Skip to content

Commit 178b90a

Browse files
PavelSafronovPavelSafronov
committed
pr feedback
1 parent 41a18ab commit 178b90a

File tree

1 file changed

+17
-9
lines changed

1 file changed

+17
-9
lines changed

src/cmap/auth/aws4.ts

Lines changed: 17 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -28,9 +28,8 @@ export type SignedHeaders = {
2828
* @param str - String to hash.
2929
* @returns Hexadecimal representation of the hash.
3030
*/
31-
const getHash = async (str: string): Promise<string> => {
32-
const data = new Uint8Array(BSON.onDemand.ByteUtils.utf8ByteLength(str));
33-
BSON.onDemand.ByteUtils.encodeUTF8Into(data, str, 0);
31+
const getHexSha256 = async (str: string): Promise<string> => {
32+
const data = stringToBuffer(str);
3433
const hashBuffer = await crypto.subtle.digest('SHA-256', data);
3534
const hashHex = BSON.onDemand.ByteUtils.toHex(new Uint8Array(hashBuffer));
3635
return hashHex;
@@ -45,8 +44,7 @@ const getHash = async (str: string): Promise<string> => {
4544
const getHmacSha256 = async (key: string | Uint8Array, str: string): Promise<Uint8Array> => {
4645
let keyData: Uint8Array;
4746
if (typeof key === 'string') {
48-
keyData = new Uint8Array(BSON.onDemand.ByteUtils.utf8ByteLength(key));
49-
BSON.onDemand.ByteUtils.encodeUTF8Into(keyData, key, 0);
47+
keyData = stringToBuffer(key);
5048
} else {
5149
keyData = key;
5250
}
@@ -58,8 +56,7 @@ const getHmacSha256 = async (key: string | Uint8Array, str: string): Promise<Uin
5856
false,
5957
['sign']
6058
);
61-
const strData = new Uint8Array(BSON.onDemand.ByteUtils.utf8ByteLength(str));
62-
BSON.onDemand.ByteUtils.encodeUTF8Into(strData, str, 0);
59+
const strData = stringToBuffer(str);
6360
const signature = await crypto.subtle.sign('HMAC', importedKey, strData);
6461
const digest = new Uint8Array(signature);
6562
return digest;
@@ -78,6 +75,17 @@ const convertHeaderValue = (value: string | number) => {
7875
return value.toString().trim().replace(/\s+/g, ' ');
7976
};
8077

78+
/**
79+
* Returns a Uint8Array representation of a string, encoded in UTF-8.
80+
* @param str - String to convert.
81+
* @returns Uint8Array containing the UTF-8 encoded string.
82+
*/
83+
function stringToBuffer(str: string): Uint8Array {
84+
const data = new Uint8Array(BSON.onDemand.ByteUtils.utf8ByteLength(str));
85+
BSON.onDemand.ByteUtils.encodeUTF8Into(data, str, 0);
86+
return data;
87+
}
88+
8189
/**
8290
* This method implements AWS Signature 4 logic for a very specific request format.
8391
* The signing logic is described here: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_sigv-create-signed-request.html
@@ -141,7 +149,7 @@ export async function aws4Sign(
141149
const signedHeaders = canonicalHeaderNames.sort().join(';');
142150

143151
// HashedPayload – A string created using the payload in the body of the HTTP request as input to a hash function. This string uses lowercase hexadecimal characters.
144-
const hashedPayload = await getHash(options.body);
152+
const hashedPayload = await getHexSha256(options.body);
145153

146154
// CanonicalRequest – A string that includes the above elements, separated by newline characters.
147155
const canonicalRequest = [
@@ -155,7 +163,7 @@ export async function aws4Sign(
155163

156164
// 2. Create a hash of the canonical request
157165
// HashedCanonicalRequest – A string created by using the canonical request as input to a hash function.
158-
const hashedCanonicalRequest = await getHash(canonicalRequest);
166+
const hashedCanonicalRequest = await getHexSha256(canonicalRequest);
159167

160168
// 3. Create a string to sign
161169
// Algorithm – The algorithm used to create the hash of the canonical request. For SigV4, use AWS4-HMAC-SHA256.

0 commit comments

Comments
 (0)