From: Nigel Brittain <nbaws@amazon.com>
Date: Thu, 3 Apr 2025 22:42:04 +0000 (+0000)
Subject: http_aws_sigv4: add additional verbose log statements
X-Git-Tag: curl-8_14_0~368
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c871dcb612f63d51be014ff6fc2ba5a8d3300efb;p=thirdparty%2Fcurl.git

http_aws_sigv4: add additional verbose log statements

To use curl as a tool for troubleshooting SigV4 signing, it is useful to
have the 'Canonical Request', 'String To Sign' and 'Signature'
calculations output.

Closes #16952
---

diff --git a/lib/http_aws_sigv4.c b/lib/http_aws_sigv4.c
index d73ac43d75..c255ddcb0c 100644
--- a/lib/http_aws_sigv4.c
+++ b/lib/http_aws_sigv4.c
@@ -813,7 +813,8 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)
   if(!canonical_request)
     goto fail;
 
-  DEBUGF(infof(data, "Canonical request: %s", canonical_request));
+  infof(data, "aws_sigv4: Canonical request (enclosed in []) - [%s]",
+    canonical_request);
 
   request_type = aprintf("%.*s4_request",
                          (int)Curl_strlen(&provider0), Curl_str(&provider0));
@@ -855,6 +856,9 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)
   /* make provider0 part done uppercase */
   Curl_strntoupper(str_to_sign, Curl_str(&provider0), Curl_strlen(&provider0));
 
+  infof(data, "aws_sigv4: String to sign (enclosed in []) - [%s]",
+    str_to_sign);
+
   secret = aprintf("%.*s4%s", (int)Curl_strlen(&provider0),
                    Curl_str(&provider0), data->state.aptr.passwd ?
                    data->state.aptr.passwd : "");
@@ -873,6 +877,8 @@ CURLcode Curl_output_aws_sigv4(struct Curl_easy *data)
 
   sha256_to_hex(sha_hex, sign0);
 
+  infof(data, "aws_sigv4: Signature - %s", sha_hex);
+
   auth_headers = aprintf("Authorization: %.*s4-HMAC-SHA256 "
                          "Credential=%s/%s, "
                          "SignedHeaders=%s, "