Project

General

Profile

content-md5-bug.php

Marcin Gibula, 04/21/2017 12:22 PM

Download (2.18 KB)

 
1
<?php
2

    
3
// Use existing non-empty random content file
4
$TEST_FILE = 'test-file';
5

    
6
$BUCKET = 'BUCKETNAME';
7
$AWS_HOST = 'ENDPOINT_URL';
8
$AWS_ACCESS_KEY = 'ACCESS-KEY';
9
$AWS_SECRET_ACCESS = 'SECRET_KEY';
10

    
11
$AWS_URL = "http://$BUCKET.$AWS_HOST";
12

    
13
function test_upload($key, $path, $checksum) {
14
    global $AWS_URL, $BUCKET, $AWS_ACCESS_KEY, $AWS_SECRET_ACCESS;
15

    
16
    $expires = strftime('%Y-%m-%dT%H:%M:%SZ', time()+30);
17

    
18
    $policy = [
19
        "expiration" => $expires,
20
        "conditions" => [
21
            ["bucket" => $BUCKET],
22
            ["starts-with", '$key', ""],
23
            ["acl" => "public-read"],
24
            ["starts-with", '$Content-Type', ""],
25
            ['success_action_status' => '201'],
26
            ["starts-with", '$Content-MD5', ""]
27
        ]
28
    ];
29

    
30
    $policy = base64_encode(json_encode($policy));
31
    $signature = base64_encode(hash_hmac('sha1', $policy, $AWS_SECRET_ACCESS, true));
32

    
33
    $data['Signature'] = $signature;
34
    $data['AWSAccessKeyId'] = $AWS_ACCESS_KEY;
35
    $data['Policy'] = $policy;
36
    $data['acl'] = 'public-read';
37
    $data['success_action_status'] = 201;
38
    $data['Key'] = $key;
39
    $data['file'] = "@/".realpath($path);
40
    $data['Content-MD5'] = $checksum;
41

    
42
    $ch = curl_init();
43
    curl_setopt($ch, CURLOPT_URL,$AWS_URL);
44
    curl_setopt($ch, CURLOPT_POST, true);
45
    curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
46
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
47
    curl_setopt($ch, CURLOPT_HTTPHEADER, array("Expect: ", "Content-type: multipart/form-data"));
48
    curl_setopt($ch, CURLOPT_VERBOSE, 1);
49
    curl_setopt($ch, CURLOPT_HEADER, 1);
50

    
51
    $verbose = fopen('php://temp', 'rw+');
52
    curl_setopt($ch, CURLOPT_STDERR, $verbose);
53

    
54
    if (curl_exec ($ch)) {
55
        rewind($verbose);
56
        $verboseLog = stream_get_contents($verbose);
57
        echo $verboseLog;
58
    } else {
59
        echo "curl execution failed\n";
60
        echo curl_error($ch) . "\n";
61
    }
62
}
63

    
64
echo "Uploading file with good checksum...\n";
65
test_upload('good-md5', $TEST_FILE, base64_encode(md5_file($TEST_FILE, true)));
66

    
67
echo "Uploading file with bad checksum...\n";
68
test_upload('bad-md5', $TEST_FILE, base64_encode(md5('foo', true)));