aws-crt-cpp
C++ wrapper around the aws-c-* libraries. Provides Cross-Platform Transport Protocols and SSL/TLS implementations for C++.
Sigv4Signing.h
Go to the documentation of this file.
1#pragma once
7#include <aws/crt/Exports.h>
8
9#include <aws/crt/DateTime.h>
10#include <aws/crt/Types.h>
12
13struct aws_signing_config_aws;
14
15namespace Aws
16{
17 namespace Crt
18 {
19 namespace Auth
20 {
21 class Credentials;
22 class ICredentialsProvider;
23
28 {
33 SigV4 = AWS_SIGNING_ALGORITHM_V4,
34
39 SigV4A = AWS_SIGNING_ALGORITHM_V4_ASYMMETRIC,
40 };
41
45 enum class SignatureType
46 {
51 HttpRequestViaHeaders = AWS_ST_HTTP_REQUEST_HEADERS,
52
57 HttpRequestViaQueryParams = AWS_ST_HTTP_REQUEST_QUERY_PARAMS,
58
62 HttpRequestChunk = AWS_ST_HTTP_REQUEST_CHUNK,
63
69 HttpRequestEvent = AWS_ST_HTTP_REQUEST_EVENT,
70 };
71
76 namespace SignedBodyValue
77 {
83 AWS_CRT_CPP_API extern const char *EmptySha256;
88 AWS_CRT_CPP_API extern const char *UnsignedPayload;
99 } // namespace SignedBodyValue
100
105 {
109 None = AWS_SBHT_NONE,
110
114 XAmzContentSha256 = AWS_SBHT_X_AMZ_CONTENT_SHA256,
115 };
116
117 using ShouldSignHeaderCb = bool (*)(const Crt::ByteCursor *, void *);
118
124 {
125 public:
127 virtual ~AwsSigningConfig();
128
129 virtual SigningConfigType GetType() const noexcept override { return SigningConfigType::Aws; }
130
134 SigningAlgorithm GetSigningAlgorithm() const noexcept;
135
139 void SetSigningAlgorithm(SigningAlgorithm algorithm) noexcept;
140
144 SignatureType GetSignatureType() const noexcept;
145
149 void SetSignatureType(SignatureType signatureType) noexcept;
150
154 const Crt::String &GetRegion() const noexcept;
155
159 void SetRegion(const Crt::String &region) noexcept;
160
164 const Crt::String &GetService() const noexcept;
165
169 void SetService(const Crt::String &service) noexcept;
170
174 DateTime GetSigningTimepoint() const noexcept;
175
179 void SetSigningTimepoint(const DateTime &date) noexcept;
180
181 /*
182 * We assume the uri will be encoded once in preparation for transmission. Certain services
183 * do not decode before checking signature, requiring us to actually double-encode the uri in the
184 * canonical request in order to pass a signature check.
185 */
186
191 bool GetUseDoubleUriEncode() const noexcept;
192
197 void SetUseDoubleUriEncode(bool useDoubleUriEncode) noexcept;
198
202 bool GetShouldNormalizeUriPath() const noexcept;
203
207 void SetShouldNormalizeUriPath(bool shouldNormalizeUriPath) noexcept;
208
213 bool GetOmitSessionToken() const noexcept;
214
219 void SetOmitSessionToken(bool omitSessionToken) noexcept;
220
224 ShouldSignHeaderCb GetShouldSignHeaderCallback() const noexcept;
225
230 void SetShouldSignHeaderCallback(ShouldSignHeaderCb shouldSignHeaderCb) noexcept;
231
235 void *GetShouldSignHeaderUserData() const noexcept;
236
240 void SetShouldSignHeaderUserData(void *userData) noexcept;
241
246 const Crt::String &GetSignedBodyValue() const noexcept;
247
255 void SetSignedBodyValue(const Crt::String &signedBodyValue) noexcept;
256
260 SignedBodyHeaderType GetSignedBodyHeader() const noexcept;
261
265 void SetSignedBodyHeader(SignedBodyHeaderType signedBodyHeader) noexcept;
266
271 uint64_t GetExpirationInSeconds() const noexcept;
272
276 void SetExpirationInSeconds(uint64_t expirationInSeconds) noexcept;
277
278 /*
279 * For Sigv4 signing, either the credentials provider or the credentials must be set.
280 * Credentials, if set, takes precedence over the provider.
281 */
282
286 const std::shared_ptr<ICredentialsProvider> &GetCredentialsProvider() const noexcept;
287
291 void SetCredentialsProvider(const std::shared_ptr<ICredentialsProvider> &credsProvider) noexcept;
292
296 const std::shared_ptr<Credentials> &GetCredentials() const noexcept;
297
301 void SetCredentials(const std::shared_ptr<Credentials> &credentials) noexcept;
302
304 const struct aws_signing_config_aws *GetUnderlyingHandle() const noexcept;
305
306 private:
307 Allocator *m_allocator;
308 std::shared_ptr<ICredentialsProvider> m_credentialsProvider;
309 std::shared_ptr<Credentials> m_credentials;
310 struct aws_signing_config_aws m_config;
311 Crt::String m_signingRegion;
312 Crt::String m_serviceName;
313 Crt::String m_signedBodyValue;
314 };
315
321 {
322 public:
324 virtual ~Sigv4HttpRequestSigner() = default;
325
326 bool IsValid() const override { return true; }
327
331 virtual bool SignRequest(
332 const std::shared_ptr<Aws::Crt::Http::HttpRequest> &request,
333 const ISigningConfig &config,
334 const OnHttpRequestSigningComplete &completionCallback) override;
335
336 private:
337 Allocator *m_allocator;
338 };
339 } // namespace Auth
340 } // namespace Crt
341} // namespace Aws
#define AWS_CRT_CPP_API
Definition: Exports.h:37
Definition: Sigv4Signing.h:124
virtual SigningConfigType GetType() const noexcept override
Definition: Sigv4Signing.h:129
Definition: Credentials.h:38
Definition: Credentials.h:105
Definition: Signing.h:68
Definition: Signing.h:46
Definition: Sigv4Signing.h:321
bool IsValid() const override
Definition: Sigv4Signing.h:326
Definition: DateTime.h:53
AWS_CRT_CPP_API const char * StreamingAws4HmacSha256Payload
Definition: Sigv4Signing.cpp:25
AWS_CRT_CPP_API const char * StreamingAws4HmacSha256Events
Definition: Sigv4Signing.cpp:26
AWS_CRT_CPP_API const char * UnsignedPayload
Definition: Sigv4Signing.cpp:24
AWS_CRT_CPP_API const char * EmptySha256
Definition: Sigv4Signing.cpp:23
SigningAlgorithm
Definition: Sigv4Signing.h:28
SigningConfigType
Definition: Signing.h:30
SignedBodyHeaderType
Definition: Sigv4Signing.h:105
std::function< void(const std::shared_ptr< Aws::Crt::Http::HttpRequest > &, int)> OnHttpRequestSigningComplete
Definition: Signing.h:39
bool(*)(const Crt::ByteCursor *, void *) ShouldSignHeaderCb
Definition: Sigv4Signing.h:117
SignatureType
Definition: Sigv4Signing.h:46
aws_byte_cursor ByteCursor
Definition: Types.h:33
aws_allocator Allocator
Definition: StlAllocator.h:17
AWS_CRT_CPP_API Allocator * g_allocator
Definition: Api.cpp:23
std::basic_string< char, std::char_traits< char >, StlAllocator< char > > String
Definition: Types.h:47
Definition: Api.h:14
Definition: StringView.h:851