s3cmd icon indicating copy to clipboard operation
s3cmd copied to clipboard
verified publisher icon s3tools

s3cmd sync with sha256 hash instead of md5 hash

Open albarki opened this issue 9 years ago • 2 comments

Hello s3sync check By default a md5 checksum and file size to know if the file is changed or not. My question is, how to use sha256 instead of md5?

albarki avatar Jun 22 '16 17:06 albarki

This feature uses the ETag or Content-MD5 headers provided by Amazon's S3 implementation for server-side MD5 storage. Depending on the upload and encryption mechanisms S3 stores the MD5 of the object in the ETag and the Content-MD5 is a read-only view of the object's data MD5 sum. S3 does not have an option for storing a SHA256 of the object content; however, this could be added as custom metadata. There is a bit of development work that would be required to synchronize using SHA256 sums rather than MD5 sums including adding the custom metadata on upload and comparing SHA256 sums. The option in s3cmd is to either use MD5 or only use the file's size. Of course, using only the file's size is dangerous because the modification of the file without truncation or append is not detected as a change.

What is your use case that has you concerned with MD5 used for synchronization?

http://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonResponseHeaders.html http://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html

bencodestx avatar Jul 18 '16 19:07 bencodestx

FIPS on RHEL 8

sfxworks avatar Jun 09 '21 19:06 sfxworks

@sfxworks FYI, a change was just pushed to MASTER to support FIPS on RHEL8

fviard avatar Oct 04 '22 00:10 fviard