0

I have been trying to perform AWS s3 rest api call to upload document to s3 bucket. The document is in the form of a byte array.

PUT /Test.pdf HTTP/1.1
Host: mybucket.s3.amazonaws.com
Authorization: **********
Content-Type: application/pdf
Content-Length: 5039151
x-amz-content-sha256: STREAMING-AWS4-HMAC-SHA256-PAYLOAD
x-amz-date: 20180301T055442Z

When we perform the api call, it gives the response status 411 i.e Length Required. We have already added the Content-Length header with the byte array length as value. But still the issue is repeating. Please help to resolve the issue.

am007
  • 35
  • 1
  • 7
  • 1
    With `STREAMING-AWS4-HMAC-SHA256-PAYLOAD`, `Content-Length` isn't the size if the object itself... It's the object plus the overhead, and `Content-Encoding: aws-chunked` is expected. Are you really using the proprietary chunked upload API? – Michael - sqlbot Mar 05 '18 at 12:08
  • No I am not using the chunked upload AP. How to calculate the correct `Content-Length`? – am007 Mar 05 '18 at 12:58
  • 1
    `STREAMING-AWS4-HMAC-SHA256-PAYLOAD` is only applicable to the chunked API. You should use the hex-encoded sha256 of the body, or the string `UNSIGNED-PAYLOAD` for the `x-amz-content-sha256` header. https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html Using the actual hash is preferred, because this provides integrity checking of the upload body against bit-level corruption in transit -- rare, but possible. – Michael - sqlbot Mar 05 '18 at 14:07
  • Thank you so much. Adding `UNSIGNED-PAYLOAD` as `x-amz-content-sha256` header value resolved the issue. If you could add this as the answer I will set it as the answer. – am007 Mar 06 '18 at 06:27

1 Answers1

1

x-amz-content-sha256: STREAMING-AWS4-HMAC-SHA256-PAYLOAD is only used with the non-standards-based chunk upload API. This is a custom encoding that allows you to write chunks of data to the wire. This is not the same thing as the Multipart Upload API, and is not the same thing as Transfer-Encoding: chunked (which S3 doesn't support for uploads).

It's not clear why this would result in 411 Length Required but the error suggests that S3 is not happy with the format of the upload.

For a standard PUT upload, x-amz-content-sha256 must be set to the hex-encoded SHA-256 hash of the request body, or the string UNSIGNED-PAYLOAD. The former is recommended, because it provides an integrity check. If for any reason your data were to become corrupted on the wire in a way that TCP failed to detect, S3 would automatically reject the corrupt upload and not create the object.

See also https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html

Michael - sqlbot
  • 169,571
  • 25
  • 353
  • 427