fix(middleware-ssec): ssecMiddleware with strict base64 validation

[RanVaknin]

Issue

#5863

Description

Making a a more robust check for if the provided key is indeed a base64 by comparing the byte length to 32, since AES-256 specifies a cipher must be 256bits (32 bytes) we can assert that the cipher provided must have a byte length of 32.

AES-256() The block cipher specifed in this Standard with 256-bit keys

https://csrc.nist.gov/pubs/fips/197/final

Testing

Added unit test coverage to cover the more of the middleware changes from #5676
And additionally unit tests to cover the isValidBase64EncodedSSECustomerKey helper function.

Driver code:

Borrowed from edge case mentioned in #5863:

async function putObjectWithMD5EncodedSSECKey(){
  try {
    const SSECustomerKey = crypto
    .createHash("md5")
    .update("foo")
    .digest("hex");
    const SSECustomerKeyMD5 = crypto
  .createHash("md5")
  .update(SSECustomerKey)
  .digest("hex");

    const response = await client.send(new PutObjectCommand({
      Bucket: 'testbucket',
       Body: 'This is a test',      
       Key: "foo",    
       SSECustomerKey: SSECustomerKey,
      SSECustomerAlgorithm: 'AES256',
      SSECustomerKeyMD5: SSECustomerKeyMD5
    }))
    console.log(response.$metadata.httpStatusCode);
  } catch (error) {
    console.error(error);
  }
}

// 200

Additional context

Add any other context about the PR here.

Checklist

• If you wrote E2E tests, are they resilient to concurrent I/O?
• If adding new public functions, did you add the @public tag and enable doc generation on the package?

---

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

[github-actions]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread.