OXIESEC PANEL

Name	Size	Modified	Perms
📁 ..	-	08/21/2024 10:05:25 AM	rwxr-xr-x
📄 AmbiguousSuccessParser.php	2.3 KB	08/21/2024 10:03:38 AM	rw-r--r--
📄 ApplyChecksumMiddleware.php	4.98 KB	08/21/2024 10:03:38 AM	rw-r--r--
📄 BatchDelete.php	7.73 KB	08/21/2024 10:03:38 AM	rw-r--r--
📄 BucketEndpointArnMiddleware.php	14.04 KB	08/21/2024 10:03:38 AM	rw-r--r--
📄 BucketEndpointMiddleware.php	3.44 KB	08/21/2024 10:03:38 AM	rw-r--r--
📄 CalculatesChecksumTrait.php	1.84 KB	08/21/2024 10:03:38 AM	rw-r--r--
📁 Crypto	-	08/21/2024 10:05:23 AM	rwxr-xr-x
📄 EndpointRegionHelperTrait.php	3.26 KB	08/21/2024 10:03:38 AM	rw-r--r--
📁 Exception	-	08/21/2024 10:05:23 AM	rwxr-xr-x
📄 GetBucketLocationParser.php	1.34 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 MultipartCopy.php	9.06 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 MultipartUploader.php	6.3 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 MultipartUploadingTrait.php	4.24 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 ObjectCopier.php	5.99 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 ObjectUploader.php	5.52 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 PermanentRedirectMiddleware.php	1.76 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 PostObject.php	3.99 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 PostObjectV4.php	5.49 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 PutObjectUrlMiddleware.php	1.61 KB	08/21/2024 10:03:39 AM	rw-r--r--
📁 RegionalEndpoint	-	08/21/2024 10:11:24 AM	rwxr-xr-x
📄 RetryableMalformedResponseParser.php	1.47 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 S3Client.php	52.19 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 S3ClientInterface.php	14.47 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 S3ClientTrait.php	10.56 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 S3EndpointMiddleware.php	11.39 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 S3MultiRegionClient.php	19.96 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 S3UriParser.php	5.07 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 SSECMiddleware.php	2.31 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 StreamWrapper.php	31.65 KB	08/21/2024 10:03:39 AM	rw-r--r--
📄 Transfer.php	15.58 KB	08/21/2024 10:03:39 AM	rw-r--r--
📁 UseArnRegion	-	08/21/2024 10:11:24 AM	rwxr-xr-x
📄 ValidateResponseChecksumParser.php	5.23 KB	08/21/2024 10:03:40 AM	rw-r--r--

Editing: ApplyChecksumMiddleware.php

<?php
namespace Aws\S3;

use Aws\Api\Service;
use Aws\CommandInterface;
use GuzzleHttp\Psr7;
use InvalidArgumentException;
use Psr\Http\Message\RequestInterface;
use Psr\Http\Message\StreamInterface;

/**
 * Apply required or optional checksums to requests before sending.
 *
 * IMPORTANT: This middleware must be added after the "build" step.
 *
 * @internal
 */
class ApplyChecksumMiddleware
{
    use CalculatesChecksumTrait;
    private static $sha256AndMd5 = [
        'PutObject',
        'UploadPart',
    ];

/** @var Service */
    private $api;

private $nextHandler;

/**
     * Create a middleware wrapper function.
     *
     * @param Service $api
     * @return callable
     */
    public static function wrap(Service $api)
    {
        return function (callable $handler) use ($api) {
            return new self($handler, $api);
        };
    }

public function __construct(callable $nextHandler, Service $api)
    {
        $this->api = $api;
        $this->nextHandler = $nextHandler;
    }

public function __invoke(
        CommandInterface $command,
        RequestInterface $request
    ) {
        $next = $this->nextHandler;
        $name = $command->getName();
        $body = $request->getBody();

//Checks if AddContentMD5 has been specified for PutObject or UploadPart
        $addContentMD5 = $command['AddContentMD5'] ?? null;

$op = $this->api->getOperation($command->getName());

$checksumInfo = $op['httpChecksum'] ?? [];
        $checksumMemberName = array_key_exists('requestAlgorithmMember', $checksumInfo)
            ? $checksumInfo['requestAlgorithmMember']
            : "";
        $requestedAlgorithm = $command[$checksumMemberName] ?? null;
        if (!empty($checksumMemberName) && !empty($requestedAlgorithm)) {
            $requestedAlgorithm = strtolower($requestedAlgorithm);
            $checksumMember = $op->getInput()->getMember($checksumMemberName);
            $supportedAlgorithms = isset($checksumMember['enum'])
                ? array_map('strtolower', $checksumMember['enum'])
                : null;
            if (is_array($supportedAlgorithms)
                && in_array($requestedAlgorithm, $supportedAlgorithms)
            ) {
                $request = $this->addAlgorithmHeader($requestedAlgorithm, $request, $body);
            } else {
                throw new InvalidArgumentException(
                    "Unsupported algorithm supplied for input variable {$checksumMemberName}."
                    . "  Supported checksums for this operation include: "
                    . implode(", ", $supportedAlgorithms) . "."
                );
            }
            return $next($command, $request);
        }

if (!empty($checksumInfo)) {
        //if the checksum member is absent, check if it's required
        $checksumRequired = $checksumInfo['requestChecksumRequired'] ?? null;
            if ((!empty($checksumRequired))
                || (in_array($name, self::$sha256AndMd5) && $addContentMD5)
            ) {
                //S3Express doesn't support MD5; default to crc32 instead
                if ($this->isS3Express($command)) {
                    $request = $this->addAlgorithmHeader('crc32', $request, $body);
                } elseif (!$request->hasHeader('Content-MD5')) {
                    // Set the content MD5 header for operations that require it.
                    $request = $request->withHeader(
                        'Content-MD5',
                        base64_encode(Psr7\Utils::hash($body, 'md5', true))
                    );
                }
                return $next($command, $request);
            }
        }

if (in_array($name, self::$sha256AndMd5) && $command['ContentSHA256']) {
            // Set the content hash header if provided in the parameters.
            $request = $request->withHeader(
                'X-Amz-Content-Sha256',
                $command['ContentSHA256']
            );
        }

return $next($command, $request);
    }

/**
     * @param string $requestedAlgorithm
     * @param RequestInterface $request
     * @param StreamInterface $body
     * @return RequestInterface
     */
    private function addAlgorithmHeader(
        string $requestedAlgorithm,
        RequestInterface $request,
        StreamInterface $body
    ) {
        $headerName = "x-amz-checksum-{$requestedAlgorithm}";
        if (!$request->hasHeader($headerName)) {
            $encoded = $this->getEncodedValue($requestedAlgorithm, $body);
            $request = $request->withHeader($headerName, $encoded);
        }
        return $request;
    }

/**
     * @param CommandInterface $command
     * @return bool
     */
    private function isS3Express(CommandInterface $command): bool
    {
        return isset($command['@context']['signing_service'])
            && $command['@context']['signing_service'] === 's3express';
    }
}