Set default value of payload hash to the empty hash

ggcr · ggcr · commit 0185b83335b5 · 2026-01-10T10:44:51.000+01:00
diff --git a/src/s3cpp/auth.h b/src/s3cpp/auth.h
@@ -20,7 +20,7 @@ class AWSSigV4Signer {
     void sign(HttpRequestBase<T>& request);
 
     template <typename T>
-    std::string createCannonicalRequest(HttpRequestBase<T>& request, const std::string& payload_hash = "");
+    std::string createCannonicalRequest(HttpRequestBase<T>& request, const std::string& payload_hash = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855");
 
     const unsigned char* sha256(const std::string& str);
     const unsigned char* HMAC_SHA256(const unsigned char* key, size_t key_len, const std::string& data);
diff --git a/test/auth_test.cpp b/test/auth_test.cpp
@@ -70,6 +70,38 @@ TEST(AUTH, CannonicalGETRequest) {
     EXPECT_TRUE(req.getHeaders().contains("Authorization"));
 }
 
+TEST(AUTH, CannonicalGETRequestWithoutPayload) {
+    // create signer & http client
+    auto signer = AWSSigV4Signer("minio_access", "minio_secret");
+    HttpClient client {};
+
+    // prepare request
+    const std::string host = "s3.amazonaws.com";
+    const std::string URI = "/amzn-s3-demo-bucket/myphoto.jpg";
+    const std::string URL = std::format("http://{}{}", host, URI);
+    const std::string timestamp = signer.getTimestamp();
+    const std::string empty_payload_hash = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
+    HttpRequest req = client.get(URL)
+                          .header("Host", host)
+                          .header("X-Amz-Date", timestamp)
+                          .header("X-Amz-Content-Sha256", empty_payload_hash);
+
+    const std::string expected_canonical = std::format("GET\n"
+                                                       "/amzn-s3-demo-bucket/myphoto.jpg\n"
+                                                       "\n"
+                                                       "host:{}\n"
+                                                       "x-amz-content-sha256:{}\n"
+                                                       "x-amz-date:{}\n"
+                                                       "\n"
+                                                       "host;x-amz-content-sha256;x-amz-date\n"
+                                                       "{}",
+        host, empty_payload_hash, timestamp, empty_payload_hash);
+
+    EXPECT_EQ(signer.createCannonicalRequest(req), expected_canonical);
+    signer.sign(req);
+    EXPECT_TRUE(req.getHeaders().contains("Authorization"));
+}
+
 TEST(AUTH, MinIOBasicRequest) {
     // create signer & http client
     auto signer = AWSSigV4Signer("minio_access", "minio_secret");
