Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
2.2.0, 2.2.1
Description
According to [GCS blob upload documentation|https://cloud.google.com/storage/docs/xml-api/put-object-upload], when Content-MD5 header is provided, Google uses it to verify data integrity of an uploaded blob. This feature is crucial for us. We have a file upload functionality that takes an input stream and uploads it to a cloud via JClouds. We want to be sure that file integrity is enforced.
JClouds blob builder allows to specify content MD5, but this value is ignored with InputStream payload, it's simply is not propagated into Content-MD5 header.
Here is the code snippet to reproduce the issue:
BlobStoreContext context = ContextBuilder.newBuilder("google-cloud-storage") .credentials(clientEmail, privateKey) .buildView(BlobStoreContext.class); // generate MD5 hash for some bogus content MessageDigest md5 = MessageDigest.getInstance("MD5"); md5.update("bogus".getBytes()); InputStream inputStream = new ByteArrayInputStream("hi".getBytes()); BlobStore blobStore = context.getBlobStore(); blobStore.putBlob(myContainer, blobStore.blobBuilder("test.txt") .payload(inputStream) .contentLength(2) .contentType("text/plain") .contentMD5(HashCode.fromBytes(md5.digest())) .build());
putBlob should have failed, because payload is "hi", but MD5 is calculated for "bogus" string.