Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: change SignedBodyValue enum to allow precomputed sha256 hash #271

Merged
merged 3 commits into from
Jun 25, 2024
Merged

feat: change SignedBodyValue enum to allow precomputed sha256 hash #271

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
a6b4785
change SignedBodyValue enum to allow precomputed sha256 hash
dayaffe Jun 25, 2024
af8d5de
signedBodyValue should use description instead of rawValue
dayaffe Jun 25, 2024
8d348fa
add small changes
dayaffe Jun 25, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
53 changes: 42 additions & 11 deletions Source/AwsCommonRuntimeKit/auth/signing/SigningConfig.swift
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ public struct SigningConfig: CStructWithUserData {
return withByteCursorFromStrings(
region,
service,
signedBodyValue.rawValue) { regionCursor, serviceCursor, signedBodyValueCursor in
signedBodyValue.description) { regionCursor, serviceCursor, signedBodyValueCursor in

cConfig.region = regionCursor
cConfig.service = serviceCursor
Expand Down Expand Up @@ -174,25 +174,56 @@ public enum SignedBodyHeaderType {
/// Optional string to use as the canonical request's body value.
/// Typically, this is the SHA-256 of the (request/chunk/event) payload, written as lowercase hex.
/// If this has been precalculated, it can be set here. Special values used by certain services can also be set.
public enum SignedBodyValue: String {
public enum SignedBodyValue: CustomStringConvertible, Equatable {
/// if empty, a public value will be calculated from the payload during signing
case empty = ""
case empty
/// For empty sha256
case emptySha256 = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
case emptySha256
/// Use this to provide a precalculated sha256 value
case precomputedSha256(String)
/// Use this in the case of needing to not use the payload for signing
case unsignedPayload = "UNSIGNED-PAYLOAD"
case unsignedPayload
/// For streaming sha256 payload
case streamingSha256Payload = "STREAMING-AWS4-HMAC-SHA256-PAYLOAD"
case streamingSha256Payload
/// For streaming sha256 payload trailer
case streamingSha256PayloadTrailer = "STREAMING-AWS4-HMAC-SHA256-PAYLOAD-TRAILER"
case streamingSha256PayloadTrailer
/// For streaming sigv4a sha256 payload
case streamingECDSA_P256Sha256Payload = "STREAMING-AWS4-ECDSA-P256-SHA256-PAYLOAD"
case streamingECDSA_P256Sha256Payload
/// For streaming sigv4a sha256 payload trailer
case streamingECDSA_P256Sha256PayloadTrailer = "STREAMING-AWS4-ECDSA-P256-SHA256-PAYLOAD-TRAILER"
case streamingECDSA_P256Sha256PayloadTrailer
/// For streaming sigv4a sha256 events
case streamingSha256Events = "STREAMING-AWS4-HMAC-SHA256-EVENTS"
case streamingSha256Events
/// For streaming unsigned payload trailer
case streamingUnSignedPayloadTrailer = "STREAMING-UNSIGNED-PAYLOAD-TRAILER"
case streamingUnSignedPayloadTrailer

public var description: String {
switch self {
case .empty:
return ""
case .emptySha256:
return "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
case .precomputedSha256(let value):
return value
case .unsignedPayload:
return "UNSIGNED-PAYLOAD"
case .streamingSha256Payload:
return "STREAMING-AWS4-HMAC-SHA256-PAYLOAD"
case .streamingSha256PayloadTrailer:
return "STREAMING-AWS4-HMAC-SHA256-PAYLOAD-TRAILER"
case .streamingECDSA_P256Sha256Payload:
return "STREAMING-AWS4-ECDSA-P256-SHA256-PAYLOAD"
case .streamingECDSA_P256Sha256PayloadTrailer:
return "STREAMING-AWS4-ECDSA-P256-SHA256-PAYLOAD-TRAILER"
case .streamingSha256Events:
return "STREAMING-AWS4-HMAC-SHA256-EVENTS"
case .streamingUnSignedPayloadTrailer:
return "STREAMING-UNSIGNED-PAYLOAD-TRAILER"
}
}

public static func == (lhs: SignedBodyValue, rhs: SignedBodyValue) -> Bool {
return lhs.description == rhs.description
}
}

public enum SigningAlgorithmType {
Expand Down
2 changes: 1 addition & 1 deletion Test/AwsCommonRuntimeKitTests/auth/SigningConfigTests.swift
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ class SigningConfigTests: XCBaseTestCase {
XCTAssertNotNil(cSigningConfig.credentials)
XCTAssertEqual(UInt64(signingConfig.expiration!), cSigningConfig.expiration_in_seconds)
XCTAssertEqual(signingConfig.signedBodyHeader.rawValue, cSigningConfig.signed_body_header)
XCTAssertEqual(signingConfig.signedBodyValue.rawValue, cSigningConfig.signed_body_value.toString())
XCTAssertEqual(signingConfig.signedBodyValue.description, cSigningConfig.signed_body_value.toString())
}
}
}
Loading