if(!canonical_request)
    goto fail;

-  DEBUGF(infof(data, "Canonical request: %s", canonical_request));
+  infof(data, "aws_sigv4: Canonical request (enclosed in []) - [%s]",
+    canonical_request);

  request_type = aprintf("%.*s4_request",
                         (int)Curl_strlen(&provider0), Curl_str(&provider0));
@ -855,6 +856,9 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)
  /* make provider0 part done uppercase */
  Curl_strntoupper(str_to_sign, Curl_str(&provider0), Curl_strlen(&provider0));

+  infof(data, "aws_sigv4: String to sign (enclosed in []) - [%s]",
+    str_to_sign);
+
  secret = aprintf("%.*s4%s", (int)Curl_strlen(&provider0),
                   Curl_str(&provider0), data->state.aptr.passwd ?
                   data->state.aptr.passwd : "");
@ -873,6 +877,8 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)

  sha256_to_hex(sha_hex, sign0);

+  infof(data, "aws_sigv4: Signature - %s", sha_hex);
+
  auth_headers = aprintf("Authorization: %.*s4-HMAC-SHA256 "
                         "Credential=%s/%s, "
                         "SignedHeaders=%s, "