We upload/copy files on S3 using multipart upload/copy which is a combination of various small-sized files. After that, we generate pre-signed URLs to download these files. How can we validate the data downloaded from S3?
Asked
Active
Viewed 878 times
0
-
Compare md5's of the original file and the file downloaded from s3. – Marcin Feb 21 '20 at 03:13
-
Amazon S3 provides ETags, which are MD5 calculated checksums. However, objects uploaded via multipart copy do not have easily calculated ETag. See: [What is the algorithm to compute the Amazon-S3 Etag for a file larger than 5GB?](https://stackoverflow.com/q/12186993/174777) – John Rotenstein Feb 21 '20 at 04:41
-
@JohnRotenstein While downloading file from S3, if there is a man in the middle attack which modifies the file content, how will ETags behave in that case? I mean, If we have logically calculated ETag (considering MD5s of all individual parts), will it be same as MD5 of downloaded file if no corruption and different in case file is manipulated? – R.B. Feb 22 '20 at 18:16
-
The ETag can provide the MD5 of the object in Amazon S3. You can then calculate the MD5 of the file that was downloaded and compare the two. If they are are the different, then the file contents are different. – John Rotenstein Feb 23 '20 at 00:43