SigV4-for-AWS-IoT-embedded-sdk/v1.2.0/sigv4_8h_source.html

/*

 * SigV4 Library v1.2.0

 * Copyright (C) 2020 Amazon.com, Inc. or its affiliates.  All Rights Reserved.

 *

 * SPDX-License-Identifier: MIT

 *

 * Permission is hereby granted, free of charge, to any person obtaining a copy of

 * this software and associated documentation files (the "Software"), to deal in

 * the Software without restriction, including without limitation the rights to

 * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of

 * the Software, and to permit persons to whom the Software is furnished to do so,

 * subject to the following conditions:

 *

 * The above copyright notice and this permission notice shall be included in all

 * copies or substantial portions of the Software.

 *

 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS

 * FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR

 * COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER

 * IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN

 * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

 */


#ifndef SIGV4_H_

#define SIGV4_H_


/* Standard includes. */

#include <stdint.h>

#include <stddef.h>


/* *INDENT-OFF* */

#ifdef __cplusplus

    extern "C" {

#endif

/* *INDENT-ON* */


/* SIGV4_DO_NOT_USE_CUSTOM_CONFIG allows building of the SigV4 library without a

 * config file. If a config file is provided, the SIGV4_DO_NOT_USE_CUSTOM_CONFIG

 * macro must not be defined.

 */

#ifndef SIGV4_DO_NOT_USE_CUSTOM_CONFIG

    #include "sigv4_config.h"

#endif


/* Include config defaults header to get default values of configurations not

 * defined in sigv4_config.h file. */

#include "sigv4_config_defaults.h"


/* Convenience macros for library optimization */


#define SIGV4_AWS4_HMAC_SHA256                      "AWS4-HMAC-SHA256"

#define SIGV4_AWS4_HMAC_SHA256_LENGTH               ( sizeof( SIGV4_AWS4_HMAC_SHA256 ) - 1U )

#define SIGV4_HTTP_X_AMZ_DATE_HEADER                "x-amz-date"

#define SIGV4_HTTP_X_AMZ_SECURITY_TOKEN_HEADER      "x-amz-security-token"

#define SIGV4_STREAMING_AWS4_HMAC_SHA256_PAYLOAD    "STREAMING-AWS4-HMAC-SHA256-PAYLOAD"

/* MISRA Ref 5.4.1 [Macro identifiers] */

/* More details at: https://github.com/aws/SigV4-for-AWS-IoT-embedded-sdk/blob/main/MISRA.md#rule-54 */

/* coverity[other_declaration] */

#define SIGV4_HTTP_X_AMZ_CONTENT_SHA256_HEADER           "x-amz-content-sha256"

#define SIGV4_HTTP_X_AMZ_CONTENT_SHA256_HEADER_LENGTH    ( sizeof( SIGV4_HTTP_X_AMZ_CONTENT_SHA256_HEADER ) - 1U )

#define SIGV4_HTTP_X_AMZ_STORAGE_CLASS_HEADER            "x-amz-storage-class"

#define SIGV4_ACCESS_KEY_ID_LENGTH                       20U

#define SIGV4_SECRET_ACCESS_KEY_LENGTH                   40U

#define SIGV4_ISO_STRING_LEN                             16U

#define SIGV4_EXPECTED_LEN_RFC_3339                      20U

#define SIGV4_EXPECTED_LEN_RFC_5322                      29U

#define SIGV4_HTTP_PATH_IS_CANONICAL_FLAG        0x1U


#define SIGV4_HTTP_QUERY_IS_CANONICAL_FLAG       0x2U


#define SIGV4_HTTP_HEADERS_ARE_CANONICAL_FLAG    0x4U


#define SIGV4_HTTP_PAYLOAD_IS_HASH               0x8U


#define SIGV4_HTTP_ALL_ARE_CANONICAL_FLAG        0x7U


typedef enum SigV4Status

{

    SigV4Success,


    SigV4InvalidParameter,


    SigV4InsufficientMemory,


    SigV4ISOFormattingError,


    SigV4MaxHeaderPairCountExceeded,


    SigV4MaxQueryPairCountExceeded,


    SigV4HashError,


    SigV4InvalidHttpHeaders

} SigV4Status_t;


typedef struct SigV4CryptoInterface

{

    int32_t ( * hashInit )( void * pHashContext );


    int32_t ( * hashUpdate )( void * pHashContext,

                              const uint8_t * pInput,

                              size_t inputLen );


    int32_t ( * hashFinal )( void * pHashContext,

                             uint8_t * pOutput,

                             size_t outputLen );


    void * pHashContext;


    size_t hashBlockLen;


    size_t hashDigestLen;

} SigV4CryptoInterface_t;


typedef struct SigV4HttpParameters

{

    const char * pHttpMethod;

    size_t httpMethodLen;

    uint32_t flags;


    const char * pPath;

    size_t pathLen;

    const char * pQuery;

    size_t queryLen;

    const char * pHeaders;

    size_t headersLen;

    const char * pPayload;

    size_t payloadLen;

} SigV4HttpParameters_t;


typedef struct SigV4Credentials

{

    const char * pAccessKeyId;

    size_t accessKeyIdLen;

    const char * pSecretAccessKey;

    size_t secretAccessKeyLen;

} SigV4Credentials_t;


typedef struct SigV4Parameters

{

    SigV4Credentials_t * pCredentials;


    const char * pDateIso8601;


    const char * pAlgorithm;


    size_t algorithmLen;

    const char * pRegion;

    size_t regionLen;

    const char * pService;

    size_t serviceLen;

    SigV4CryptoInterface_t * pCryptoInterface;


    SigV4HttpParameters_t * pHttpParameters;

} SigV4Parameters_t;


/* @[declare_sigV4_generateHTTPAuthorization_function] */

SigV4Status_t SigV4_GenerateHTTPAuthorization( const SigV4Parameters_t * pParams,

                                               char * pAuthBuf,

                                               size_t * authBufLen,

                                               char ** pSignature,

                                               size_t * signatureLen );

/* @[declare_sigV4_generateHTTPAuthorization_function] */


/* @[declare_sigV4_awsIotDateToIso8601_function] */

SigV4Status_t SigV4_AwsIotDateToIso8601( const char * pDate,

                                         size_t dateLen,

                                         char * pDateISO8601,

                                         size_t dateISO8601Len );

/* @[declare_sigV4_awsIotDateToIso8601_function] */


/* *INDENT-OFF* */

#ifdef __cplusplus

    }

#endif

/* *INDENT-ON* */


#endif /* SIGV4_H_ */

SigV4Status_t
SigV4Status_t
Return status of the SigV4 Library.
Definition: sigv4.h:142

SigV4Success
@ SigV4Success
The SigV4 library function completed successfully.
Definition: sigv4.h:150

SigV4InsufficientMemory
@ SigV4InsufficientMemory
The application buffer was not large enough for the specified hash function.
Definition: sigv4.h:169

SigV4HashError
@ SigV4HashError
An error occurred while performing a hash operation.
Definition: sigv4.h:209

SigV4ISOFormattingError
@ SigV4ISOFormattingError
An error occurred while formatting the provided date header.
Definition: sigv4.h:177

SigV4MaxQueryPairCountExceeded
@ SigV4MaxQueryPairCountExceeded
The maximum number of query parameters was exceeded while parsing the query string passed to the libr...
Definition: sigv4.h:201

SigV4MaxHeaderPairCountExceeded
@ SigV4MaxHeaderPairCountExceeded
The maximum number of header parameters was exceeded while parsing the http header string passed to t...
Definition: sigv4.h:189

SigV4InvalidHttpHeaders
@ SigV4InvalidHttpHeaders
HTTP headers parsed to the library are invalid.
Definition: sigv4.h:217

SigV4InvalidParameter
@ SigV4InvalidParameter
The SigV4 library function received an invalid input parameter.
Definition: sigv4.h:160

SigV4_GenerateHTTPAuthorization
SigV4Status_t SigV4_GenerateHTTPAuthorization(const SigV4Parameters_t *pParams, char *pAuthBuf, size_t *authBufLen, char **pSignature, size_t *signatureLen)
Generates the HTTP Authorization header value.
Definition: sigv4.c:3186

SigV4_AwsIotDateToIso8601
SigV4Status_t SigV4_AwsIotDateToIso8601(const char *pDate, size_t dateLen, char *pDateISO8601, size_t dateISO8601Len)
Parse the date header value from the AWS IoT response, and generate the formatted ISO 8601 date requi...
Definition: sigv4.c:3110

sigv4_config_defaults.h
The default values for configuration macros used by the SigV4 Library.

SigV4Credentials_t
Configurations for the AWS credentials used to generate the Signing Key.
Definition: sigv4.h:359

SigV4Credentials_t::secretAccessKeyLen
size_t secretAccessKeyLen
Length of pSecretAccessKey.
Definition: sigv4.h:371

SigV4Credentials_t::pSecretAccessKey
const char * pSecretAccessKey
The pSecretAccessKey MUST be at least 40 characters long.
Definition: sigv4.h:370

SigV4Credentials_t::pAccessKeyId
const char * pAccessKeyId
The pAccessKeyId MUST be at least 16 characters long but not more than 128 characters long.
Definition: sigv4.h:364

SigV4Credentials_t::accessKeyIdLen
size_t accessKeyIdLen
Length of pAccessKeyId.
Definition: sigv4.h:365

SigV4CryptoInterface_t
The cryptography interface used to supply the user-defined hash implementation.
Definition: sigv4.h:226

SigV4CryptoInterface_t::hashBlockLen
size_t hashBlockLen
The block length of the hash function.
Definition: sigv4.h:276

SigV4CryptoInterface_t::hashDigestLen
size_t hashDigestLen
The digest length of the hash function.
Definition: sigv4.h:281

SigV4CryptoInterface_t::pHashContext
void * pHashContext
Context for the hashInit, hashUpdate, and hashFinal interfaces.
Definition: sigv4.h:271

SigV4HttpParameters_t
Configurations of the HTTP request used to create the Canonical Request.
Definition: sigv4.h:290

SigV4HttpParameters_t::pPath
const char * pPath
The path in the HTTP request. This is the absolute request URI, which contains everything in the URI ...
Definition: sigv4.h:317

SigV4HttpParameters_t::pHeaders
const char * pHeaders
The headers from the HTTP request that we want to sign. This should be the raw headers in HTTP reques...
Definition: sigv4.h:341

SigV4HttpParameters_t::queryLen
size_t queryLen
Length of pQuery.
Definition: sigv4.h:330

SigV4HttpParameters_t::pPayload
const char * pPayload
The HTTP response body, if one exists (ex. PUT request). If this body is chunked, then this field sho...
Definition: sigv4.h:349

SigV4HttpParameters_t::flags
uint32_t flags
These flags are used to indicate if the path, query, or headers are already in the canonical form....
Definition: sigv4.h:305

SigV4HttpParameters_t::pathLen
size_t pathLen
Length of pPath.
Definition: sigv4.h:318

SigV4HttpParameters_t::pQuery
const char * pQuery
The HTTP request query from the URL, if it exists. This contains all characters following the questio...
Definition: sigv4.h:329

SigV4HttpParameters_t::headersLen
size_t headersLen
Length of pHeaders.
Definition: sigv4.h:342

SigV4HttpParameters_t::payloadLen
size_t payloadLen
Length of pPayload.
Definition: sigv4.h:350

SigV4HttpParameters_t::pHttpMethod
const char * pHttpMethod
The HTTP method: GET, POST, PUT, etc.
Definition: sigv4.h:291

SigV4HttpParameters_t::httpMethodLen
size_t httpMethodLen
Length of pHttpMethod.
Definition: sigv4.h:292

SigV4Parameters_t
Complete configurations required for generating "String to Sign" and "Signing Key" values.
Definition: sigv4.h:384

SigV4Parameters_t::pService
const char * pService
The target AWS service for the request. The service name can be found as the first segment of the ser...
Definition: sigv4.h:420

SigV4Parameters_t::pRegion
const char * pRegion
The target AWS region for the request. Please see https://docs.aws.amazon.com/general/latest/gr/rande...
Definition: sigv4.h:410

SigV4Parameters_t::pCredentials
SigV4Credentials_t * pCredentials
The AccessKeyId, SecretAccessKey, and SecurityToken used to generate the Authorization header.
Definition: sigv4.h:389

SigV4Parameters_t::algorithmLen
size_t algorithmLen
Length of pAlgorithm.
Definition: sigv4.h:403

SigV4Parameters_t::pDateIso8601
const char * pDateIso8601
The date in ISO 8601 format, e.g. "20150830T123600Z". This is always 16 characters long.
Definition: sigv4.h:395

SigV4Parameters_t::pHttpParameters
SigV4HttpParameters_t * pHttpParameters
HTTP specific SigV4 parameters for canonical request calculation.
Definition: sigv4.h:431

SigV4Parameters_t::pCryptoInterface
SigV4CryptoInterface_t * pCryptoInterface
The cryptography interface.
Definition: sigv4.h:426

SigV4Parameters_t::pAlgorithm
const char * pAlgorithm
The algorithm used for SigV4 authentication. If set to NULL, this will automatically be set to "AWS4-...
Definition: sigv4.h:401

SigV4Parameters_t::regionLen
size_t regionLen
Length of pRegion.
Definition: sigv4.h:411

SigV4Parameters_t::serviceLen
size_t serviceLen
Length of pService.
Definition: sigv4.h:421