-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
getContentMd5() of blob returns encrypted MD5 value due to SERVER SIDE ENCRYPTION TRUE by default on azure storage side? #17477
Comments
Thanks for posting this question. I've linked a sample from our tests to clarify how to validate the contentMd5 returned from the server. Hope that helps! |
I upload same file in azure storage and cloudian S3 storage. It give me different MD5 value of same file in different storage. In azure blob storage, I'm getting MD5 value using azure-storage-blob sdk as per below code:- Can anyone help me into this? |
@gapra-msft My concern is Azure stored file has different MD5 checksum than local file?? If I compare Azure uploaded file contentMD5 with local same file MD5, it is not matched. Is it valid behavior? |
How are you calculating the md5 of the local file? In the code you shared above, it seems like you are calculating the md5 of the md5, rather than the data itself, which could be why you are seeing discrepancies |
Hi @gapra-msft FYI, I calculate local file MD5 with online utility OR using command prompt I tried with below code, no one is matched with local file MD5:- 1st Try:- 2nd Try:- 3rd Try:- |
Thank you for the extra information. I wrote a small sample script to verify that the service is indeed computing the md5 correctly. It looks like the cert util tool returns the md5 as a hex encoded string of the md5 bytes. The SDK simply returns the raw bytes. So to make them match, you need to convert one of them. I've attached a sample below. Hope this helps!
|
This should also resolve your other issue #17758 |
Hi @gapra-msft I would like to inform you that now local file MD5 and azure store file MD is getting matched with above solution. Thank you so much for detailed solution. Really your help is appreciable. |
@harisingh-highq Great to hear! Since your issue seems to have been resolved, I will go ahead and close this issue. |
Dev sentinel 2021 10 01 preview (Azure#17494) * Adds base for updating Microsoft.SecurityInsights from version preview/2021-09-01-preview to version 2021-10-01-preview * Updates readme * Updates API version in new specs and examples * Add IoT data connector (Azure#17086) * add Iot data connector * fix kind in getIotById * add deleted files * add missing newlines * fix newlines * Revert "Add IoT data connector (Azure#17086)" (Azure#17170) This reverts commit a11dd79ea1fb12c9b9d673fed2de91cc0098adbf. * Adding providerIncidentUrl & techniques to IncidentAdditionalData (Azure#17173) * Adding providerIncidentUrl to Incident * Adding techniques to incident * Dev sentinel 2021 10 01 preview (Azure#17314) * Bookmarks 2021-10-01-preview * prettier * definitions * rename Co-authored-by: Igal Shapira <igshapir@microsoft.com> * Data connectors 2021 10 01 preview office connectors added (Azure#17193) * Project and PowerBI specs added. * Space removed * File with a wrong name removed * More changer added * Example files with inconsistent naming removed * dataConnectors json updated * Ref fixed * Prettier applied Co-authored-by: Ido Klotz <idoklotz@microsoft.com> * AutomationRules preview 2021_10_01 (Azure#17325) * h * first * examples * prettier * path * fixes * prettier * examples * Z * Z * responses * fix * fixes * fix * prettier * PR Fixes * PR Fixes * PR Fixes * fix * fix * fix * fix * Last * PR Fixes * Last * tryFix * tryFix * incidentTypes * fix Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> * Add MITRE support to alert rules models (Azure#17198) * Update alert rules models with tactics and techniques * Add attack tactics new enum values * Update alert rules models examples * Fix techniques type * Update files with prettier * Insert validations fixes * Fix validations * Fixes in alert rules models * Fix alert rules models and examples * adding changes to alert rules json * Revert "adding changes to alert rules json" This reverts commit 603490e300c76dee48550a11d0dee8fe5c824a2e. * Adding fusion v2 ui api documentation * some fixes * adding prettier fixes * removing unwanted property * updating the readonly properties Co-authored-by: Lilyan Cohen <licohen@microsoft.com> Co-authored-by: Vishal Kumar <viskumar@microsoft.com> * ErrorResponse changed to CloudError (Azure#17477) Co-authored-by: Ido Klotz <idoklotz@microsoft.com> * Done (Azure#17488) Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> * Adding tenantId (Azure#17533) Co-authored-by: Ido Klotz <idoklotz@microsoft.com> * Done (Azure#17556) Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> * Fix LindDiff and SemanticValidation (Azure#17584) Co-authored-by: ShaniFelig <74960756+ShaniFelig@users.noreply.github.com> Co-authored-by: roherzbe <52486962+roherzbe@users.noreply.github.com> Co-authored-by: Igal <igal.shapira@gmail.com> Co-authored-by: Igal Shapira <igshapir@microsoft.com> Co-authored-by: Ido Klotz <idoklotz@gmail.com> Co-authored-by: Ido Klotz <idoklotz@microsoft.com> Co-authored-by: royrein <37300636+royrein@users.noreply.github.com> Co-authored-by: Roy Reinhorn <roreinho@microsoft.com> Co-authored-by: lilyanc02 <46589651+lilyanc02@users.noreply.github.com> Co-authored-by: Lilyan Cohen <licohen@microsoft.com> Co-authored-by: Vishal Kumar <viskumar@microsoft.com>
Hi
I found the case when we get MD5 of blob file using blobClient.getProperties().getContentMd5(), will it return encrypted MD5 of blob due to SERVER SIDE ENCRYPTION TRUE by default on azure storage side?
Below is code snippet:-
`blobClient.upload(bin, length);
BlobProperties prop = blobClient.getProperties();
java.security.MessageDigest md5 = java.security.MessageDigest.getInstance("MD5");
md5.update(prop.getContentMd5());
byte[] encrBytes = md5.digest();
StringBuilder encrHash = new StringBuilder();
for (int i = 0; i < encrBytes.length; i++) {
encrHash.append(Integer.toString((encrBytes[i] & 0xff) + 0x100, 16).substring(1));
}`
Above StringBuilder encrHash value does not match with if I download same file from azure UI and calculate MD5 of downloaded file in local system.
Is it valid behavior?
OR below logic of converting byte array of getContentMd5() to string builder is wrong from my side?
Can you please help me to sort out this issue?
The text was updated successfully, but these errors were encountered: