This project is archived. Its data is read-only.

Unverified Commit bc418284 authored Sep 28, 2023 by Zelda Hessler Committed by GitHub Sep 28, 2023

add Sigv4A support (#2939)



## Motivation

smithy-rs#1797

## Description

This PR adds Sigv4a support along with many tests that were ported from
the CRT Sigv4a project. **It does not include**:
- An E2E test. We should create one, but doing so requires us to set up
MRAP which is a good amount of work.
- A fuzz test. While I wrote and ran one on my machine, I found the fuzz
testing tool to be really difficult to use and it would take some work
to include fuzz testing in CI.

Additionally, test Sigv4a is annoying because Sigv4a signing is
non-deterministic. Because of this, the tests test signature generation
by first signing a request, and then by verifying that signature (_This
is how the CRT tests this feature_).

----

_By submitting this pull request, I confirm that you can use, modify,
copy, and redistribute this contribution, under the terms of your
choice._

---------

Co-authored-by: ysaito1001 <awsaito@amazon.com>

parent aaf71c83

.gitignore

+1 −0

Original line number	Diff line number	Diff line
		@@ -50,6 +50,7 @@ target/

		# IDEs
		.idea/
		.vscode/
		.project
		.settings
		.classpath

CHANGELOG.next.toml

+7 −1

Original line number	Diff line number	Diff line
		@@ -223,3 +223,9 @@ message = "Python middleware can set URI. This can be used to route a request to
		references = ["smithy-rs#3005"]
		meta = { "breaking" = false, "tada" = true, "bug" = false, "target" = "server" }
		author = "drganjoo"

		[[aws-sdk-rust]]
		message = "Add support for Sigv4A request signing. Sigv4a signing will be used automatically when appropriate for a given operation. Currently, it's used for S3 and EventBridge."
		references = ["smithy-rs#1797"]
		meta = { "breaking" = true, "tada" = true, "bug" = false }
		author = "Velfi"

aws/rust-runtime/aws-endpoint/src/lib.rs

+1 −1

Original line number	Diff line number	Diff line
		@@ -212,7 +212,7 @@ mod test {
		let req = AwsAuthStage.apply(req).expect("should succeed");
		assert_eq!(
		req.properties().get(),
		Some(&SigningRegion::from(Region::new("us-east-override")))
		Some(&SigningRegion::from_static("us-east-override"))
		);
		assert_eq!(
		req.properties().get(),

aws/rust-runtime/aws-inlineable/src/glacier_interceptors.rs

+1 −1

Original line number	Diff line number	Diff line
		@@ -6,7 +6,7 @@
		// This code is referenced in generated code, so the compiler doesn't realize it is used.
		#![allow(dead_code)]

		use aws_runtime::auth::sigv4::SigV4OperationSigningConfig;
		use aws_runtime::auth::SigV4OperationSigningConfig;
		use aws_sigv4::http_request::SignableBody;
		use aws_smithy_http::body::SdkBody;
		use aws_smithy_http::byte_stream;

aws/rust-runtime/aws-inlineable/src/http_request_checksum.rs

+1 −1

Original line number	Diff line number	Diff line
		@@ -8,7 +8,7 @@
		//! Interceptor for handling Smithy `@httpChecksum` request checksumming with AWS SigV4

		use aws_http::content_encoding::{AwsChunkedBody, AwsChunkedBodyOptions};
		use aws_runtime::auth::sigv4::SigV4OperationSigningConfig;
		use aws_runtime::auth::SigV4OperationSigningConfig;
		use aws_sigv4::http_request::SignableBody;
		use aws_smithy_checksums::ChecksumAlgorithm;
		use aws_smithy_checksums::{body::calculate, http::HttpChecksum};