LCOV - code coverage report
Current view: top level - source/extensions/common/aws - sigv4a_signer_impl.cc (source / functions) Hit Total Coverage
Test: coverage.dat Lines: 0 36 0.0 %
Date: 2024-01-05 06:35:25 Functions: 0 5 0.0 % 

          Line data    Source code
       1             : #include "source/extensions/common/aws/sigv4a_signer_impl.h"
       2             : 
       3             : #include <openssl/ssl.h>
       4             : 
       5             : #include <cstddef>
       6             : 
       7             : #include "envoy/common/exception.h"
       8             : 
       9             : #include "source/common/buffer/buffer_impl.h"
      10             : #include "source/common/common/fmt.h"
      11             : #include "source/common/common/hex.h"
      12             : #include "source/common/crypto/utility.h"
      13             : #include "source/common/http/headers.h"
      14             : #include "source/extensions/common/aws/sigv4a_key_derivation.h"
      15             : #include "source/extensions/common/aws/utility.h"
      16             : 
      17             : #include "absl/strings/str_join.h"
      18             : 
      19             : namespace Envoy {
      20             : namespace Extensions {
      21             : namespace Common {
      22             : namespace Aws {
      23             : 
      24             : std::string SigV4ASignerImpl::createAuthorizationHeader(
      25             :     const absl::string_view access_key_id, const absl::string_view credential_scope,
      26             :     const std::map<std::string, std::string>& canonical_headers,
      27           0 :     absl::string_view signature) const {
      28           0 :   const auto signed_headers = Utility::joinCanonicalHeaderNames(canonical_headers);
      29           0 :   return fmt::format(fmt::runtime(SigV4ASignatureConstants::get().SigV4AAuthorizationHeaderFormat),
      30           0 :                      access_key_id, credential_scope, signed_headers, signature);
      31           0 : }
      32             : 
      33             : std::string SigV4ASignerImpl::createCredentialScope(
      34             :     const absl::string_view short_date,
      35           0 :     ABSL_ATTRIBUTE_UNUSED const absl::string_view override_region) const {
      36           0 :   return fmt::format(fmt::runtime(SigV4ASignatureConstants::get().SigV4ACredentialScopeFormat),
      37           0 :                      short_date, service_name_);
      38           0 : }
      39             : 
      40             : std::string SigV4ASignerImpl::createStringToSign(const absl::string_view canonical_request,
      41             :                                                  const absl::string_view long_date,
      42           0 :                                                  const absl::string_view credential_scope) const {
      43           0 :   auto& crypto_util = Envoy::Common::Crypto::UtilitySingleton::get();
      44           0 :   return fmt::format(
      45           0 :       fmt::runtime(SigV4ASignatureConstants::get().SigV4AStringToSignFormat), long_date,
      46           0 :       credential_scope,
      47           0 :       Hex::encode(crypto_util.getSha256Digest(Buffer::OwnedImpl(canonical_request))));
      48           0 : }
      49             : 
      50             : void SigV4ASignerImpl::addRegionHeader(Http::RequestHeaderMap& headers,
      51           0 :                                        const absl::string_view override_region) const {
      52           0 :   headers.addCopy(SigV4ASignatureHeaders::get().RegionSet,
      53           0 :                   override_region.empty() ? getRegion() : override_region);
      54           0 : }
      55             : 
      56             : std::string SigV4ASignerImpl::createSignature(
      57             :     const absl::string_view access_key_id, const absl::string_view secret_access_key,
      58             :     ABSL_ATTRIBUTE_UNUSED const absl::string_view short_date,
      59             :     const absl::string_view string_to_sign,
      60           0 :     ABSL_ATTRIBUTE_UNUSED const absl::string_view override_region) const {
      61             : 
      62           0 :   auto& crypto_util = Envoy::Common::Crypto::UtilitySingleton::get();
      63             : 
      64           0 :   EC_KEY* ec_key = SigV4AKeyDerivation::derivePrivateKey(access_key_id, secret_access_key);
      65           0 :   if (!ec_key) {
      66           0 :     ENVOY_LOG(debug, "SigV4A key derivation failed");
      67           0 :     return blank_str_;
      68           0 :   }
      69             : 
      70           0 :   std::vector<uint8_t> signature(ECDSA_size(ec_key));
      71           0 :   unsigned int signature_size;
      72             : 
      73             :   // Sign the SHA256 hash of our calculated string_to_sign
      74           0 :   auto hash = crypto_util.getSha256Digest(Buffer::OwnedImpl(string_to_sign));
      75             : 
      76           0 :   ECDSA_sign(0, hash.data(), hash.size(), signature.data(), &signature_size, ec_key);
      77             : 
      78           0 :   EC_KEY_free(ec_key);
      79           0 :   std::string encoded_signature(
      80           0 :       Hex::encode(std::vector<uint8_t>(signature.data(), signature.data() + signature_size)));
      81             : 
      82           0 :   return encoded_signature;
      83           0 : }
      84             : 
      85             : } // namespace Aws
      86             : } // namespace Common
      87             : } // namespace Extensions
      88             : } // namespace Envoy

Generated by: LCOV version 1.15