S3-CRT Client signature error on s3 object keys with special characters
eranh-bb opened this issue · 4 comments
Describe the bug
When moving from the regular s3 client to s3-crt client we've been getting the following errors on object keys that have special characters in them (i.e. '=' sign)
'The request signature we calculated does not match the signature you provided. Check your key and signing method.'
- the issue is not present with the regular s3 client in the same sdk version
- encoding the key produces a 'The specified key does not exist.' error (in trace logs I can see the query is done with double encoding of the key).
we are using sdk with tag version:
help would be greatly appreciated
Expected Behavior
s3-crt client would work seamlessly against the same object keys that the regular s3 client supports.
Current Behavior
s3-crt client fails on object keys with special characters with the following message:
The request signature we calculated does not match the signature you provided. Check your key and signing method.
Reproduction Steps
example code:
#include <aws/core/Aws.h>
#include <aws/core/client/ClientConfiguration.h>
#include <aws/s3-crt/model/GetObjectRequest.h>
#include <aws/s3-crt/S3CrtClient.h>
#include <aws/s3/S3Client.h>
#include <aws/s3/model/GetObjectRequest.h>
int main(int argc, char ** argv) {
// Init AWS API
Aws::SDKOptions awsSdkOptions;
awsSdkOptions.loggingOptions.logLevel = Aws::Utils::Logging::LogLevel::Trace;
awsSdkOptions.httpOptions.installSigPipeHandler = true;
Aws::InitAPI(awsSdkOptions);
std::string bucket("your_bucket");
std::string objectKey("year=2024/file.json");
std::string region("us-east-1");
// s3 client code: --> works
{
Aws::Client::ClientConfiguration config;
config.region = region;
Aws::S3::S3Client s3Client(config);
Aws::S3::Model::GetObjectRequest objectRequest;
objectRequest.WithBucket(bucket.c_str()).WithKey(objectKey.c_str());
auto getObjectOutcome = s3Client.GetObject(objectRequest);
if (!getObjectOutcome.IsSuccess()) {
std::cerr << "failed s3 client get: " << getObjectOutcome.GetError().GetMessage() << std::endl;
} else {
std::cerr << "s3 client success!" << std::endl;
}
}
// s3-crt client code --> fails on signature verification
{
Aws::S3Crt::ClientConfiguration config;
config.region = region;
Aws::S3Crt::S3CrtClient s3Client(config);
Aws::S3Crt::Model::GetObjectRequest objectRequest;
objectRequest.WithBucket(bucket.c_str()).WithKey(objectKey.c_str());
auto getObjectOutcome = s3Client.GetObject(objectRequest);
if (!getObjectOutcome.IsSuccess()) {
std::cerr << "failed s3 CRT client get: " << getObjectOutcome.GetError().GetMessage() << std::endl;
} else {
std::cerr << "s3 CRT client success!" << std::endl;
}
}
Aws::ShutdownAPI(awsSdkOptions);
}Possible Solution
No response
Additional Information/Context
No response
AWS CPP SDK version used
1.11.248
Compiler and Version used
gcc (Ubuntu 9.5.0-1ubuntu1~22.04) 9.5.0
Operating System and version
Ubuntu 22.04.4 LTS Release: 22.04 Codename: jammy
We are looking into what might be causing this behavior
fix has been merged in 3abf409 and should be available in the next release later today.
This should be live now
This issue is now closed. Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.