Don't store x-amz-content-sha256 (#6458)

This doesn't correspond to a flexible checksum value, so this is not
required.

Author: dagnir

core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/Checksummer.java

@@ -48,9 +48,9 @@ public interface Checksummer {
      * Get a default implementation of a checksummer, which calculates the SHA-256 checksum and places it in the
      * x-amz-content-sha256 header.
      */
-    static Checksummer create(PayloadChecksumStore cache) {
+    static Checksummer create() {
         return new FlexibleChecksummer(
-            cache,
+            NoOpPayloadChecksumStore.create(),
             option().headerName(X_AMZ_CONTENT_SHA256).algorithm(SHA256).formatter(BinaryUtils::toHex).build()
         );
     }

core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/internal/signer/util/ChecksumUtil.java

@@ -182,7 +182,7 @@ public static Checksummer checksummer(BaseSignRequest<?, ? extends AwsCredential
             if (isFlexible) {
                 return Checksummer.forFlexibleChecksum(request.property(CHECKSUM_ALGORITHM), payloadChecksumStore);
             }
-            return Checksummer.create(payloadChecksumStore);
+            return Checksummer.create();
         }
 
         if (isFlexible || isTrailing) {

core/http-auth-aws/src/test/java/software/amazon/awssdk/http/auth/aws/crt/internal/signer/DefaultAwsCrtV4aHttpSignerTest.java

@@ -444,53 +444,6 @@ void sign_withProvidedHostHeader_shouldRespectUserHostHeader() {
         assertThat(signedRequest.request().firstMatchingHeader("Authorization")).isPresent();
     }
 
-    @Test
-    @Disabled("Broken - We don't pass x-amz-content-sha256 to CRT signer")
-    // TODO: This is currently broken because we don't preserve the 'x-amz-content-sha256' header when sending to CRT to sign:
-    // https://github.com/aws/aws-sdk-java-v2/blob/59e3a000503e1299675698e5c4c7af51f2525669/core/http-auth-aws/src/main/java/software/amazon/awssdk/http/auth/aws/crt/internal/util/CrtUtils.java#L45
-    // Refer to JAVA-8531
-    void sign_WithPayloadSigningTrue_chunkEncodingFalse_cacheContainsChecksum_usesCachedValue() {
-        PayloadChecksumStore cache = PayloadChecksumStore.create();
-
-        byte[] checksumValue = "my-checksum".getBytes(StandardCharsets.UTF_8);
-        cache.putChecksumValue(SHA256, checksumValue);
-
-        SignRequest<? extends AwsCredentialsIdentity> request = generateBasicRequest(
-            AwsCredentialsIdentity.create("access", "secret"),
-            httpRequest -> httpRequest.uri(URI.create("http://demo.us-east-1.amazonaws.com")),
-            signRequest -> signRequest
-                .putProperty(PAYLOAD_SIGNING_ENABLED, true)
-                .putProperty(CHUNK_ENCODING_ENABLED, false)
-                .putProperty(CHECKSUM_STORE, cache)
-        );
-
-        SignedRequest signedRequest = signer.sign(request);
-
-        Optional<String> sha256Header = signedRequest.request().firstMatchingHeader("x-amz-content-sha256");
-        assertThat(sha256Header).hasValue(BinaryUtils.toHex(checksumValue));
-    }
-
-    @Test
-    void sign_WithPayloadSigningTrue_chunkEncodingFalse_cacheEmpty_storesComputedChecksum() throws IOException {
-        PayloadChecksumStore cache = PayloadChecksumStore.create();
-
-        SignRequest<? extends AwsCredentialsIdentity> request = generateBasicRequest(
-            AwsCredentialsIdentity.create("access", "secret"),
-            httpRequest -> httpRequest.uri(URI.create("http://demo.us-east-1.amazonaws.com")),
-            signRequest -> signRequest
-                .putProperty(PAYLOAD_SIGNING_ENABLED, true)
-                .putProperty(CHUNK_ENCODING_ENABLED, false)
-                .putProperty(CHECKSUM_STORE, cache)
-        );
-
-        SignedRequest signedRequest = signer.sign(request);
-
-        byte[] requestBytes = IoUtils.toByteArray(signedRequest.payload().get().newStream());
-        byte[] sha256Checksum = computeChecksum(SHA256, requestBytes);
-
-        assertThat(cache.getChecksumValue(SHA256)).isEqualTo(sha256Checksum);
-    }
-
     @Test
     void sign_WithPayloadSigningFalse_chunkEncodingTrue_cacheEmpty_storesComputedChecksum() throws IOException {
         PayloadChecksumStore cache = PayloadChecksumStore.create();

core/http-auth-aws/src/test/java/software/amazon/awssdk/http/auth/aws/internal/signer/DefaultAwsV4HttpSignerTest.java

@@ -869,49 +869,6 @@ void signAsync_WithPayloadSigningFalseAndChunkEncodingTrueAndFlexibleChecksumAnd
             .hasValue("STREAMING-UNSIGNED-PAYLOAD-TRAILER");
     }
 
-    @Test
-    void sign_WithPayloadSigningTrue_chunkEncodingFalse_cacheContainsChecksum_usesCachedValue() {
-        PayloadChecksumStore cache = PayloadChecksumStore.create();
-
-        byte[] checksumValue = "my-checksum".getBytes(StandardCharsets.UTF_8);
-        cache.putChecksumValue(SHA256, checksumValue);
-
-        SignRequest<? extends AwsCredentialsIdentity> request = generateBasicRequest(
-            AwsCredentialsIdentity.create("access", "secret"),
-            httpRequest -> httpRequest.uri(URI.create("http://demo.us-east-1.amazonaws.com")),
-            signRequest -> signRequest
-                .putProperty(PAYLOAD_SIGNING_ENABLED, true)
-                .putProperty(CHUNK_ENCODING_ENABLED, false)
-                .putProperty(CHECKSUM_STORE, cache)
-        );
-
-        SignedRequest signedRequest = signer.sign(request);
-
-        Optional<String> sha256Header = signedRequest.request().firstMatchingHeader("x-amz-content-sha256");
-        assertThat(sha256Header).hasValue(BinaryUtils.toHex(checksumValue));
-    }
-
-    @Test
-    void sign_WithPayloadSigningTrue_chunkEncodingFalse_cacheEmpty_storesComputedChecksum() throws IOException {
-        PayloadChecksumStore cache = PayloadChecksumStore.create();
-
-        SignRequest<? extends AwsCredentialsIdentity> request = generateBasicRequest(
-            AwsCredentialsIdentity.create("access", "secret"),
-            httpRequest -> httpRequest.uri(URI.create("http://demo.us-east-1.amazonaws.com")),
-            signRequest -> signRequest
-                .putProperty(PAYLOAD_SIGNING_ENABLED, true)
-                .putProperty(CHUNK_ENCODING_ENABLED, false)
-                .putProperty(CHECKSUM_STORE, cache)
-        );
-
-        SignedRequest signedRequest = signer.sign(request);
-
-        byte[] requestBytes = IoUtils.toByteArray(signedRequest.payload().get().newStream());
-        byte[] sha256Checksum = computeChecksum(SHA256, requestBytes);
-
-        assertThat(cache.getChecksumValue(SHA256)).isEqualTo(sha256Checksum);
-    }
-
     @Test
     void sign_WithPayloadSigningFalse_chunkEncodingTrue_cacheEmpty_storesComputedChecksum() throws IOException {
         PayloadChecksumStore cache = PayloadChecksumStore.create();