AWS IoT Device SDK C++ v2  1.34.0
AWS IoT Device SDK C++ v2
Sigv4Signing.h
Go to the documentation of this file.
1 #pragma once
2 
7 #include <aws/crt/Exports.h>
8 
9 #include <aws/crt/DateTime.h>
10 #include <aws/crt/Types.h>
11 #include <aws/crt/auth/Signing.h>
12 
13 struct aws_signing_config_aws;
14 
15 namespace Aws
16 {
17  namespace Crt
18  {
19  namespace Auth
20  {
21  class Credentials;
22  class ICredentialsProvider;
23 
27  enum class SigningAlgorithm
28  {
33  SigV4 = AWS_SIGNING_ALGORITHM_V4,
34 
39  SigV4A = AWS_SIGNING_ALGORITHM_V4_ASYMMETRIC,
40  };
41 
45  enum class SignatureType
46  {
51  HttpRequestViaHeaders = AWS_ST_HTTP_REQUEST_HEADERS,
52 
57  HttpRequestViaQueryParams = AWS_ST_HTTP_REQUEST_QUERY_PARAMS,
58 
62  HttpRequestChunk = AWS_ST_HTTP_REQUEST_CHUNK,
63 
69  HttpRequestEvent = AWS_ST_HTTP_REQUEST_EVENT,
70  };
71 
76  namespace SignedBodyValue
77  {
83  AWS_CRT_CPP_API const char *EmptySha256Str();
84 
89  AWS_CRT_CPP_API const char *UnsignedPayloadStr();
90 
95  AWS_CRT_CPP_API const char *StreamingAws4HmacSha256PayloadStr();
100  AWS_CRT_CPP_API const char *StreamingAws4HmacSha256EventsStr();
101 
103  AWS_CRT_CPP_API extern const char *UnsignedPayload;
105  AWS_CRT_CPP_API extern const char *EmptySha256;
107  AWS_CRT_CPP_API extern const char *StreamingAws4HmacSha256Payload;
109  AWS_CRT_CPP_API extern const char *StreamingAws4HmacSha256Events;
110  } // namespace SignedBodyValue
111 
115  enum class SignedBodyHeaderType
116  {
120  None = AWS_SBHT_NONE,
121 
125  XAmzContentSha256 = AWS_SBHT_X_AMZ_CONTENT_SHA256,
126  };
127 
128  using ShouldSignHeaderCb = bool (*)(const Crt::ByteCursor *, void *);
129 
134  class AWS_CRT_CPP_API AwsSigningConfig : public ISigningConfig
135  {
136  public:
137  AwsSigningConfig(Allocator *allocator = ApiAllocator());
138  virtual ~AwsSigningConfig();
139 
140  virtual SigningConfigType GetType() const noexcept override { return SigningConfigType::Aws; }
141 
145  SigningAlgorithm GetSigningAlgorithm() const noexcept;
146 
150  void SetSigningAlgorithm(SigningAlgorithm algorithm) noexcept;
151 
155  SignatureType GetSignatureType() const noexcept;
156 
160  void SetSignatureType(SignatureType signatureType) noexcept;
161 
165  const Crt::String &GetRegion() const noexcept;
166 
170  void SetRegion(const Crt::String &region) noexcept;
171 
175  const Crt::String &GetService() const noexcept;
176 
180  void SetService(const Crt::String &service) noexcept;
181 
185  DateTime GetSigningTimepoint() const noexcept;
186 
190  void SetSigningTimepoint(const DateTime &date) noexcept;
191 
192  /*
193  * We assume the uri will be encoded once in preparation for transmission. Certain services
194  * do not decode before checking signature, requiring us to actually double-encode the uri in the
195  * canonical request in order to pass a signature check.
196  */
197 
202  bool GetUseDoubleUriEncode() const noexcept;
203 
208  void SetUseDoubleUriEncode(bool useDoubleUriEncode) noexcept;
209 
213  bool GetShouldNormalizeUriPath() const noexcept;
214 
218  void SetShouldNormalizeUriPath(bool shouldNormalizeUriPath) noexcept;
219 
224  bool GetOmitSessionToken() const noexcept;
225 
230  void SetOmitSessionToken(bool omitSessionToken) noexcept;
231 
235  ShouldSignHeaderCb GetShouldSignHeaderCallback() const noexcept;
236 
241  void SetShouldSignHeaderCallback(ShouldSignHeaderCb shouldSignHeaderCb) noexcept;
242 
246  void *GetShouldSignHeaderUserData() const noexcept;
247 
251  void SetShouldSignHeaderUserData(void *userData) noexcept;
252 
257  const Crt::String &GetSignedBodyValue() const noexcept;
258 
266  void SetSignedBodyValue(const Crt::String &signedBodyValue) noexcept;
267 
271  SignedBodyHeaderType GetSignedBodyHeader() const noexcept;
272 
276  void SetSignedBodyHeader(SignedBodyHeaderType signedBodyHeader) noexcept;
277 
282  uint64_t GetExpirationInSeconds() const noexcept;
283 
287  void SetExpirationInSeconds(uint64_t expirationInSeconds) noexcept;
288 
289  /*
290  * For Sigv4 signing, either the credentials provider or the credentials must be set.
291  * Credentials, if set, takes precedence over the provider.
292  */
293 
297  const std::shared_ptr<ICredentialsProvider> &GetCredentialsProvider() const noexcept;
298 
302  void SetCredentialsProvider(const std::shared_ptr<ICredentialsProvider> &credsProvider) noexcept;
303 
307  const std::shared_ptr<Credentials> &GetCredentials() const noexcept;
308 
312  void SetCredentials(const std::shared_ptr<Credentials> &credentials) noexcept;
313 
315  const struct aws_signing_config_aws *GetUnderlyingHandle() const noexcept;
316 
317  private:
318  Allocator *m_allocator;
319  std::shared_ptr<ICredentialsProvider> m_credentialsProvider;
320  std::shared_ptr<Credentials> m_credentials;
321  struct aws_signing_config_aws m_config;
322  Crt::String m_signingRegion;
323  Crt::String m_serviceName;
324  Crt::String m_signedBodyValue;
325  };
326 
331  class AWS_CRT_CPP_API Sigv4HttpRequestSigner : public IHttpRequestSigner
332  {
333  public:
334  Sigv4HttpRequestSigner(Allocator *allocator = ApiAllocator());
335  virtual ~Sigv4HttpRequestSigner() = default;
336 
337  bool IsValid() const override { return true; }
338 
342  virtual bool SignRequest(
343  const std::shared_ptr<Aws::Crt::Http::HttpRequest> &request,
344  const ISigningConfig &config,
345  const OnHttpRequestSigningComplete &completionCallback) override;
346 
347  private:
348  Allocator *m_allocator;
349  };
350  } // namespace Auth
351  } // namespace Crt
352 } // namespace Aws
Aws::Crt::Auth::SigningAlgorithm::SigV4
@ SigV4
Aws::Crt::Auth::ShouldSignHeaderCb
bool(*)(const Crt::ByteCursor *, void *) ShouldSignHeaderCb
Definition: Sigv4Signing.h:128
Aws::Crt::ApiAllocator
AWS_CRT_CPP_API Allocator * ApiAllocator() noexcept
Definition: Allocator.cpp:24
Aws::Crt::Auth::SignedBodyValue::EmptySha256Str
AWS_CRT_CPP_API const char * EmptySha256Str()
Definition: Sigv4Signing.cpp:24
Aws::Crt::Auth::SignedBodyValue::StreamingAws4HmacSha256Events
AWS_CRT_CPP_API const char * StreamingAws4HmacSha256Events
Definition: Sigv4Signing.cpp:41
Aws::Crt::Auth::AwsSigningConfig::GetType
virtual SigningConfigType GetType() const noexcept override
Definition: Sigv4Signing.h:140
DateTime.h
Aws::Crt::Auth::SigningConfigType::Aws
@ Aws
Aws::Crt::Auth::SignedBodyHeaderType
SignedBodyHeaderType
Definition: Sigv4Signing.h:116
Aws::Crt::Auth::SignedBodyValue::StreamingAws4HmacSha256Payload
AWS_CRT_CPP_API const char * StreamingAws4HmacSha256Payload
Definition: Sigv4Signing.cpp:35
Aws::Crt::Auth::SignedBodyHeaderType::None
@ None
Aws::Crt::Auth::SigningConfigType
SigningConfigType
Definition: Signing.h:30
Aws::Crt::Auth::SignedBodyValue::StreamingAws4HmacSha256EventsStr
AWS_CRT_CPP_API const char * StreamingAws4HmacSha256EventsStr()
Definition: Sigv4Signing.cpp:42
Aws::Crt::Auth::SignatureType::HttpRequestViaHeaders
@ HttpRequestViaHeaders
Aws::Crt::Auth::Sigv4HttpRequestSigner::IsValid
bool IsValid() const override
Definition: Sigv4Signing.h:337
Aws::Crt::Auth::AwsSigningConfig
Definition: Sigv4Signing.h:135
Aws::Crt::Auth::OnHttpRequestSigningComplete
std::function< void(const std::shared_ptr< Aws::Crt::Http::HttpRequest > &, int)> OnHttpRequestSigningComplete
Definition: Signing.h:39
Aws::Crt::Auth::SignedBodyValue::UnsignedPayload
AWS_CRT_CPP_API const char * UnsignedPayload
Definition: Sigv4Signing.cpp:29
Aws::Crt::Auth::ICredentialsProvider
Definition: Credentials.h:112
Types.h
Aws::Crt::DateTime
Definition: DateTime.h:53
Aws::Crt::Auth::IHttpRequestSigner
Definition: Signing.h:68
Aws::Crt::Auth::Sigv4HttpRequestSigner::~Sigv4HttpRequestSigner
virtual ~Sigv4HttpRequestSigner()=default
Aws::Crt::Auth::ISigningConfig
Definition: Signing.h:46
Aws::Crt::Auth::SignatureType
SignatureType
Definition: Sigv4Signing.h:46
Aws::Crt::Auth::SignedBodyValue::EmptySha256
AWS_CRT_CPP_API const char * EmptySha256
Definition: Sigv4Signing.cpp:23
Aws::Crt::Auth::SignedBodyValue::UnsignedPayloadStr
AWS_CRT_CPP_API const char * UnsignedPayloadStr()
Definition: Sigv4Signing.cpp:30
Aws::Crt::Auth::SignedBodyValue::StreamingAws4HmacSha256PayloadStr
AWS_CRT_CPP_API const char * StreamingAws4HmacSha256PayloadStr()
Definition: Sigv4Signing.cpp:36
Aws::Crt::Auth::Credentials
Definition: Credentials.h:38
std
Definition: StringView.h:852
AWS_CRT_CPP_API
#define AWS_CRT_CPP_API
Definition: Exports.h:37
Aws
Definition: Allocator.h:11
Aws::Crt::ByteCursor
aws_byte_cursor ByteCursor
Definition: Types.h:31
Signing.h
Aws::Crt::Allocator
aws_allocator Allocator
Definition: Allocator.h:14
Exports.h
Aws::Crt::Auth::Sigv4HttpRequestSigner
Definition: Sigv4Signing.h:332
Aws::Crt::Auth::SigningAlgorithm
SigningAlgorithm
Definition: Sigv4Signing.h:28
Aws::Crt::String
std::basic_string< char, std::char_traits< char >, StlAllocator< char > > String
Definition: Types.h:45
Generated by doxygen 1.8.20