Crate scratchstack_aws_signature

source · []
Expand description

The aws_sig_verify crate provides AWS SigV4 verification routines. This is not the library you want if you just want to call AWS services or other services that use AWS SigV4 signatures. Rusoto already has a library, rusoto_signature, that provides this functionality.

If you are attempting to perform AWS SigV4 verification using AWS-vended credentials, this library also will not work for you. You need the caller’s secret key (or a derivative), and AWS does not allow this for obvious reasons. Instead, you should be using API Gateway with IAM authentication.

On the other hand, if you have your own ecosystem of AWS-like credentials and are developing mock-AWS services or just really like AWS SigV4 but can’t run within AWS, this library might be for you.

Re-exports

pub use canonical::CanonicalRequest;
pub use canonical::SignedHeaderRequirements;
pub use signature::sigv4_validate_request;
pub use signature::SignatureOptions;

Modules

canonical
signature

Structs

GetSigningKeyRequest
A request for a signing key of a given kind for the specified request.
GetSigningKeyResponse
A response from the signing key provider.
KDateKey
The kDate key: an AWS secret key, prefixed with “AWS4”, then HMAC-SHA256 hashed with the date.
KRegionKey
The kRegion key: an AWS kDate key, HMAC-SHA256 hashed with the region.
KSecretKey
A raw AWS secret key (kSecret).
KServiceKey
The kService key: an AWS kRegion key, HMAC-SHA256 hashed with the service.
KSigningKey
The kSigning key: an AWS kService key, HMAC-SHA256 hashed with the “aws4_request” string.
SigV4Authenticator
Low-level structure for performing AWS SigV4 authentication after a canonical request has been generated.
SigV4AuthenticatorBuilder
Builder for SigV4Authenticator.

Enums

SignatureError
Error returned when an attempt at validating an AWS SigV4 signature fails.

Functions

service_for_signing_key_fn
Create a Service that wraps a function that can produce a signing key.