From c871dcb612f63d51be014ff6fc2ba5a8d3300efb Mon Sep 17 00:00:00 2001 From: Nigel Brittain Date: Thu, 3 Apr 2025 22:42:04 +0000 Subject: [PATCH] http_aws_sigv4: add additional verbose log statements To use curl as a tool for troubleshooting SigV4 signing, it is useful to have the 'Canonical Request', 'String To Sign' and 'Signature' calculations output. Closes #16952 --- lib/http_aws_sigv4.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c index d73ac43d75..c255ddcb0c 100644 --- a/lib/http_aws_sigv4.c +++ b/lib/http_aws_sigv4.c @@ -813,7 +813,8 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data) if(!canonical_request) goto fail; - DEBUGF(infof(data, "Canonical request: %s", canonical_request)); + infof(data, "aws_sigv4: Canonical request (enclosed in []) - [%s]", + canonical_request); request_type = aprintf("%.*s4_request", (int)Curl_strlen(&provider0), Curl_str(&provider0)); @@ -855,6 +856,9 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data) /* make provider0 part done uppercase */ Curl_strntoupper(str_to_sign, Curl_str(&provider0), Curl_strlen(&provider0)); + infof(data, "aws_sigv4: String to sign (enclosed in []) - [%s]", + str_to_sign); + secret = aprintf("%.*s4%s", (int)Curl_strlen(&provider0), Curl_str(&provider0), data->state.aptr.passwd ? data->state.aptr.passwd : ""); @@ -873,6 +877,8 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data) sha256_to_hex(sha_hex, sign0); + infof(data, "aws_sigv4: Signature - %s", sha_hex); + auth_headers = aprintf("Authorization: %.*s4-HMAC-SHA256 " "Credential=%s/%s, " "SignedHeaders=%s, "