Examples with AwsSigningResult software.amazon.awssdk.crt.auth.signing.AwsSigningResult used on opensource projects

Search in sources :

Example 1 with AwsSigningResult

use of software.amazon.awssdk.crt.auth.signing.AwsSigningResult in project aws-crt-java by awslabs.

the class SigningTest method testTrailingHeadersSigv4Signing.

@Test
public void testTrailingHeadersSigv4Signing() throws Exception {
    HttpRequest request = createChunkedTestRequest();
    CompletableFuture<HttpRequest> result = AwsSigner.signRequest(request, createChunkedRequestSigningConfig());
    HttpRequest signedRequest = result.get();
    assertNotNull(signedRequest);
    assertTrue(hasHeaderWithValue(signedRequest, "Authorization", EXPECTED_CHUNK_REQUEST_AUTHORIZATION_HEADER));
    /*
        * If the authorization header is equal then certainly we can assume the
        * signature value
        */
    byte[] signature = EXPECTED_REQUEST_SIGNATURE;
    HttpRequestBodyStream chunk1 = createChunk1Stream();
    CompletableFuture<AwsSigningResult> chunk1Result = AwsSigner.sign(chunk1, signature, createChunkSigningConfig());
    signature = chunk1Result.get().getSignature();
    assertTrue(Arrays.equals(signature, EXPECTED_FIRST_CHUNK_SIGNATURE));
    HttpRequestBodyStream chunk2 = createChunk2Stream();
    CompletableFuture<AwsSigningResult> chunk2Result = AwsSigner.sign(chunk2, signature, createChunkSigningConfig());
    signature = chunk2Result.get().getSignature();
    assertTrue(Arrays.equals(signature, EXPECTED_SECOND_CHUNK_SIGNATURE));
    CompletableFuture<AwsSigningResult> finalChunkResult = AwsSigner.sign((HttpRequestBodyStream) null, signature, createChunkSigningConfig());
    signature = finalChunkResult.get().getSignature();
    assertTrue(Arrays.equals(signature, EXPECTED_FINAL_CHUNK_SIGNATURE));
    List<HttpHeader> trailingHeaders = createTrailingHeaders();
    AwsSigningConfig trailingHeadersSigningConfig = createTrailingHeadersSigningConfig();
    CompletableFuture<AwsSigningResult> trailingHeadersResult = AwsSigner.sign(trailingHeaders, signature, trailingHeadersSigningConfig);
    signature = trailingHeadersResult.get().getSignature();
    assertTrue(Arrays.equals(signature, EXPECTED_TRAILING_HEADERS_SIGNATURE));
}
Also used : HttpRequest(software.amazon.awssdk.crt.http.HttpRequest) HttpRequestBodyStream(software.amazon.awssdk.crt.http.HttpRequestBodyStream) HttpHeader(software.amazon.awssdk.crt.http.HttpHeader) AwsSigningConfig(software.amazon.awssdk.crt.auth.signing.AwsSigningConfig) AwsSigningResult(software.amazon.awssdk.crt.auth.signing.AwsSigningResult) Test(org.junit.Test)

Example 2 with AwsSigningResult

use of software.amazon.awssdk.crt.auth.signing.AwsSigningResult in project aws-crt-java by awslabs.

the class SigningTest method testTrailingHeadersSigv4aSigning.

@Test
public void testTrailingHeadersSigv4aSigning() throws Exception {
    HttpRequest request = createChunkedTrailerTestRequest();
    AwsSigningConfig chunkedRequestSigningConfig = createChunkedRequestSigningConfig();
    chunkedRequestSigningConfig.setAlgorithm(AwsSigningConfig.AwsSigningAlgorithm.SIGV4_ASYMMETRIC);
    chunkedRequestSigningConfig.setSignedBodyValue(AwsSigningConfig.AwsSignedBodyValue.STREAMING_AWS4_ECDSA_P256_SHA256_PAYLOAD_TRAILER);
    CompletableFuture<AwsSigningResult> result = AwsSigner.sign(request, chunkedRequestSigningConfig);
    HttpRequest signedRequest = result.get().getSignedRequest();
    assertNotNull(signedRequest);
    byte[] requestSignature = result.get().getSignature();
    assertTrue(AwsSigningUtils.verifySigv4aEcdsaSignature(request, CHUNKED_TRAILER_SIGV4A_CANONICAL_REQUEST, chunkedRequestSigningConfig, requestSignature, CHUNKED_SIGV4A_TEST_ECC_PUB_X, CHUNKED_SIGV4A_TEST_ECC_PUB_Y));
    HttpRequestBodyStream chunk1 = createChunk1Stream();
    AwsSigningConfig chunkSigningConfig = createChunkSigningConfig();
    chunkSigningConfig.setAlgorithm(AwsSigningConfig.AwsSigningAlgorithm.SIGV4_ASYMMETRIC);
    CompletableFuture<AwsSigningResult> chunk1Result = AwsSigner.sign(chunk1, requestSignature, chunkSigningConfig);
    byte[] chunk1StringToSign = buildChunkStringToSign(requestSignature, CHUNK1_STS_POST_SIGNATURE);
    assertTrue(AwsSigningUtils.verifyRawSha256EcdsaSignature(chunk1StringToSign, chunk1Result.get().getSignature(), CHUNKED_SIGV4A_TEST_ECC_PUB_X, CHUNKED_SIGV4A_TEST_ECC_PUB_Y));
    HttpRequestBodyStream chunk2 = createChunk2Stream();
    CompletableFuture<AwsSigningResult> chunk2Result = AwsSigner.sign(chunk2, chunk1Result.get().getSignature(), chunkSigningConfig);
    byte[] chunk2StringToSign = buildChunkStringToSign(chunk1Result.get().getSignature(), CHUNK2_STS_POST_SIGNATURE);
    assertTrue(AwsSigningUtils.verifyRawSha256EcdsaSignature(chunk2StringToSign, chunk2Result.get().getSignature(), CHUNKED_SIGV4A_TEST_ECC_PUB_X, CHUNKED_SIGV4A_TEST_ECC_PUB_Y));
    CompletableFuture<AwsSigningResult> chunk3Result = AwsSigner.sign((HttpRequestBodyStream) null, chunk2Result.get().getSignature(), chunkSigningConfig);
    byte[] chunk3StringToSign = buildChunkStringToSign(chunk2Result.get().getSignature(), CHUNK3_STS_POST_SIGNATURE);
    assertTrue(AwsSigningUtils.verifyRawSha256EcdsaSignature(chunk3StringToSign, chunk3Result.get().getSignature(), CHUNKED_SIGV4A_TEST_ECC_PUB_X, CHUNKED_SIGV4A_TEST_ECC_PUB_Y));
    List<HttpHeader> trailingHeaders = createTrailingHeaders();
    AwsSigningConfig trailingHeadersSigningConfig = createTrailingHeadersSigningConfig();
    trailingHeadersSigningConfig.setAlgorithm(AwsSigningConfig.AwsSigningAlgorithm.SIGV4_ASYMMETRIC);
    CompletableFuture<AwsSigningResult> trailingHeadersResult = AwsSigner.sign(trailingHeaders, chunk3Result.get().getSignature(), trailingHeadersSigningConfig);
    byte[] trailingHeadersStringToSign = buildTrailingHeadersStringToSign(chunk3Result.get().getSignature(), TRAILING_HEADERS_STS_POST_SIGNATURE);
    assertTrue(AwsSigningUtils.verifyRawSha256EcdsaSignature(trailingHeadersStringToSign, trailingHeadersResult.get().getSignature(), CHUNKED_SIGV4A_TEST_ECC_PUB_X, CHUNKED_SIGV4A_TEST_ECC_PUB_Y));
}
Also used : HttpRequest(software.amazon.awssdk.crt.http.HttpRequest) HttpRequestBodyStream(software.amazon.awssdk.crt.http.HttpRequestBodyStream) HttpHeader(software.amazon.awssdk.crt.http.HttpHeader) AwsSigningConfig(software.amazon.awssdk.crt.auth.signing.AwsSigningConfig) AwsSigningResult(software.amazon.awssdk.crt.auth.signing.AwsSigningResult) Test(org.junit.Test)

Example 3 with AwsSigningResult

use of software.amazon.awssdk.crt.auth.signing.AwsSigningResult in project aws-sdk-java-v2 by aws.

the class ChunkedEncodingFunctionalTest method calling_adapter_APIs_directly_creates_correct_signatures_for_trailer_headers.

@Test
public void calling_adapter_APIs_directly_creates_correct_signatures_for_trailer_headers() throws Exception {
    SdkHttpFullRequest sdkHttpFullRequest = createChunkedTrailerTestRequest().build();
    chunkedRequestSigningConfig.setAlgorithm(AwsSigningConfig.AwsSigningAlgorithm.SIGV4_ASYMMETRIC);
    chunkedRequestSigningConfig.setSignedBodyValue(AwsSigningConfig.AwsSignedBodyValue.STREAMING_AWS4_ECDSA_P256_SHA256_PAYLOAD_TRAILER);
    SdkSigningResult result = adapter.sign(sdkHttpFullRequest, chunkedRequestSigningConfig);
    byte[] requestSignature = result.getSignature();
    assertTrue(AwsSigningUtils.verifySigv4aEcdsaSignature(converter.requestToCrt(sdkHttpFullRequest), CHUNKED_TRAILER_SIGV4A_CANONICAL_REQUEST, chunkedRequestSigningConfig, requestSignature, CHUNKED_SIGV4A_TEST_ECC_PUB_X, CHUNKED_SIGV4A_TEST_ECC_PUB_Y));
    byte[] previousSignature = result.getSignature();
    for (int i = 0; i < 3; i++) {
        byte[] currentSignature = adapter.signChunk(getChunkData(i), previousSignature, chunkSigningConfig);
        assertTrue(AwsSigningUtils.verifyRawSha256EcdsaSignature(createStringToSign(i, previousSignature), currentSignature, CHUNKED_SIGV4A_TEST_ECC_PUB_X, CHUNKED_SIGV4A_TEST_ECC_PUB_Y));
        previousSignature = currentSignature;
    }
    updateTrailerHeaderSigningConfig();
    Map<String, List<String>> trailerHeader = getTrailerHeaderMap();
    AwsSigningResult trailingHeadersStringToSignResult = adapter.signTrailerHeaders(trailerHeader, previousSignature, chunkedRequestSigningConfig);
    byte[] trailingHeadersStringToSign = buildTrailingHeadersStringToSign(previousSignature, TRAILING_HEADERS_STS_POST_SIGNATURE);
    assertTrue(AwsSigningUtils.verifyRawSha256EcdsaSignature(trailingHeadersStringToSign, trailingHeadersStringToSignResult.getSignature(), CHUNKED_SIGV4A_TEST_ECC_PUB_X, CHUNKED_SIGV4A_TEST_ECC_PUB_Y));
}
Also used : SdkHttpFullRequest(software.amazon.awssdk.http.SdkHttpFullRequest) List(java.util.List) AwsSigningResult(software.amazon.awssdk.crt.auth.signing.AwsSigningResult) Test(org.junit.Test)

Example 4 with AwsSigningResult

use of software.amazon.awssdk.crt.auth.signing.AwsSigningResult in project aws-sdk-java-v2 by aws.

the class AwsCrt4aSigningAdapter method signTrailerHeaders.

public AwsSigningResult signTrailerHeaders(Map<String, List<String>> headerMap, byte[] previousSignature, AwsSigningConfig signingConfig) {
    List<HttpHeader> httpHeaderList = headerMap.entrySet().stream().map(entry -> new HttpHeader(entry.getKey(), String.join(",", entry.getValue()))).collect(Collectors.toList());
    // All the config remains the same as signing config except the Signature Type.
    AwsSigningConfig configCopy = signingConfig.clone();
    configCopy.setSignatureType(AwsSigningConfig.AwsSignatureType.HTTP_REQUEST_TRAILING_HEADERS);
    CompletableFuture<AwsSigningResult> future = AwsSigner.sign(httpHeaderList, previousSignature, configCopy);
    try {
        return future.get();
    } catch (InterruptedException e) {
        Thread.currentThread().interrupt();
        throw SdkClientException.create("The thread got interrupted while attempting to sign request: " + e.getMessage(), e);
    } catch (Exception e) {
        throw SdkClientException.create("Unable to sign request: " + e.getMessage(), e);
    }
}
Also used : CompletableFuture(java.util.concurrent.CompletableFuture) HttpRequest(software.amazon.awssdk.crt.http.HttpRequest) Collectors(java.util.stream.Collectors) SdkClientException(software.amazon.awssdk.core.exception.SdkClientException) AwsSigner(software.amazon.awssdk.crt.auth.signing.AwsSigner) List(java.util.List) AwsSigningConfig(software.amazon.awssdk.crt.auth.signing.AwsSigningConfig) Map(java.util.Map) HttpRequestBodyStream(software.amazon.awssdk.crt.http.HttpRequestBodyStream) AwsSigningResult(software.amazon.awssdk.crt.auth.signing.AwsSigningResult) SdkInternalApi(software.amazon.awssdk.annotations.SdkInternalApi) SdkHttpFullRequest(software.amazon.awssdk.http.SdkHttpFullRequest) HttpHeader(software.amazon.awssdk.crt.http.HttpHeader) HttpHeader(software.amazon.awssdk.crt.http.HttpHeader) AwsSigningConfig(software.amazon.awssdk.crt.auth.signing.AwsSigningConfig) AwsSigningResult(software.amazon.awssdk.crt.auth.signing.AwsSigningResult) SdkClientException(software.amazon.awssdk.core.exception.SdkClientException)

Example 5 with AwsSigningResult

use of software.amazon.awssdk.crt.auth.signing.AwsSigningResult in project aws-sdk-java-v2 by aws.

the class AwsCrt4aSigningAdapter method sign.

public SdkSigningResult sign(SdkHttpFullRequest request, AwsSigningConfig signingConfig) {
    HttpRequest crtRequest = requestConverter.requestToCrt(SigningUtils.sanitizeSdkRequestForCrtSigning(request));
    CompletableFuture<AwsSigningResult> future = AwsSigner.sign(crtRequest, signingConfig);
    try {
        AwsSigningResult signingResult = future.get();
        return requestConverter.crtResultToAws(request, signingResult);
    } catch (InterruptedException e) {
        Thread.currentThread().interrupt();
        throw SdkClientException.create("The thread got interrupted while attempting to sign request: " + e.getMessage(), e);
    } catch (Exception e) {
        throw SdkClientException.create("Unable to sign request: " + e.getMessage(), e);
    }
}
Also used : HttpRequest(software.amazon.awssdk.crt.http.HttpRequest) AwsSigningResult(software.amazon.awssdk.crt.auth.signing.AwsSigningResult) SdkClientException(software.amazon.awssdk.core.exception.SdkClientException)

Aggregations

AwsSigningResult (software.amazon.awssdk.crt.auth.signing.AwsSigningResult)7 AwsSigningConfig (software.amazon.awssdk.crt.auth.signing.AwsSigningConfig)5 HttpRequest (software.amazon.awssdk.crt.http.HttpRequest)5 Test (org.junit.Test)4 HttpRequestBodyStream (software.amazon.awssdk.crt.http.HttpRequestBodyStream)4 HttpHeader (software.amazon.awssdk.crt.http.HttpHeader)3 SdkHttpFullRequest (software.amazon.awssdk.http.SdkHttpFullRequest)3 List (java.util.List)2 SdkClientException (software.amazon.awssdk.core.exception.SdkClientException)2 Map (java.util.Map)1 CompletableFuture (java.util.concurrent.CompletableFuture)1 Collectors (java.util.stream.Collectors)1 Test (org.junit.jupiter.api.Test)1 SdkInternalApi (software.amazon.awssdk.annotations.SdkInternalApi)1 SigningTestCase (software.amazon.awssdk.authcrt.signer.SigningTestCase)1 ExecutionAttributes (software.amazon.awssdk.core.interceptor.ExecutionAttributes)1 AwsSigner (software.amazon.awssdk.crt.auth.signing.AwsSigner)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial