From be7407b231dce5ae66c070769e9f1d1288e2c56f Mon Sep 17 00:00:00 2001
From: dblock <dblock@amazon.com>
Date: Tue, 26 Mar 2024 16:20:11 -0400
Subject: [PATCH] Fix: empty body SHA is incorrect.

Signed-off-by: dblock <dblock@amazon.com>
---
 signer/aws/aws.go      | 2 +-
 signer/aws/aws_test.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/signer/aws/aws.go b/signer/aws/aws.go
index 05c3fe840..90abb4725 100644
--- a/signer/aws/aws.go
+++ b/signer/aws/aws.go
@@ -31,7 +31,7 @@ const OpenSearchService = "es"
 const OpenSearchServerless = "aoss"
 
 //nolint:gosec // static empty Body
-const emptyBodySHA256 = "2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824"
+const emptyBodySHA256 = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
 
 // Signer is an interface that will implement opensearchtransport.Signer
 type Signer struct {
diff --git a/signer/aws/aws_test.go b/signer/aws/aws_test.go
index fd493f54c..3368f576b 100644
--- a/signer/aws/aws_test.go
+++ b/signer/aws/aws_test.go
@@ -65,7 +65,7 @@ func TestV4Signer(t *testing.T) {
 		q := req.Header
 		assert.NotEmpty(t, q.Get("Authorization"))
 		assert.NotEmpty(t, q.Get("X-Amz-Date"))
-		assert.Equal(t, "2cf24dba5fb0a30e26e83b2ac5b9e29e1b161e5c1fa7425e73043362938b9824", q.Get("X-Amz-Content-Sha256"))
+		assert.Equal(t, "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", q.Get("X-Amz-Content-Sha256"))
 	})
 
 	t.Run("sign request success with body", func(t *testing.T) {