-
Notifications
You must be signed in to change notification settings - Fork 862
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AmazonCloudFrontUrlSigner.GetCannedSignedURL always throw exception #3221
Comments
@weilence Good morning. The above code snippet/screenshot that you shared in issue description does not demonstrate the issue in
Thanks, |
I don't know, this is my first time using this SDK, and I only tested versions 3.7.301.18 and 3.7.301.50. Nuget: using Amazon.CloudFront;
var reader = new StringReader("""
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCa5udYGtrIPUU5
EA0uTAGIc/gPFKqk9rnx6ubTkkEErA6ZiIbG/lj4bSRHendy06qd1X5zuJ4k73oi
SsXKzCOuJHAZA872+iIbFI5axdYH25E3LIzJZu7KHlL08QGsIl9ccx8usuSotsj2
pvb+uswg6kM3sy6Kiqw6e+5GlR4i0CNtt9pOTPb1+5ZQGehx0oeAypV4vGRZIQBm
aCYXo2sBMZI1nNhe6fW7jpNrtki+nh1CKpmxE2TEwfFNh8xCiZ4wCJ4Y8GE3Te9E
8otXM4+15ksIdMzJi7WbtiPsrEc4bxkBD+Hor8bGgFxXAWRRM3ttzLsZrotgEgYO
fu7y0EtXAgMBAAECggEALqqhx8lPYEQVNru/PNNpItLNSL3RKyGpo1hBcjv9moq7
W0XmVM0LwMwgwegDVHSwUhyfm/1ip33+LZaZQB+AIFaZ7u9WytFQtRfcSzyO3o8n
kJe7UnHQPtQj6ecxucohMJj+K/N5L9rhcG2cu+FK3h+1YHJ68wIUIQp1Ho6OJa5W
6/ad/aEPnSH5vd3LmUTSiD/jOtpoSge1axwVoCY4sdK8aTSAld/KexVHb7S5V2m2
IB1tZ+lE+5NyggKbop1ZtqsmJSbpNlHVDuboJMQppK8M/CENetykPe3L8BiIY3zU
J6jylM3dPA+bjlOvylZsWmtAe3ItajftzYSrGXKuAQKBgQDOubkIYSj+O8a5h4Hw
n/YequdduArKe/loKh2987mM2yqyU56XKoJ48GA6X3nZKPy5ZxcQD0maGUtf/6Bk
0rQwq+Tyk2m5fShIhTNoCukjteLClfyw6F2I+3xqMJi7+o0l+t2XB2nFXjTJE8jS
zL9uyDG+w45Q8PBbYhrrnMK9iQKBgQC/0vArSNkdrYf2gpVbGW15rWcCtloDm85l
X1TFIRAh4dVQyonz5ZD5VVl3RYsm0VaH01q6G3pgY8gfVyxPTebm01MC2z5GQk1V
1PWbeIbP4P1+wl1uFb4o9ksGGwhwUvm1JO/7PwmcClvdjvO3tv3rpotJAhJr2vBl
UAp87fBp3wKBgGamxKHLlU6BIlH4Xua8l7tsxAy+meUoIJW/7BrpzqaKIi6A5UxN
GJKzUiVKSbgy6SOrdEFORg8WJl6aEexe0Ikmoj5uQt6PrpQsSHWOjWxlIh/b2KmE
CQY/Uu1sCju106cbZjNbxAL0n6OFhoBemWSKVmFSu/WnXsMR+SosImt5AoGBALXf
UJkpi7low4WFEAj81eBM+WMH89aCDjHtLhltnLcTQMZGEoAtw8OzGY1NYX7fcjR7
vwS/cssbMC4O39MdIHTwHj+SEbxZtqtPq8LJhsBoKNDbhewPL2n1AvL6BIlDEsCe
Ee7cOMc6xxkNJaSlGqEoGd2R2ldqkQzt09PZYV1vAoGABLeRlh3Jw+T34o9xsCM3
N2hU89VWIgvy5Tnz2CekZ7Lw9oL4dACM0LnAs2XG258H1eaVICBkYM/HYPrrTDuf
CKahgTe2mWpYYIuX9FeuEde8/aCFjmx3Ex+QhApPRKh/Sjt/KDYklv/uM8yVwA0Z
i6bFYQM/GnNZd4VnbUZ28ro=
-----END PRIVATE KEY-----
""");
AmazonCloudFrontUrlSigner.GetCannedSignedURL("http://example.com", reader, "keyPairId", DateTime.Now); The privateKey generated by |
What version of We'd need to update the BouncyCastle version included in the SDK (which has been around since v1 - years before OpenSSL 3 was released). |
@dscpinheiro The version of OpenSSL I'm using is 3.2.1. |
@dscpinheiro so...When will the BouncyCastle version be updated? |
Any updates on this? |
+1 |
Is there a way to bypass the BouncyCastle implementation, providing the RSA object directly? |
Was anyone able to find a solution for this ? I am unable to create signed urls. I went on replacing |
We're planning to fix this in the next major version release of the SDK (being tracked in #3362). Our solution will be to move the CloudFront signer functionality to a new package (which will reference the I can't commit to a date, but we are working on it and will update the issue I mentioned earlier as soon as the new package is available. |
We ended up separating the CloudFront Signers to its own extension package which we just released in preview 4.0.0-preview.2 I added a unit test for this specific case, which passed but you should give it a try and see if it addresses your use case |
Closing this off as we have released a fix for this in the preview version I listed above. Feel free to re-open if there are any additional issues. Feel free to track v4 progress here: #3362 |
Comments on closed issues are hard for our team to see. |
Hi |
Describe the bug
Test code
Expected Behavior
no exception
Current Behavior
throw exception
Reproduction Steps
Run test code in xunit
PemReader is ThirdParty.BouncyCastle.OpenSsl.PemReader
Possible Solution
If i use
Org.BouncyCastle.OpenSsl.PemReader(BouncyCastle.Cryptography 2.21)
, it does work.Additional Information/Context
No response
AWS .NET SDK and/or Package version used
AWSSDK.CloudFront version is 3.7.301.50
Targeted .NET Platform
.Net 8
Operating System and version
Windows 11
The text was updated successfully, but these errors were encountered: