Skip to content

Commit

Permalink
Use joinLikeSync, split up conditionals
Browse files Browse the repository at this point in the history
  • Loading branch information
@haydenbaker
haydenbaker committed Aug 29, 2023
1 parent 5d0457d commit dcdf605
Show file tree
Hide file tree
Showing 3 changed files with 35 additions and 39 deletions.
2 changes: 2 additions & 0 deletions ...s-crt/src/main/java/software/amazon/awssdk/http/auth/aws/crt/internal/CrtInputStream.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,8 @@ public boolean sendRequestBody(ByteBuffer bodyBytesOut) {

if (read > 0) {
bodyBytesOut.put(readBuffer, 0, read);
} else {
FunctionalUtils.invokeSafely(providerStream::close);
}

return read < 0;
Expand Down
49 changes: 29 additions & 20 deletions .../software/amazon/awssdk/http/auth/aws/crt/internal/signer/DefaultAwsCrtV4aHttpSigner.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -143,31 +143,40 @@ private static AwsSigningConfig signingConfig(
throw new UnsupportedOperationException("Unknown auth-location: " + authLocation);
}

if (!isPayloadSigning) {
if (isChunkEncoding) {
if (isTrailing) {
signingConfig.setSignedBodyValue(AwsSigningConfig.AwsSignedBodyValue.STREAMING_UNSIGNED_PAYLOAD_TRAILER);
} else {
throw new UnsupportedOperationException("Chunk-Encoding without Payload-Signing must have a trailer!");
}
if (isPayloadSigning) {
configurePayloadSigning(signingConfig, isChunkEncoding, isTrailing);
} else {
configureUnsignedPayload(signingConfig, isChunkEncoding, isTrailing);
}

return signingConfig;
}

private static void configureUnsignedPayload(AwsSigningConfig signingConfig, boolean isChunkEncoding, boolean isTrailing) {
if (isChunkEncoding) {
if (isTrailing) {
signingConfig.setSignedBodyValue(AwsSigningConfig.AwsSignedBodyValue.STREAMING_UNSIGNED_PAYLOAD_TRAILER);
} else {
signingConfig.setSignedBodyValue(AwsSigningConfig.AwsSignedBodyValue.UNSIGNED_PAYLOAD);
throw new UnsupportedOperationException("Chunk-Encoding without Payload-Signing must have a trailer!");
}
} else {
if (isChunkEncoding) {
if (isTrailing) {
signingConfig.setSignedBodyValue(
AwsSigningConfig.AwsSignedBodyValue.STREAMING_AWS4_ECDSA_P256_SHA256_PAYLOAD_TRAILER
);
} else {
signingConfig.setSignedBodyValue(
AwsSigningConfig.AwsSignedBodyValue.STREAMING_AWS4_ECDSA_P256_SHA256_PAYLOAD
);
}
}
signingConfig.setSignedBodyValue(AwsSigningConfig.AwsSignedBodyValue.UNSIGNED_PAYLOAD);
}
}

return signingConfig;
private static void configurePayloadSigning(AwsSigningConfig signingConfig, boolean isChunkEncoding, boolean isTrailing) {
if (isChunkEncoding) {
if (isTrailing) {
signingConfig.setSignedBodyValue(
AwsSigningConfig.AwsSignedBodyValue.STREAMING_AWS4_ECDSA_P256_SHA256_PAYLOAD_TRAILER
);
} else {
signingConfig.setSignedBodyValue(
AwsSigningConfig.AwsSignedBodyValue.STREAMING_AWS4_ECDSA_P256_SHA256_PAYLOAD
);
}
}
// if not chunked encoding, then signed-payload simply means the sha256 hash is included in the canonical request
}

private static SyncSignedRequest doSign(SyncSignRequest<? extends AwsCredentialsIdentity> request,
Expand Down
23 changes: 4 additions & 19 deletions ...src/main/java/software/amazon/awssdk/http/auth/aws/crt/internal/signer/RollingSigner.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,6 @@
import java.io.ByteArrayInputStream;
import java.util.List;
import java.util.Map;
import java.util.concurrent.CompletableFuture;
import java.util.stream.Collectors;
import software.amazon.awssdk.annotations.SdkInternalApi;
import software.amazon.awssdk.crt.auth.signing.AwsSigner;
Expand All @@ -27,6 +26,7 @@
import software.amazon.awssdk.crt.http.HttpHeader;
import software.amazon.awssdk.crt.http.HttpRequestBodyStream;
import software.amazon.awssdk.http.auth.aws.crt.internal.CrtInputStream;
import software.amazon.awssdk.utils.CompletableFutureUtils;

/**
* A class which calculates a rolling signature of arbitrary data using HMAC-SHA256. Each time a signature is calculated, the
Expand All @@ -47,15 +47,7 @@ public RollingSigner(byte[] seedSignature, AwsSigningConfig signingConfig) {

private static byte[] signChunk(byte[] chunkBody, byte[] previousSignature, AwsSigningConfig signingConfig) {
HttpRequestBodyStream crtBody = new CrtInputStream(() -> new ByteArrayInputStream(chunkBody));
CompletableFuture<byte[]> future = AwsSigner.signChunk(crtBody, previousSignature, signingConfig);
try {
return future.get();
} catch (InterruptedException e) {
Thread.currentThread().interrupt();
throw new RuntimeException("The thread got interrupted while attempting to sign request.", e);
} catch (Exception e) {
throw new RuntimeException("Unable to sign request.", e);
}
return CompletableFutureUtils.joinLikeSync(AwsSigner.signChunk(crtBody, previousSignature, signingConfig));
}

private static AwsSigningResult signTrailerHeaders(Map<String, List<String>> headerMap, byte[] previousSignature,
Expand All @@ -68,15 +60,8 @@ private static AwsSigningResult signTrailerHeaders(Map<String, List<String>> hea
// All the config remains the same as signing config except the Signature Type.
AwsSigningConfig configCopy = signingConfig.clone();
configCopy.setSignatureType(AwsSigningConfig.AwsSignatureType.HTTP_REQUEST_TRAILING_HEADERS);
CompletableFuture<AwsSigningResult> future = AwsSigner.sign(httpHeaderList, previousSignature, configCopy);
try {
return future.get();
} catch (InterruptedException e) {
Thread.currentThread().interrupt();
throw new RuntimeException("The thread got interrupted while attempting to sign request.", e);
} catch (Exception e) {
throw new RuntimeException("Unable to sign request.", e);
}

return CompletableFutureUtils.joinLikeSync(AwsSigner.sign(httpHeaderList, previousSignature, configCopy));
}

/**
Expand Down

0 comments on commit dcdf605

Please sign in to comment.