ARSN-552: don't throw in case of bad Date inputs

Author: leif-scality

lib/auth/auth.ts

@@ -216,7 +216,9 @@ function generateV4Headers(
     payload?: string,
 ) {
     Object.assign(request, { headers: {} });
-    const amzDate = convertUTCtoISO8601(Date.now());
+    // Date.now() should always return a valid date so we assert non null.
+    const amzDate: string = convertUTCtoISO8601(Date.now())!;
+
     // get date without time
     const scopeDate = amzDate.slice(0, amzDate.indexOf('T'));
     const region = 'us-east-1';

lib/auth/v4/headerAuthCheck.ts

@@ -6,6 +6,7 @@ import {
     checkTimeSkew,
     convertUTCtoISO8601,
     convertAmzTimeToMs,
+    isValidISO8601Compact,
 } from './timeUtils';
 import {
     extractAuthItems,
@@ -81,21 +82,18 @@ export function check(
     let timestamp: string | undefined;
     // check request timestamp
     const xAmzDate = request.headers['x-amz-date'];
-    if (xAmzDate) {
-        const xAmzDateArr = xAmzDate.split('T');
-        // check that x-amz- date has the correct format and after epochTime
-        if (xAmzDateArr.length === 2 && xAmzDateArr[0].length === 8
-          && xAmzDateArr[1].length === 7
-          && Number.parseInt(xAmzDateArr[0], 10) > 19700101) {
-            // format of x-amz- date is ISO 8601: YYYYMMDDTHHMMSSZ
-            timestamp = request.headers['x-amz-date'];
-        }
+    if (isValidISO8601Compact(xAmzDate)) {
+        timestamp = xAmzDate;
     } else if (request.headers.date) {
-        timestamp = convertUTCtoISO8601(request.headers.date);
+        if (isValidISO8601Compact(request.headers.date)) {
+            timestamp = request.headers.date;
+        } else {
+            timestamp = convertUTCtoISO8601(request.headers.date);
+        }
     }
     if (!timestamp) {
         log.debug('missing or invalid date header',
-            { method: 'auth/v4/headerAuthCheck.check' });
+            { 'method': 'auth/v4/headerAuthCheck.check', 'x-amz-date': xAmzDate, 'Date': request.headers.date });
         return { err: errorInstances.AccessDenied.
             customizeDescription('Authentication requires a valid Date or ' +
           'x-amz-date header') };

lib/auth/v4/timeUtils.ts

@@ -15,15 +15,33 @@ export function convertAmzTimeToMs(timestamp: string) {
 }
 
 /**
- * Convert UTC timestamp to ISO 8601 timestamp
- * @param timestamp of UTC form: Fri, 10 Feb 2012 21:34:55 GMT
- * @return ISO8601 timestamp of form: YYYYMMDDTHHMMSSZ
- */
-export function convertUTCtoISO8601(timestamp: string | number) {
-    // convert to ISO string: YYYY-MM-DDTHH:mm:ss.sssZ.
-    const converted = new Date(timestamp).toISOString();
-    // Remove "-"s and "."s and milliseconds
-    return converted.split('.')[0].replace(/-|:/g, '').concat('Z');
+* Convert UTC timestamp to ISO 8601 compact format
+* @param timestamp - UTC timestamp (e.g., 'Fri, 10 Feb 2012 21:34:55 GMT') or Unix timestamp
+* @return ISO8601 timestamp of form YYYYMMDDTHHMMSSZ, or undefined if invalid
+*
+* @example
+* convertUTCtoISO8601('Fri, 10 Feb 2012 21:34:55 GMT'); // '20120210T213455Z'
+* convertUTCtoISO8601(1328910895000); // '20120210T213455Z'
+* convertUTCtoISO8601('invalid'); // undefined
+*/
+export function convertUTCtoISO8601(timestamp: unknown): string | undefined {
+    if (timestamp == null) {
+        return undefined;
+    }
+
+    const date = new Date(timestamp as string | number);
+
+    if (isNaN(date.getTime())) {
+        return undefined;
+    }
+
+    try {
+        // Can throw RangeError.
+        const converted = date.toISOString();
+        return converted.split('.')[0].replace(/-|:/g, '').concat('Z');
+    } catch {
+        return undefined;
+    }
 }
 
 /**
@@ -41,16 +59,85 @@ export function checkTimeSkew(timestamp: string, expiry: number, log: RequestLog
     if ((currentTime + fifteenMinutes) < parsedTimestamp) {
         log.debug('current time pre-dates timestamp', {
             parsedTimestamp,
-            currentTimeInMilliseconds: currentTime });
+            currentTimeInMilliseconds: currentTime
+        });
         return true;
     }
     const expiryInMilliseconds = expiry * 1000;
     if (currentTime > parsedTimestamp + expiryInMilliseconds) {
         log.debug('signature has expired', {
             parsedTimestamp,
             expiry,
-            currentTimeInMilliseconds: currentTime });
+            currentTimeInMilliseconds: currentTime
+        });
         return true;
     }
     return false;
 }
+
+/**
+* Validates if a string is in ISO 8601 compact format: YYYYMMDDTHHMMSSZ
+*
+* Checks that: 
+* - String is exactly 16 characters long
+* - Format matches YYYYMMDDTHHMMSSZ (8 digits, 'T', 6 digits, 'Z')
+* - All date/time components are valid (no Feb 30th, no 25:00:00, etc.)
+* - No silent date corrections occur (prevents rollover)
+*
+* @param str - The string to validate
+* @returns true if the string is a valid ISO 8601 compact format, false otherwise
+*
+* @example
+* ```typescript
+* isValidISO8601Compact('20160208T201405Z');  // true
+* isValidISO8601Compact('20160230T201405Z');  // false (Feb 30 invalid)
+* isValidISO8601Compact('20160208T251405Z');  // false (25 hours invalid)
+* isValidISO8601Compact('2016-02-08T20:14:05Z'); // false (wrong format)
+* isValidISO8601Compact('abcd0208T201405Z');  // false (contains letters)
+* ```
+*/
+export function isValidISO8601Compact(str: string): boolean {
+    if (str == null || typeof str !== 'string') {
+        return false;
+    }
+
+    // Check length
+    if (str.length !== 16) {
+        return false;
+    }
+
+    // Check 'T' at position 8 and 'Z' at position 15
+    if (str[8] !== 'T' || str[15] !== 'Z') {
+        return false;
+    }
+
+    // Check all other positions are digits
+    for (let i = 0; i < 16; i++) {
+        if (i === 8 || i === 15) {
+            continue; // Skip T and Z
+        }
+        if (str[i] < '0' || str[i] > '9') {
+            return false;
+        }
+    }
+
+    // Extract components
+    const year = str.substring(0, 4);
+    const month = str.substring(4, 6);
+    const day = str.substring(6, 8);
+    const hour = str.substring(9, 11);
+    const minute = str.substring(11, 13);
+    const second = str.substring(13, 15);
+
+    // Construct standard ISO format and validate
+    const isoString = `${year}-${month}-${day}T${hour}:${minute}:${second}.000Z`;
+    const date = new Date(isoString);
+
+    try {
+        // date.toISOString() can throw.
+        // date.toISOString() === isoString check prevents silent date corrections (30 February to 1 March)
+        return !isNaN(date.getTime()) && date.toISOString() === isoString;
+    } catch {
+        return false;
+    }
+}

tests/unit/auth/v4/headerAuthCheck.spec.js

@@ -179,19 +179,17 @@ describe('v4 headerAuthCheck', () => {
 
     it('should return error if timestamp from x-amz-date header' +
         'is before epochTime', done => {
-        // Different date (2095 instead of 2016)
+        // Date from 1950 (before epoch time)
         const alteredRequest = createAlteredRequest({
             'x-amz-date': '19500707T215304Z',
             'authorization': 'AWS4-HMAC-SHA256 Credential' +
-                '=accessKey1/20160208/us-east-1/s3/aws4_request, ' +
+                '=accessKey1/19500707/us-east-1/s3/aws4_request, ' +
                 'SignedHeaders=host;x-amz-content-sha256;' +
                 'x-amz-date, Signature=abed924c06abf8772c67' +
                 '0064d22eacd6ccb85c06befa15f' +
                 '4a789b0bae19307bc' }, 'headers', request, headers);
         const res = headerAuthCheck(alteredRequest, log);
-        assert.deepStrictEqual(res.err, errorInstances.AccessDenied.
-            customizeDescription('Authentication requires a valid Date or ' +
-        'x-amz-date header'));
+        assert.deepStrictEqual(res.err, errors.RequestTimeTooSkewed);
         done();
     });