From 61835a0aa9db5944e8eeb4484a4e8d40bfc54d0a Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Thu, 13 Oct 2022 18:31:29 +0200 Subject: [PATCH 01/28] Use hmac and sha2 instead of ring on powerpc --- .github/workflows/ci.yml | 2 +- aws/rust-runtime/aws-sigv4/Cargo.toml | 9 +++- aws/rust-runtime/aws-sigv4/src/sign.rs | 74 ++++++++++++++++++++++++-- 3 files changed, 79 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 92f145542f..b1f271c37b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -161,7 +161,7 @@ jobs: # We also exclude all first-party crates that have a non-optional dependency on `ring`. - target: powerpc-unknown-linux-gnu non_aws_features: --features native-tls - aws_excludes: --exclude aws-inlineable --exclude aws-sigv4 --exclude aws-sig-auth + aws_excludes: --exclude aws-inlineable --exclude aws-sig-auth env: CROSS_CONFIG: Cross.toml OPENSSL_LIB_DIR: /usr/lib/i386-linux-gnu diff --git a/aws/rust-runtime/aws-sigv4/Cargo.toml b/aws/rust-runtime/aws-sigv4/Cargo.toml index 78e9c60e0a..fc7262ef8b 100644 --- a/aws/rust-runtime/aws-sigv4/Cargo.toml +++ b/aws/rust-runtime/aws-sigv4/Cargo.toml @@ -23,10 +23,17 @@ http = { version = "0.2", optional = true } once_cell = "1.8" percent-encoding = { version = "2.1", optional = true } regex = "1.5" -ring = "0.16" time = "0.3.5" tracing = "0.1" +[target.'cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))'.dependencies] +ring = "0.16" + +# ring does not compile on powerpc (https://github.com/briansmith/ring/issues/389) so we use hmac and sha2. +[target.'cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))'.dependencies] +hmac = "0.12" +sha2 = "0.10" + [dev-dependencies] bytes = "1" httparse = "1.5" diff --git a/aws/rust-runtime/aws-sigv4/src/sign.rs b/aws/rust-runtime/aws-sigv4/src/sign.rs index 1e93989219..55ffd31e5c 100644 --- a/aws/rust-runtime/aws-sigv4/src/sign.rs +++ b/aws/rust-runtime/aws-sigv4/src/sign.rs @@ -6,12 +6,28 @@ //! Functions to create signing keys and calculate signatures. use crate::date_time::format_date; +#[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))] +use hmac::{Hmac, Mac}; +#[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))] +use sha2::{Digest, Sha256}; + +#[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] use ring::{ - digest::{self}, - hmac::{self, Key, Tag}, + digest, + hmac::{self, Key}, }; use std::time::SystemTime; +#[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))] +/// HashedPayload = Lowercase(HexEncode(Hash(requestPayload))) +#[allow(dead_code)] // Unused when compiling without certain features +pub(crate) fn sha256_hex_string(bytes: impl AsRef<[u8]>) -> String { + let mut hasher = Sha256::new(); + hasher.update(bytes); + hex::encode(hasher.finalize()) +} + +#[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] /// HashedPayload = Lowercase(HexEncode(Hash(requestPayload))) #[allow(dead_code)] // Unused when compiling without certain features pub(crate) fn sha256_hex_string(bytes: impl AsRef<[u8]>) -> String { @@ -19,20 +35,70 @@ pub(crate) fn sha256_hex_string(bytes: impl AsRef<[u8]>) -> String { hex::encode(digest::digest(&digest::SHA256, bytes.as_ref())) } +#[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))] /// Calculates a Sigv4 signature -pub fn calculate_signature(signing_key: Tag, string_to_sign: &[u8]) -> String { +pub fn calculate_signature(signing_key: impl AsRef<[u8]>, string_to_sign: &[u8]) -> String { + let mut mac = Hmac::::new_from_slice(signing_key.as_ref()) + .expect("HMAC can take key of any size"); + mac.update(string_to_sign); + hex::encode(mac.finalize().into_bytes()) +} + +#[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] +/// Calculates a Sigv4 signature +pub fn calculate_signature(signing_key: impl AsRef<[u8]>, string_to_sign: &[u8]) -> String { let s_key = Key::new(hmac::HMAC_SHA256, signing_key.as_ref()); let tag = hmac::sign(&s_key, string_to_sign); hex::encode(tag) } +#[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))] +/// Generates a signing key for Sigv4 +pub fn generate_signing_key( + secret: &str, + time: SystemTime, + region: &str, + service: &str, +) -> impl AsRef<[u8]> { + // kSecret = your secret access key + // kDate = HMAC("AWS4" + kSecret, Date) + // kRegion = HMAC(kDate, Region) + // kService = HMAC(kRegion, Service) + // kSigning = HMAC(kService, "aws4_request") + + let secret = format!("AWS4{}", secret); + let mut mac = + Hmac::::new_from_slice(secret.as_ref()).expect("HMAC can take key of any size"); + mac.update(format_date(time).as_bytes()); + let tag = mac.finalize(); + + // sign region + let mut mac = + Hmac::::new_from_slice(&tag.into_bytes()).expect("HMAC can take key of any size"); + mac.update(region.as_bytes()); + let tag = mac.finalize(); + + // sign service + let mut mac = + Hmac::::new_from_slice(&tag.into_bytes()).expect("HMAC can take key of any size"); + mac.update(service.as_bytes()); + let tag = mac.finalize(); + + // sign request + let mut mac = + Hmac::::new_from_slice(&tag.into_bytes()).expect("HMAC can take key of any size"); + mac.update("aws4_request".as_bytes()); + mac.finalize().into_bytes() +} + +#[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] /// Generates a signing key for Sigv4 pub fn generate_signing_key( secret: &str, time: SystemTime, region: &str, service: &str, -) -> hmac::Tag { +) -> impl AsRef<[u8]> { // kSecret = your secret access key // kDate = HMAC("AWS4" + kSecret, Date) // kRegion = HMAC(kDate, Region) From 5100597bd6b9fcc4a4b814ed4f266b980921d123 Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Thu, 13 Oct 2022 19:07:26 +0200 Subject: [PATCH 02/28] Enable aws-sig-auth in CI --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b1f271c37b..22b77f164e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -161,7 +161,7 @@ jobs: # We also exclude all first-party crates that have a non-optional dependency on `ring`. - target: powerpc-unknown-linux-gnu non_aws_features: --features native-tls - aws_excludes: --exclude aws-inlineable --exclude aws-sig-auth + aws_excludes: --exclude aws-inlineable env: CROSS_CONFIG: Cross.toml OPENSSL_LIB_DIR: /usr/lib/i386-linux-gnu From bae218eb25c1ea2be338fd906a445d65ab6e9422 Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Thu, 13 Oct 2022 19:16:50 +0200 Subject: [PATCH 03/28] Update CHANGELOG --- CHANGELOG.next.toml | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.next.toml b/CHANGELOG.next.toml index 781d528fc4..5cf3fd366e 100644 --- a/CHANGELOG.next.toml +++ b/CHANGELOG.next.toml @@ -154,4 +154,10 @@ author = "hlbarber" message = "Update aws-types zeroize to flexible version to prevent downstream version conflicts." references = ["smithy-rs#1817"] meta = { "breaking" = false, "tada" = false, "bug" = true } -author = "ethyi" \ No newline at end of file +author = "ethyi" + +[[aws-sdk-rust]] +message = "Support Sigv4 signature generation on PowerPC." +references = ["smithy-rs#1847"] +meta = { "breaking" = false, "tada" = false, "bug" = true } +author = "crisidev" From ec0034867361063e980ba9ad5b6febe2fa7ee8dc Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Thu, 13 Oct 2022 19:20:43 +0200 Subject: [PATCH 04/28] Run tests against exotic platforms --- .github/workflows/ci.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 22b77f164e..9fa18fbf3f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -199,12 +199,24 @@ jobs: use-cross: true command: build args: --target ${{ matrix.target }} --manifest-path "rust-runtime/Cargo.toml" --exclude aws-smithy-http-server-python --workspace ${{ matrix.non_aws_features }} + - name: Test rust-runtime crates + uses: actions-rs/cargo@v1 + with: + use-cross: true + command: test + args: --target ${{ matrix.target }} --manifest-path "rust-runtime/Cargo.toml" --exclude aws-smithy-http-server-python --workspace ${{ matrix.non_aws_features }} - name: Build AWS rust-runtime crates uses: actions-rs/cargo@v1 with: use-cross: true command: build args: --target ${{ matrix.target }} --manifest-path "aws/rust-runtime/Cargo.toml" ${{ matrix.aws_excludes }} --workspace + - name: Test AWS rust-runtime crates + uses: actions-rs/cargo@v1 + with: + use-cross: true + command: test + args: --target ${{ matrix.target }} --manifest-path "aws/rust-runtime/Cargo.toml" ${{ matrix.aws_excludes }} --workspace # This job is split out from the rest since it is not required to pass for merge check-sdk-examples: From 0495c3dd5f7a1121d19f414117a1506611b16541 Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Thu, 13 Oct 2022 19:41:43 +0200 Subject: [PATCH 05/28] Run tests only against aws rust runtime --- .github/workflows/ci.yml | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9fa18fbf3f..66d78eb511 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -199,12 +199,6 @@ jobs: use-cross: true command: build args: --target ${{ matrix.target }} --manifest-path "rust-runtime/Cargo.toml" --exclude aws-smithy-http-server-python --workspace ${{ matrix.non_aws_features }} - - name: Test rust-runtime crates - uses: actions-rs/cargo@v1 - with: - use-cross: true - command: test - args: --target ${{ matrix.target }} --manifest-path "rust-runtime/Cargo.toml" --exclude aws-smithy-http-server-python --workspace ${{ matrix.non_aws_features }} - name: Build AWS rust-runtime crates uses: actions-rs/cargo@v1 with: From 613651eb32862ef6b28c663617e0a085ea8a8456 Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Fri, 14 Oct 2022 11:23:46 +0200 Subject: [PATCH 06/28] PowerPC 32 and 64 bit should be fully testable now --- .github/workflows/ci.yml | 9 +++++++++ aws/rust-runtime/aws-sigv4/external-types.toml | 3 --- rust-runtime/aws-smithy-client/src/hyper_ext.rs | 2 +- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 66d78eb511..7749cfefc1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -162,6 +162,9 @@ jobs: - target: powerpc-unknown-linux-gnu non_aws_features: --features native-tls aws_excludes: --exclude aws-inlineable + - target: powerpc64-unknown-linux-gnu + non_aws_features: --features native-tls + aws_excludes: --exclude aws-inlineable env: CROSS_CONFIG: Cross.toml OPENSSL_LIB_DIR: /usr/lib/i386-linux-gnu @@ -199,6 +202,12 @@ jobs: use-cross: true command: build args: --target ${{ matrix.target }} --manifest-path "rust-runtime/Cargo.toml" --exclude aws-smithy-http-server-python --workspace ${{ matrix.non_aws_features }} + - name: Test rust-runtime crates + uses: actions-rs/cargo@v1 + with: + use-cross: true + command: test + args: --target ${{ matrix.target }} --manifest-path "rust-runtime/Cargo.toml" --exclude aws-smithy-http-server-python --workspace ${{ matrix.non_aws_features }} - name: Build AWS rust-runtime crates uses: actions-rs/cargo@v1 with: diff --git a/aws/rust-runtime/aws-sigv4/external-types.toml b/aws/rust-runtime/aws-sigv4/external-types.toml index caecac1606..9139940c26 100644 --- a/aws/rust-runtime/aws-sigv4/external-types.toml +++ b/aws/rust-runtime/aws-sigv4/external-types.toml @@ -6,9 +6,6 @@ allowed_external_types = [ "http::request::Request", "http::uri::Uri", - # TODO(https://github.com/awslabs/smithy-rs/issues/1193): Don't expose on `ring` - "ring::hmac::Tag", - # TODO(https://github.com/awslabs/smithy-rs/issues/1193): Once tooling permits it, only allow the following types in the `event-stream` feature "aws_smithy_eventstream::frame::Message", ] diff --git a/rust-runtime/aws-smithy-client/src/hyper_ext.rs b/rust-runtime/aws-smithy-client/src/hyper_ext.rs index 27caf43ad3..e4750f3fd9 100644 --- a/rust-runtime/aws-smithy-client/src/hyper_ext.rs +++ b/rust-runtime/aws-smithy-client/src/hyper_ext.rs @@ -48,7 +48,7 @@ //! that aren't otherwise exposed by the `Client` builder interface. //! #![cfg_attr( - not(all(feature = "rustls", feature = "client-hyper")), + not(all(feature = "rustls", feature = "client-hyper", feature = "native-tls")), doc = "```no_run,ignore" )] #![cfg_attr(all(feature = "rustls", feature = "client-hyper"), doc = "```no_run")] From 47a5cffb65094ab2ee13bce78239e7de753fc04a Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Fri, 14 Oct 2022 15:12:47 +0200 Subject: [PATCH 07/28] Maybe this time build and test will work --- .github/workflows/ci.yml | 42 +++++++++----- CHANGELOG.next.toml | 4 +- aws/rust-runtime/aws-sigv4/Cargo.toml | 10 ++++ aws/rust-runtime/aws-sigv4/benches/hmac.rs | 64 ++++++++++++++++++++++ aws/rust-runtime/aws-sigv4/src/sign.rs | 14 ++--- 5 files changed, 110 insertions(+), 24 deletions(-) create mode 100644 aws/rust-runtime/aws-sigv4/benches/hmac.rs diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7749cfefc1..2a15a4837c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -154,17 +154,29 @@ jobs: matrix: include: - target: i686-unknown-linux-gnu - non_aws_features: --all-features - aws_excludes: '' + build_smithy_rs_features: --all-features + build_aws_exclude: '' + build_smithy_rs_exclude: '' + test_smithy_rs_features: --all-features + test_aws_exclude: '' + test_smithy_rs_exclude: '' # We only test `native-tls` here because `rustls` depends on `ring` which in turn does not support powerpc # as a target platform (see https://github.com/briansmith/ring/issues/389) # We also exclude all first-party crates that have a non-optional dependency on `ring`. - target: powerpc-unknown-linux-gnu - non_aws_features: --features native-tls - aws_excludes: --exclude aws-inlineable + build_smithy_rs_features: --features native-tls + build_aws_exclude: --exclude aws-inlineable + build_smithy_rs_exclude: --exclude aws-smithy-http-server-python + test_smithy_rs_features: '' + test_aws_exclude: --exclude aws-inlineable + test_smithy_rs_exclude: --exclude aws-smithy-http-server-python --exclude aws-smithy-client - target: powerpc64-unknown-linux-gnu - non_aws_features: --features native-tls - aws_excludes: --exclude aws-inlineable + build_smithy_rs_features: --features native-tls + build_aws_exclude: --exclude aws-inlineable + build_smithy_rs_exclude: --exclude aws-smithy-http-server-python + test_smithy_rs_features: '' + test_aws_exclude: --exclude aws-inlineable + test_smithy_rs_exclude: --exclude aws-smithy-http-server-python --exclude aws-smithy-client env: CROSS_CONFIG: Cross.toml OPENSSL_LIB_DIR: /usr/lib/i386-linux-gnu @@ -196,30 +208,30 @@ jobs: "OPENSSL_INCLUDE_DIR", ] EOF - - name: Build rust-runtime crates + - name: Build Smithy-rs rust-runtime crates uses: actions-rs/cargo@v1 with: use-cross: true command: build - args: --target ${{ matrix.target }} --manifest-path "rust-runtime/Cargo.toml" --exclude aws-smithy-http-server-python --workspace ${{ matrix.non_aws_features }} - - name: Test rust-runtime crates + args: --target ${{ matrix.target }} --manifest-path "rust-runtime/Cargo.toml" ${{ matrix.build_smithy_rs_exclude }} --workspace ${{ matrix.build_smithy_rs_features }} + - name: Build AWS rust-runtime crates uses: actions-rs/cargo@v1 with: use-cross: true - command: test - args: --target ${{ matrix.target }} --manifest-path "rust-runtime/Cargo.toml" --exclude aws-smithy-http-server-python --workspace ${{ matrix.non_aws_features }} - - name: Build AWS rust-runtime crates + command: build + args: --target ${{ matrix.target }} --manifest-path "aws/rust-runtime/Cargo.toml" ${{ matrix.build_aws_exclude }} --workspace + - name: Test Smithy-rs rust-runtime crates uses: actions-rs/cargo@v1 with: use-cross: true - command: build - args: --target ${{ matrix.target }} --manifest-path "aws/rust-runtime/Cargo.toml" ${{ matrix.aws_excludes }} --workspace + command: test + args: --target ${{ matrix.target }} --manifest-path "rust-runtime/Cargo.toml" ${{ matrix.test_smithy_rs_exclude }} --workspace ${{ matrix.test_smithy_rs_features }} - name: Test AWS rust-runtime crates uses: actions-rs/cargo@v1 with: use-cross: true command: test - args: --target ${{ matrix.target }} --manifest-path "aws/rust-runtime/Cargo.toml" ${{ matrix.aws_excludes }} --workspace + args: --target ${{ matrix.target }} --manifest-path "aws/rust-runtime/Cargo.toml" ${{ matrix.test_aws_exclude }} --workspace # This job is split out from the rest since it is not required to pass for merge check-sdk-examples: diff --git a/CHANGELOG.next.toml b/CHANGELOG.next.toml index 5cf3fd366e..6c7f5ee13e 100644 --- a/CHANGELOG.next.toml +++ b/CHANGELOG.next.toml @@ -157,7 +157,7 @@ meta = { "breaking" = false, "tada" = false, "bug" = true } author = "ethyi" [[aws-sdk-rust]] -message = "Support Sigv4 signature generation on PowerPC." +message = "Support Sigv4 signature generation on PowerPC 32 and 64 bit. This architecture cannot compile ring, so the PowerPC implementation uses hmac + sha2 to achived the same result" references = ["smithy-rs#1847"] -meta = { "breaking" = false, "tada" = false, "bug" = true } +meta = { "breaking" = true, "tada" = false, "bug" = true } author = "crisidev" diff --git a/aws/rust-runtime/aws-sigv4/Cargo.toml b/aws/rust-runtime/aws-sigv4/Cargo.toml index fc7262ef8b..486fdd1b6e 100644 --- a/aws/rust-runtime/aws-sigv4/Cargo.toml +++ b/aws/rust-runtime/aws-sigv4/Cargo.toml @@ -35,12 +35,22 @@ hmac = "0.12" sha2 = "0.10" [dev-dependencies] +criterion = "0.4" bytes = "1" +hmac = "0.12" httparse = "1.5" pretty_assertions = "1.0" proptest = "1" +sha2 = "0.10" time = { version = "0.3.4", features = ["parsing"] } +[target.'cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))'.dev-dependencies] +ring = "0.16" + +[[bench]] +name = "hmac" +harness = false + [package.metadata.docs.rs] all-features = true targets = ["x86_64-unknown-linux-gnu"] diff --git a/aws/rust-runtime/aws-sigv4/benches/hmac.rs b/aws/rust-runtime/aws-sigv4/benches/hmac.rs new file mode 100644 index 0000000000..eb446070b5 --- /dev/null +++ b/aws/rust-runtime/aws-sigv4/benches/hmac.rs @@ -0,0 +1,64 @@ +use criterion::{criterion_group, criterion_main, Criterion}; +use hmac::digest::FixedOutput; +use hmac::{Hmac, Mac}; +#[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] +use ring::hmac::{sign, Context, Key, HMAC_SHA256}; +use sha2::Sha256; + +pub fn hmac(c: &mut Criterion) { + c.bench_function("hmac", |b| { + b.iter(|| { + let mut mac = Hmac::::new_from_slice(b"secret").unwrap(); + + mac.update(b"hello, world"); + mac.finalize_fixed() + }) + }); +} + +#[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] +pub fn ring_multipart(c: &mut Criterion) { + c.bench_function("ring_multipart", |b| { + b.iter(|| { + let k = Key::new(HMAC_SHA256, b"secret"); + let mut ctx = Context::with_key(&k); + + for slice in ["hello", ", ", "world"] { + ctx.update(slice.as_ref()); + } + + ctx.sign() + }) + }); +} + +#[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] +pub fn ring_one_shot(c: &mut Criterion) { + c.bench_function("ring_one_shot", |b| { + b.iter(|| { + let k = Key::new(HMAC_SHA256, b"secret"); + + sign(&k, b"hello, world") + }) + }); +} + +#[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] +criterion_group! { + name = benches; + + config = Criterion::default(); + + targets = hmac, ring_multipart, ring_one_shot +} + +#[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))] +criterion_group! { + name = benches; + + config = Criterion::default(); + + targets = hmac +} + +criterion_main!(benches); diff --git a/aws/rust-runtime/aws-sigv4/src/sign.rs b/aws/rust-runtime/aws-sigv4/src/sign.rs index 55ffd31e5c..c01f29e0b0 100644 --- a/aws/rust-runtime/aws-sigv4/src/sign.rs +++ b/aws/rust-runtime/aws-sigv4/src/sign.rs @@ -7,7 +7,7 @@ use crate::date_time::format_date; #[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))] -use hmac::{Hmac, Mac}; +use hmac::{digest::FixedOutput, Hmac, Mac}; #[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))] use sha2::{Digest, Sha256}; @@ -24,7 +24,7 @@ use std::time::SystemTime; pub(crate) fn sha256_hex_string(bytes: impl AsRef<[u8]>) -> String { let mut hasher = Sha256::new(); hasher.update(bytes); - hex::encode(hasher.finalize()) + hex::encode(hasher.finalize_fixed()) } #[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] @@ -41,7 +41,7 @@ pub fn calculate_signature(signing_key: impl AsRef<[u8]>, string_to_sign: &[u8]) let mut mac = Hmac::::new_from_slice(signing_key.as_ref()) .expect("HMAC can take key of any size"); mac.update(string_to_sign); - hex::encode(mac.finalize().into_bytes()) + hex::encode(mac.finalize_fixed().into_bytes()) } #[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] @@ -70,25 +70,25 @@ pub fn generate_signing_key( let mut mac = Hmac::::new_from_slice(secret.as_ref()).expect("HMAC can take key of any size"); mac.update(format_date(time).as_bytes()); - let tag = mac.finalize(); + let tag = mac.finalize_fixed(); // sign region let mut mac = Hmac::::new_from_slice(&tag.into_bytes()).expect("HMAC can take key of any size"); mac.update(region.as_bytes()); - let tag = mac.finalize(); + let tag = mac.finalize_fixed(); // sign service let mut mac = Hmac::::new_from_slice(&tag.into_bytes()).expect("HMAC can take key of any size"); mac.update(service.as_bytes()); - let tag = mac.finalize(); + let tag = mac.finalize_fixed(); // sign request let mut mac = Hmac::::new_from_slice(&tag.into_bytes()).expect("HMAC can take key of any size"); mac.update("aws4_request".as_bytes()); - mac.finalize().into_bytes() + mac.finalize_fixed().into_bytes() } #[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] From 29fe9672aa7cfd4f56a41db4939c5e580d923ed9 Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Fri, 14 Oct 2022 15:17:24 +0200 Subject: [PATCH 08/28] Add licence header to hmac.rs --- aws/rust-runtime/aws-sigv4/benches/hmac.rs | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/aws/rust-runtime/aws-sigv4/benches/hmac.rs b/aws/rust-runtime/aws-sigv4/benches/hmac.rs index eb446070b5..1141bf7a33 100644 --- a/aws/rust-runtime/aws-sigv4/benches/hmac.rs +++ b/aws/rust-runtime/aws-sigv4/benches/hmac.rs @@ -1,3 +1,8 @@ +/* + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0 + */ + use criterion::{criterion_group, criterion_main, Criterion}; use hmac::digest::FixedOutput; use hmac::{Hmac, Mac}; From 3ad7f873b5aba899a36ab09eeb8050b8f99be4ff Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Fri, 14 Oct 2022 15:25:13 +0200 Subject: [PATCH 09/28] Properly use finalized_fixed --- .github/workflows/ci.yml | 4 ++-- aws/rust-runtime/aws-sigv4/src/sign.rs | 13 +++++-------- 2 files changed, 7 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2a15a4837c..308ede9ac7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -156,10 +156,10 @@ jobs: - target: i686-unknown-linux-gnu build_smithy_rs_features: --all-features build_aws_exclude: '' - build_smithy_rs_exclude: '' + build_smithy_rs_exclude: --exclude aws-smithy-http-server-python test_smithy_rs_features: --all-features test_aws_exclude: '' - test_smithy_rs_exclude: '' + test_smithy_rs_exclude: --exclude aws-smithy-http-server-python # We only test `native-tls` here because `rustls` depends on `ring` which in turn does not support powerpc # as a target platform (see https://github.com/briansmith/ring/issues/389) # We also exclude all first-party crates that have a non-optional dependency on `ring`. diff --git a/aws/rust-runtime/aws-sigv4/src/sign.rs b/aws/rust-runtime/aws-sigv4/src/sign.rs index c01f29e0b0..dbee12dcee 100644 --- a/aws/rust-runtime/aws-sigv4/src/sign.rs +++ b/aws/rust-runtime/aws-sigv4/src/sign.rs @@ -41,7 +41,7 @@ pub fn calculate_signature(signing_key: impl AsRef<[u8]>, string_to_sign: &[u8]) let mut mac = Hmac::::new_from_slice(signing_key.as_ref()) .expect("HMAC can take key of any size"); mac.update(string_to_sign); - hex::encode(mac.finalize_fixed().into_bytes()) + hex::encode(mac.finalize_fixed()) } #[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] @@ -73,22 +73,19 @@ pub fn generate_signing_key( let tag = mac.finalize_fixed(); // sign region - let mut mac = - Hmac::::new_from_slice(&tag.into_bytes()).expect("HMAC can take key of any size"); + let mut mac = Hmac::::new_from_slice(&tag).expect("HMAC can take key of any size"); mac.update(region.as_bytes()); let tag = mac.finalize_fixed(); // sign service - let mut mac = - Hmac::::new_from_slice(&tag.into_bytes()).expect("HMAC can take key of any size"); + let mut mac = Hmac::::new_from_slice(&tag).expect("HMAC can take key of any size"); mac.update(service.as_bytes()); let tag = mac.finalize_fixed(); // sign request - let mut mac = - Hmac::::new_from_slice(&tag.into_bytes()).expect("HMAC can take key of any size"); + let mut mac = Hmac::::new_from_slice(&tag).expect("HMAC can take key of any size"); mac.update("aws4_request".as_bytes()); - mac.finalize_fixed().into_bytes() + mac.finalize_fixed() } #[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] From c66627d21ea2a4272b1e9254d61c1a2cbc1b4e9a Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Fri, 14 Oct 2022 15:28:35 +0200 Subject: [PATCH 10/28] Revert leftover --- rust-runtime/aws-smithy-client/src/hyper_ext.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rust-runtime/aws-smithy-client/src/hyper_ext.rs b/rust-runtime/aws-smithy-client/src/hyper_ext.rs index e4750f3fd9..27caf43ad3 100644 --- a/rust-runtime/aws-smithy-client/src/hyper_ext.rs +++ b/rust-runtime/aws-smithy-client/src/hyper_ext.rs @@ -48,7 +48,7 @@ //! that aren't otherwise exposed by the `Client` builder interface. //! #![cfg_attr( - not(all(feature = "rustls", feature = "client-hyper", feature = "native-tls")), + not(all(feature = "rustls", feature = "client-hyper")), doc = "```no_run,ignore" )] #![cfg_attr(all(feature = "rustls", feature = "client-hyper"), doc = "```no_run")] From f31b0176af8fdfc1c8ffa4c4c7ac03228f8e0e86 Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Fri, 14 Oct 2022 16:36:27 +0200 Subject: [PATCH 11/28] Temporary disable crc32c test on powerpc --- rust-runtime/aws-smithy-checksums/src/lib.rs | 2 ++ 1 file changed, 2 insertions(+) diff --git a/rust-runtime/aws-smithy-checksums/src/lib.rs b/rust-runtime/aws-smithy-checksums/src/lib.rs index 98ed65d34c..2c1f0872f9 100644 --- a/rust-runtime/aws-smithy-checksums/src/lib.rs +++ b/rust-runtime/aws-smithy-checksums/src/lib.rs @@ -340,6 +340,8 @@ mod tests { assert_eq!(decoded_checksum, expected_checksum); } + // TODO(https://github.com/zowens/crc32c/issues/34) + #[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] #[test] fn test_crc32c_checksum() { let mut checksum = Crc32c::default(); From fe5cf98fa1dc91e86d996119cab6f34eb0de19b4 Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Fri, 14 Oct 2022 17:08:42 +0200 Subject: [PATCH 12/28] Temporary disable system_time_conversion_test on 32bit CPUs --- rust-runtime/aws-smithy-types/src/date_time/mod.rs | 3 +++ 1 file changed, 3 insertions(+) diff --git a/rust-runtime/aws-smithy-types/src/date_time/mod.rs b/rust-runtime/aws-smithy-types/src/date_time/mod.rs index bb1120c829..f2aa7b3da6 100644 --- a/rust-runtime/aws-smithy-types/src/date_time/mod.rs +++ b/rust-runtime/aws-smithy-types/src/date_time/mod.rs @@ -526,6 +526,9 @@ mod test { assert!(DateTime::from_nanos(10_000_000_000_000_000_000_999_999_999_i128).is_err()); } + // TODO(understand why are we panic at 'overflow when subtracting duration from instant') + // This happens only on 32bit architectures. + #[cfg(not(any(target_arch = "powerpc", target_arch = "x86")))] #[test] fn system_time_conversions() { // Check agreement From 8f72a337acc60558e467efcd73a142f3850e2597 Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Fri, 14 Oct 2022 17:22:34 +0200 Subject: [PATCH 13/28] Disable other 3 tests on 32bit --- .github/workflows/ci.yml | 16 +++++++++++----- aws/rust-runtime/aws-sigv4/src/date_time.rs | 9 +++++++++ .../aws-smithy-types/src/date_time/mod.rs | 2 +- 3 files changed, 21 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 308ede9ac7..b1aa6a00aa 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -144,8 +144,8 @@ jobs: done # We make sure that Smithy-rs can be compiled on platforms that are not natively supported by GitHub actions. - # We do not run tests on those platforms (yet) because it'd require a more complicated setup involving architecture - # emulation via QEMU, likely to cause a significant degradation on CI completion time. + # We run as many tests we can on those platforms because they require a more complicated setup involving architecture + # emulation. test-exotic-platform-support: name: Exotic platform support runs-on: ubuntu-latest @@ -153,6 +153,7 @@ jobs: fail-fast: false matrix: include: + # We always exclude aws-smithy-http-server-python since the Python framework is experimental. - target: i686-unknown-linux-gnu build_smithy_rs_features: --all-features build_aws_exclude: '' @@ -160,22 +161,27 @@ jobs: test_smithy_rs_features: --all-features test_aws_exclude: '' test_smithy_rs_exclude: --exclude aws-smithy-http-server-python - # We only test `native-tls` here because `rustls` depends on `ring` which in turn does not support powerpc - # as a target platform (see https://github.com/briansmith/ring/issues/389) - # We also exclude all first-party crates that have a non-optional dependency on `ring`. - target: powerpc-unknown-linux-gnu + # We only build the `native-tls` feature here because `rustls` depends on `ring` which in turn does not support + # powerpc as a target platform (see https://github.com/briansmith/ring/issues/389) build_smithy_rs_features: --features native-tls build_aws_exclude: --exclude aws-inlineable build_smithy_rs_exclude: --exclude aws-smithy-http-server-python test_smithy_rs_features: '' test_aws_exclude: --exclude aws-inlineable + # We exclude for now aws-smithy-client from powerpc64 tests because Ubuntu dropped the support for cross + # architecture and building against OpenSSL inside cross requires more effort test_smithy_rs_exclude: --exclude aws-smithy-http-server-python --exclude aws-smithy-client - target: powerpc64-unknown-linux-gnu + # We only build the `native-tls` feature here because `rustls` depends on `ring` which in turn does not support + # powerpc64 as a target platform (see https://github.com/briansmith/ring/issues/389) build_smithy_rs_features: --features native-tls build_aws_exclude: --exclude aws-inlineable build_smithy_rs_exclude: --exclude aws-smithy-http-server-python test_smithy_rs_features: '' test_aws_exclude: --exclude aws-inlineable + # We exclude for now aws-smithy-client from powerpc64 tests because Ubuntu dropped the support for cross + # architecture and building against OpenSSL inside cross requires more effort test_smithy_rs_exclude: --exclude aws-smithy-http-server-python --exclude aws-smithy-client env: CROSS_CONFIG: Cross.toml diff --git a/aws/rust-runtime/aws-sigv4/src/date_time.rs b/aws/rust-runtime/aws-sigv4/src/date_time.rs index 6d7e5e119f..4bc19933b8 100644 --- a/aws/rust-runtime/aws-sigv4/src/date_time.rs +++ b/aws/rust-runtime/aws-sigv4/src/date_time.rs @@ -95,6 +95,9 @@ mod tests { use crate::date_time::test_parsers::{parse_date, parse_date_time}; use time::format_description::well_known::Rfc3339; + // TODO(understand why are we panic at 'overflow when subtracting duration from instant') + // This happens only on 32bit architectures. + #[cfg(not(any(target_arch = "powerpc", target_arch = "x86")))] #[test] fn date_format() { let time: SystemTime = OffsetDateTime::parse("2039-02-04T23:01:09.104Z", &Rfc3339) @@ -107,6 +110,9 @@ mod tests { assert_eq!("01000102", format_date(time)); } + // TODO(understand why are we panic at 'overflow when subtracting duration from instant') + // This happens only on 32bit architectures. + #[cfg(not(any(target_arch = "powerpc", target_arch = "x86")))] #[test] fn date_time_format() { let time: SystemTime = OffsetDateTime::parse("2039-02-04T23:01:09.104Z", &Rfc3339) @@ -131,6 +137,9 @@ mod tests { assert_eq!("20150830", format_date(time)); } + // TODO(understand why are we panic at 'overflow when subtracting duration from instant') + // This happens only on 32bit architectures. + #[cfg(not(any(target_arch = "powerpc", target_arch = "x86")))] #[test] fn test_truncate_subsecs() { let time: SystemTime = OffsetDateTime::parse("2039-02-04T23:01:09.104Z", &Rfc3339) diff --git a/rust-runtime/aws-smithy-types/src/date_time/mod.rs b/rust-runtime/aws-smithy-types/src/date_time/mod.rs index f2aa7b3da6..2d8f4da06c 100644 --- a/rust-runtime/aws-smithy-types/src/date_time/mod.rs +++ b/rust-runtime/aws-smithy-types/src/date_time/mod.rs @@ -528,7 +528,7 @@ mod test { // TODO(understand why are we panic at 'overflow when subtracting duration from instant') // This happens only on 32bit architectures. - #[cfg(not(any(target_arch = "powerpc", target_arch = "x86")))] + #[cfg(not(any(target_arch = "powerpc")))] #[test] fn system_time_conversions() { // Check agreement From b2ed396121f9609c8519cbd1e1013cad24872702 Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Fri, 14 Oct 2022 17:32:25 +0200 Subject: [PATCH 14/28] Temporarily disable last test --- rust-runtime/aws-smithy-types/src/date_time/mod.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rust-runtime/aws-smithy-types/src/date_time/mod.rs b/rust-runtime/aws-smithy-types/src/date_time/mod.rs index 2d8f4da06c..f2aa7b3da6 100644 --- a/rust-runtime/aws-smithy-types/src/date_time/mod.rs +++ b/rust-runtime/aws-smithy-types/src/date_time/mod.rs @@ -528,7 +528,7 @@ mod test { // TODO(understand why are we panic at 'overflow when subtracting duration from instant') // This happens only on 32bit architectures. - #[cfg(not(any(target_arch = "powerpc")))] + #[cfg(not(any(target_arch = "powerpc", target_arch = "x86")))] #[test] fn system_time_conversions() { // Check agreement From 078700f03e8f2b3ace915d64e965305e0d90541f Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Fri, 14 Oct 2022 18:02:19 +0200 Subject: [PATCH 15/28] Update CHANGELOG and document TODOs with issues --- CHANGELOG.next.toml | 8 +++++++- aws/rust-runtime/aws-sigv4/src/date_time.rs | 9 +++------ rust-runtime/aws-smithy-checksums/src/lib.rs | 1 + rust-runtime/aws-smithy-types/src/date_time/mod.rs | 3 +-- 4 files changed, 12 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.next.toml b/CHANGELOG.next.toml index 6c7f5ee13e..061866619a 100644 --- a/CHANGELOG.next.toml +++ b/CHANGELOG.next.toml @@ -156,8 +156,14 @@ references = ["smithy-rs#1817"] meta = { "breaking" = false, "tada" = false, "bug" = true } author = "ethyi" +[[smithy-rs]] +message = "Support Sigv4 signature generation on PowerPC 32 and 64 bit. This architecture cannot compile ring, so the PowerPC implementation uses hmac + sha2 to achive the same result. We also updated the CI which is now running as many tests as possible against i686 and PowerPC 32 and 64 bit." +references = ["smithy-rs#1847"] +meta = { "breaking" = false, "tada" = false, "bug" = true } +author = "crisidev" + [[aws-sdk-rust]] -message = "Support Sigv4 signature generation on PowerPC 32 and 64 bit. This architecture cannot compile ring, so the PowerPC implementation uses hmac + sha2 to achived the same result" +message = "Support Sigv4 signature generation on PowerPC 32 and 64 bit. This architecture cannot compile ring, so the PowerPC implementation uses hmac + sha2 to achive the same result." references = ["smithy-rs#1847"] meta = { "breaking" = true, "tada" = false, "bug" = true } author = "crisidev" diff --git a/aws/rust-runtime/aws-sigv4/src/date_time.rs b/aws/rust-runtime/aws-sigv4/src/date_time.rs index 4bc19933b8..5ddd705607 100644 --- a/aws/rust-runtime/aws-sigv4/src/date_time.rs +++ b/aws/rust-runtime/aws-sigv4/src/date_time.rs @@ -95,8 +95,7 @@ mod tests { use crate::date_time::test_parsers::{parse_date, parse_date_time}; use time::format_description::well_known::Rfc3339; - // TODO(understand why are we panic at 'overflow when subtracting duration from instant') - // This happens only on 32bit architectures. + // TODO(https://github.com/awslabs/smithy-rs/issues/1857) #[cfg(not(any(target_arch = "powerpc", target_arch = "x86")))] #[test] fn date_format() { @@ -110,8 +109,7 @@ mod tests { assert_eq!("01000102", format_date(time)); } - // TODO(understand why are we panic at 'overflow when subtracting duration from instant') - // This happens only on 32bit architectures. + // TODO(https://github.com/awslabs/smithy-rs/issues/1857) #[cfg(not(any(target_arch = "powerpc", target_arch = "x86")))] #[test] fn date_time_format() { @@ -137,8 +135,7 @@ mod tests { assert_eq!("20150830", format_date(time)); } - // TODO(understand why are we panic at 'overflow when subtracting duration from instant') - // This happens only on 32bit architectures. + // TODO(https://github.com/awslabs/smithy-rs/issues/1857) #[cfg(not(any(target_arch = "powerpc", target_arch = "x86")))] #[test] fn test_truncate_subsecs() { diff --git a/rust-runtime/aws-smithy-checksums/src/lib.rs b/rust-runtime/aws-smithy-checksums/src/lib.rs index 2c1f0872f9..59a85c397c 100644 --- a/rust-runtime/aws-smithy-checksums/src/lib.rs +++ b/rust-runtime/aws-smithy-checksums/src/lib.rs @@ -341,6 +341,7 @@ mod tests { } // TODO(https://github.com/zowens/crc32c/issues/34) + // TODO(https://github.com/awslabs/smithy-rs/issues/1857) #[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] #[test] fn test_crc32c_checksum() { diff --git a/rust-runtime/aws-smithy-types/src/date_time/mod.rs b/rust-runtime/aws-smithy-types/src/date_time/mod.rs index f2aa7b3da6..bf8b27b119 100644 --- a/rust-runtime/aws-smithy-types/src/date_time/mod.rs +++ b/rust-runtime/aws-smithy-types/src/date_time/mod.rs @@ -526,8 +526,7 @@ mod test { assert!(DateTime::from_nanos(10_000_000_000_000_000_000_999_999_999_i128).is_err()); } - // TODO(understand why are we panic at 'overflow when subtracting duration from instant') - // This happens only on 32bit architectures. + // TODO(https://github.com/awslabs/smithy-rs/issues/1857) #[cfg(not(any(target_arch = "powerpc", target_arch = "x86")))] #[test] fn system_time_conversions() { From 3fee356589eb145451be9f1311875c2465ccc838 Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Mon, 17 Oct 2022 11:46:59 +0100 Subject: [PATCH 16/28] Run aws-smithy-client tests in CI with crosscompiled local openssl --- .github/workflows/ci.yml | 37 +++++++++++------------ rust-runtime/aws-smithy-client/Cargo.toml | 6 ++-- 2 files changed, 22 insertions(+), 21 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0a9850951a..5f33f91b73 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -154,6 +154,8 @@ jobs: matrix: include: # We always exclude aws-smithy-http-server-python since the Python framework is experimental. + # We only build the `native-tls` feature here because `rustls` depends on `ring` which in turn + # does not support powerpc as a target platform (see https://github.com/briansmith/ring/issues/389) - target: i686-unknown-linux-gnu build_smithy_rs_features: --all-features build_aws_exclude: '' @@ -161,32 +163,26 @@ jobs: test_smithy_rs_features: --all-features test_aws_exclude: '' test_smithy_rs_exclude: --exclude aws-smithy-http-server-python + openssl_targets: linux-i686 i686-linux-gnu- - target: powerpc-unknown-linux-gnu - # We only build the `native-tls` feature here because `rustls` depends on `ring` which in turn does not support - # powerpc as a target platform (see https://github.com/briansmith/ring/issues/389) build_smithy_rs_features: --features native-tls build_aws_exclude: --exclude aws-inlineable build_smithy_rs_exclude: --exclude aws-smithy-http-server-python - test_smithy_rs_features: '' + test_smithy_rs_features: --features native-tls test_aws_exclude: --exclude aws-inlineable - # We exclude for now aws-smithy-client from powerpc64 tests because Ubuntu dropped the support for cross - # architecture and building against OpenSSL inside cross requires more effort - test_smithy_rs_exclude: --exclude aws-smithy-http-server-python --exclude aws-smithy-client + test_smithy_rs_exclude: --exclude aws-smithy-http-server-python + openssl_targets: linux-ppc powerpc-linux-gnu- - target: powerpc64-unknown-linux-gnu - # We only build the `native-tls` feature here because `rustls` depends on `ring` which in turn does not support - # powerpc64 as a target platform (see https://github.com/briansmith/ring/issues/389) build_smithy_rs_features: --features native-tls build_aws_exclude: --exclude aws-inlineable build_smithy_rs_exclude: --exclude aws-smithy-http-server-python - test_smithy_rs_features: '' + test_smithy_rs_features: --features native-tls test_aws_exclude: --exclude aws-inlineable - # We exclude for now aws-smithy-client from powerpc64 tests because Ubuntu dropped the support for cross - # architecture and building against OpenSSL inside cross requires more effort - test_smithy_rs_exclude: --exclude aws-smithy-http-server-python --exclude aws-smithy-client + test_smithy_rs_exclude: --exclude aws-smithy-http-server-python + openssl_targets: linux-ppc64 powerpc64-linux-gnu- env: CROSS_CONFIG: Cross.toml - OPENSSL_LIB_DIR: /usr/lib/i386-linux-gnu - OPENSSL_INCLUDE_DIR: /usr/include/i386-linux-gnu + OPENSSL_DIR: /openssl steps: - name: Checkout uses: actions/checkout@v1 @@ -204,15 +200,18 @@ jobs: target: ${{ matrix.target }} - name: Configure cross shell: bash + # configure and cross compile openssl locally to be able to run aws-smithy-client tests. + # since cross dropped support for openssl, we use the build script from version 0.16. run: | cat > Cross.toml << EOF [build] - pre-build = ["dpkg --add-architecture i386", "apt-get update && apt-get install --assume-yes pkg-config:i386 libssl-dev:i386"] - [build.env] - passthrough = [ - "OPENSSL_LIB_DIR", - "OPENSSL_INCLUDE_DIR", + pre-build = [ + "dpkg --add-architecture i386", + "export DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install --assume-yes wget", + "wget -O /tmp/openssl.sh https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh && bash /tmp/openssl.sh ${{ matrix.openssl_targets }}" ] + [build.env] + passthrough = ["OPENSSL_DIR"] EOF - name: Build Smithy-rs rust-runtime crates uses: actions-rs/cargo@v1 diff --git a/rust-runtime/aws-smithy-client/Cargo.toml b/rust-runtime/aws-smithy-client/Cargo.toml index 598207acf0..66f50a54b9 100644 --- a/rust-runtime/aws-smithy-client/Cargo.toml +++ b/rust-runtime/aws-smithy-client/Cargo.toml @@ -25,7 +25,10 @@ fastrand = "1.4.0" http = "0.2.3" http-body = "0.4.4" hyper = { version = "0.14.12", features = ["client", "http2", "http1"], optional = true } -hyper-rustls = { version = "0.23.0", optional = true, features = ["rustls-native-certs", "http2"] } +# cargo does not support optional test dependencies, so to completely disable rustls when +# the native-tls feature is enabled, we need to add the webpki-roots feature here. +# https://github.com/rust-lang/cargo/issues/1596 +hyper-rustls = { version = "0.23.0", optional = true, features = ["rustls-native-certs", "http2", "webpki-roots"] } hyper-tls = { version = "0.5.0", optional = true } lazy_static = { version = "1", optional = true } pin-project-lite = "0.2.7" @@ -36,7 +39,6 @@ tracing = "0.1" [dev-dependencies] aws-smithy-async = { path = "../aws-smithy-async", features = ["rt-tokio"] } -hyper-rustls = { version = "0.23.0", features = ["webpki-roots"] } serde = { version = "1", features = ["derive"] } serde_json = "1" tokio = { version = "1.8.4", features = ["full", "test-util"] } From 902361f3957138ba4ca50522db334dc280b58e50 Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Mon, 17 Oct 2022 11:55:18 +0100 Subject: [PATCH 17/28] Simplify CI script --- .github/workflows/ci.yml | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5f33f91b73..e8a7e822e4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -205,11 +205,7 @@ jobs: run: | cat > Cross.toml << EOF [build] - pre-build = [ - "dpkg --add-architecture i386", - "export DEBIAN_FRONTEND=noninteractive apt-get update && apt-get install --assume-yes wget", - "wget -O /tmp/openssl.sh https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh && bash /tmp/openssl.sh ${{ matrix.openssl_targets }}" - ] + pre-build = ["curl --output /tmp/openssl.sh https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh && bash /tmp/openssl.sh ${{ matrix.openssl_targets }}"] [build.env] passthrough = ["OPENSSL_DIR"] EOF From 570bab877a7266e9c00f5b6d85f14a6462d6a2ec Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Mon, 17 Oct 2022 12:03:16 +0100 Subject: [PATCH 18/28] Use correct curl options --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e8a7e822e4..b63731ca4c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -205,7 +205,7 @@ jobs: run: | cat > Cross.toml << EOF [build] - pre-build = ["curl --output /tmp/openssl.sh https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh && bash /tmp/openssl.sh ${{ matrix.openssl_targets }}"] + pre-build = ["curl -L -s -o /tmp/openssl.sh https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh && bash /tmp/openssl.sh ${{ matrix.openssl_targets }}"] [build.env] passthrough = ["OPENSSL_DIR"] EOF From 1b21efb8f3de6e3e3492d5a199c9654e930cf1ba Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Mon, 17 Oct 2022 12:16:48 +0100 Subject: [PATCH 19/28] Use the right OS for i686 --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b63731ca4c..1626602c58 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -163,7 +163,7 @@ jobs: test_smithy_rs_features: --all-features test_aws_exclude: '' test_smithy_rs_exclude: --exclude aws-smithy-http-server-python - openssl_targets: linux-i686 i686-linux-gnu- + openssl_targets: linux-x86_64 i686-linux-gnu- - target: powerpc-unknown-linux-gnu build_smithy_rs_features: --features native-tls build_aws_exclude: --exclude aws-inlineable From 97668788aaf258bd80e871cdb1998672a24e2a95 Mon Sep 17 00:00:00 2001 From: Bigo <1781140+crisidev@users.noreply.github.com> Date: Mon, 17 Oct 2022 12:36:17 +0100 Subject: [PATCH 20/28] Looks like I finally foung the right os type for i686 --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1626602c58..57a6c2e1be 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -163,7 +163,7 @@ jobs: test_smithy_rs_features: --all-features test_aws_exclude: '' test_smithy_rs_exclude: --exclude aws-smithy-http-server-python - openssl_targets: linux-x86_64 i686-linux-gnu- + openssl_targets: linux-generic32 i686-linux-gnu- - target: powerpc-unknown-linux-gnu build_smithy_rs_features: --features native-tls build_aws_exclude: --exclude aws-inlineable From f12edb9e9c4490cb65e36e6823cbba1ee2222ae8 Mon Sep 17 00:00:00 2001 From: Luca Palmieri <20745048+LukeMathWalker@users.noreply.github.com> Date: Fri, 21 Oct 2022 15:42:13 +0100 Subject: [PATCH 21/28] Add `tcp` feature to `hyper` to get tests compiling. --- rust-runtime/aws-smithy-client/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rust-runtime/aws-smithy-client/Cargo.toml b/rust-runtime/aws-smithy-client/Cargo.toml index 66f50a54b9..f184552dac 100644 --- a/rust-runtime/aws-smithy-client/Cargo.toml +++ b/rust-runtime/aws-smithy-client/Cargo.toml @@ -24,7 +24,7 @@ bytes = "1" fastrand = "1.4.0" http = "0.2.3" http-body = "0.4.4" -hyper = { version = "0.14.12", features = ["client", "http2", "http1"], optional = true } +hyper = { version = "0.14.12", features = ["client", "http2", "http1", "tcp"], optional = true } # cargo does not support optional test dependencies, so to completely disable rustls when # the native-tls feature is enabled, we need to add the webpki-roots feature here. # https://github.com/rust-lang/cargo/issues/1596 From 03a6ded6c1ad738e3df5bc263cd765c0d5001fcf Mon Sep 17 00:00:00 2001 From: Luca Palmieri <20745048+LukeMathWalker@users.noreply.github.com> Date: Fri, 21 Oct 2022 15:45:34 +0100 Subject: [PATCH 22/28] Enable verbose logging to debug CI failure in cross. --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 57a6c2e1be..e65c9637fe 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -214,13 +214,13 @@ jobs: with: use-cross: true command: build - args: --target ${{ matrix.target }} --manifest-path "rust-runtime/Cargo.toml" ${{ matrix.build_smithy_rs_exclude }} --workspace ${{ matrix.build_smithy_rs_features }} + args: -vv --target ${{ matrix.target }} --manifest-path "rust-runtime/Cargo.toml" ${{ matrix.build_smithy_rs_exclude }} --workspace ${{ matrix.build_smithy_rs_features }} - name: Build AWS rust-runtime crates uses: actions-rs/cargo@v1 with: use-cross: true command: build - args: --target ${{ matrix.target }} --manifest-path "aws/rust-runtime/Cargo.toml" ${{ matrix.build_aws_exclude }} --workspace + args: -vv --target ${{ matrix.target }} --manifest-path "aws/rust-runtime/Cargo.toml" ${{ matrix.build_aws_exclude }} --workspace - name: Test Smithy-rs rust-runtime crates uses: actions-rs/cargo@v1 with: From f45401b83fc20f5411af68ac871b6e7d411e14f7 Mon Sep 17 00:00:00 2001 From: Luca Palmieri <20745048+LukeMathWalker@users.noreply.github.com> Date: Fri, 21 Oct 2022 17:20:27 +0100 Subject: [PATCH 23/28] Use pre-built openSSL on i686 --- .github/workflows/ci.yml | 23 +++++++++++++++++------ 1 file changed, 17 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e65c9637fe..daac932071 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -163,7 +163,6 @@ jobs: test_smithy_rs_features: --all-features test_aws_exclude: '' test_smithy_rs_exclude: --exclude aws-smithy-http-server-python - openssl_targets: linux-generic32 i686-linux-gnu- - target: powerpc-unknown-linux-gnu build_smithy_rs_features: --features native-tls build_aws_exclude: --exclude aws-inlineable @@ -171,7 +170,6 @@ jobs: test_smithy_rs_features: --features native-tls test_aws_exclude: --exclude aws-inlineable test_smithy_rs_exclude: --exclude aws-smithy-http-server-python - openssl_targets: linux-ppc powerpc-linux-gnu- - target: powerpc64-unknown-linux-gnu build_smithy_rs_features: --features native-tls build_aws_exclude: --exclude aws-inlineable @@ -179,10 +177,12 @@ jobs: test_smithy_rs_features: --features native-tls test_aws_exclude: --exclude aws-inlineable test_smithy_rs_exclude: --exclude aws-smithy-http-server-python - openssl_targets: linux-ppc64 powerpc64-linux-gnu- env: CROSS_CONFIG: Cross.toml OPENSSL_DIR: /openssl + # TODO: It'd be nice to only set these, conditionally, when building for i686 + OPENSSL_LIB_DIR: /usr/lib/i386-linux-gnu + OPENSSL_INCLUDE_DIR: /usr/include/i386-linux-gnu steps: - name: Checkout uses: actions/checkout@v1 @@ -204,9 +204,20 @@ jobs: # since cross dropped support for openssl, we use the build script from version 0.16. run: | cat > Cross.toml << EOF - [build] - pre-build = ["curl -L -s -o /tmp/openssl.sh https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh && bash /tmp/openssl.sh ${{ matrix.openssl_targets }}"] - [build.env] + [target.i686-unknown-linux-gnu] + pre-build = ["dpkg --add-architecture i386", "apt-get update && apt-get install --assume-yes pkg-config:i386 libssl-dev:i386"] + [target.i686-unknown-linux-gnu.env] + passthrough = [ + "OPENSSL_LIB_DIR", + "OPENSSL_INCLUDE_DIR", + ] + [target.powerpc-unknown-linux-gnu] + pre-build = ["curl -L -s -o /tmp/openssl.sh https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh && bash /tmp/openssl.sh linux-ppc powerpc-linux-gnu-"] + [target.powerpc-unknown-linux-gnu.env] + passthrough = ["OPENSSL_DIR"] + [target.powerpc64-unknown-linux-gnu ] + pre-build = ["curl -L -s -o /tmp/openssl.sh https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh && bash /tmp/openssl.sh linux-ppc64 powerpc64-linux-gnu-"] + [target.powerpc64-unknown-linux-gnu .env] passthrough = ["OPENSSL_DIR"] EOF - name: Build Smithy-rs rust-runtime crates From 6084fde766ee9a4a15270a976a44cc3a06781e09 Mon Sep 17 00:00:00 2001 From: Luca Palmieri <20745048+LukeMathWalker@users.noreply.github.com> Date: Fri, 21 Oct 2022 17:20:47 +0100 Subject: [PATCH 24/28] Fix empty spaces. --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index daac932071..8ae8c44067 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -215,9 +215,9 @@ jobs: pre-build = ["curl -L -s -o /tmp/openssl.sh https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh && bash /tmp/openssl.sh linux-ppc powerpc-linux-gnu-"] [target.powerpc-unknown-linux-gnu.env] passthrough = ["OPENSSL_DIR"] - [target.powerpc64-unknown-linux-gnu ] + [target.powerpc64-unknown-linux-gnu] pre-build = ["curl -L -s -o /tmp/openssl.sh https://github.com/cross-rs/cross/raw/c183ee37a9dc6b0e6b6a6ac9c918173137bad4ef/docker/openssl.sh && bash /tmp/openssl.sh linux-ppc64 powerpc64-linux-gnu-"] - [target.powerpc64-unknown-linux-gnu .env] + [target.powerpc64-unknown-linux-gnu.env] passthrough = ["OPENSSL_DIR"] EOF - name: Build Smithy-rs rust-runtime crates From 0df6cfcd44eb70a24b791047a33c4b3858d66aa9 Mon Sep 17 00:00:00 2001 From: Luca Palmieri <20745048+LukeMathWalker@users.noreply.github.com> Date: Fri, 21 Oct 2022 18:22:42 +0100 Subject: [PATCH 25/28] Set environment variables based on matrix.target --- .github/workflows/ci.yml | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8ae8c44067..0ae183bbd6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -179,10 +179,6 @@ jobs: test_smithy_rs_exclude: --exclude aws-smithy-http-server-python env: CROSS_CONFIG: Cross.toml - OPENSSL_DIR: /openssl - # TODO: It'd be nice to only set these, conditionally, when building for i686 - OPENSSL_LIB_DIR: /usr/lib/i386-linux-gnu - OPENSSL_INCLUDE_DIR: /usr/include/i386-linux-gnu steps: - name: Checkout uses: actions/checkout@v1 @@ -198,9 +194,18 @@ jobs: profile: minimal override: true target: ${{ matrix.target }} + - name: Sets OpenSSL env vars on i686 + run: | + echo "OPENSSL_LIB_DIR=/usr/lib/i386-linux-gnu" >> $GITHUB_ENV + echo "OPENSSL_INCLUDE_DIR=/usr/include/i386-linux-gnu" >> $GITHUB_ENV + if: matrix.target == 'i686-unknown-linux-gnu' + - name: Sets OpenSSL env vars on ppc and ppc64 + run: | + echo "OPENSSL_DIR=/openssl" >> $GITHUB_ENV + if: matrix.target != 'i686-unknown-linux-gnu' - name: Configure cross shell: bash - # configure and cross compile openssl locally to be able to run aws-smithy-client tests. + # configure and cross compile openssl locally on ppc and ppc64 to be able to run aws-smithy-client tests. # since cross dropped support for openssl, we use the build script from version 0.16. run: | cat > Cross.toml << EOF From bea53b65c128a59552beccf3ae21db8765bdfb2e Mon Sep 17 00:00:00 2001 From: Luca Palmieri <20745048+LukeMathWalker@users.noreply.github.com> Date: Tue, 25 Oct 2022 12:48:39 +0200 Subject: [PATCH 26/28] Remove all usages of `ring` from `aws-sigv4`. It ensures broader platform compatibility and higher performance. --- aws/rust-runtime/aws-sigv4/Cargo.toml | 6 --- aws/rust-runtime/aws-sigv4/src/sign.rs | 58 -------------------------- 2 files changed, 64 deletions(-) diff --git a/aws/rust-runtime/aws-sigv4/Cargo.toml b/aws/rust-runtime/aws-sigv4/Cargo.toml index 486fdd1b6e..336cce5bce 100644 --- a/aws/rust-runtime/aws-sigv4/Cargo.toml +++ b/aws/rust-runtime/aws-sigv4/Cargo.toml @@ -25,12 +25,6 @@ percent-encoding = { version = "2.1", optional = true } regex = "1.5" time = "0.3.5" tracing = "0.1" - -[target.'cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))'.dependencies] -ring = "0.16" - -# ring does not compile on powerpc (https://github.com/briansmith/ring/issues/389) so we use hmac and sha2. -[target.'cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))'.dependencies] hmac = "0.12" sha2 = "0.10" diff --git a/aws/rust-runtime/aws-sigv4/src/sign.rs b/aws/rust-runtime/aws-sigv4/src/sign.rs index dbee12dcee..a140f6e955 100644 --- a/aws/rust-runtime/aws-sigv4/src/sign.rs +++ b/aws/rust-runtime/aws-sigv4/src/sign.rs @@ -6,19 +6,10 @@ //! Functions to create signing keys and calculate signatures. use crate::date_time::format_date; -#[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))] use hmac::{digest::FixedOutput, Hmac, Mac}; -#[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))] use sha2::{Digest, Sha256}; - -#[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] -use ring::{ - digest, - hmac::{self, Key}, -}; use std::time::SystemTime; -#[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))] /// HashedPayload = Lowercase(HexEncode(Hash(requestPayload))) #[allow(dead_code)] // Unused when compiling without certain features pub(crate) fn sha256_hex_string(bytes: impl AsRef<[u8]>) -> String { @@ -27,15 +18,6 @@ pub(crate) fn sha256_hex_string(bytes: impl AsRef<[u8]>) -> String { hex::encode(hasher.finalize_fixed()) } -#[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] -/// HashedPayload = Lowercase(HexEncode(Hash(requestPayload))) -#[allow(dead_code)] // Unused when compiling without certain features -pub(crate) fn sha256_hex_string(bytes: impl AsRef<[u8]>) -> String { - // hex::encode returns a lowercase string - hex::encode(digest::digest(&digest::SHA256, bytes.as_ref())) -} - -#[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))] /// Calculates a Sigv4 signature pub fn calculate_signature(signing_key: impl AsRef<[u8]>, string_to_sign: &[u8]) -> String { let mut mac = Hmac::::new_from_slice(signing_key.as_ref()) @@ -44,15 +26,6 @@ pub fn calculate_signature(signing_key: impl AsRef<[u8]>, string_to_sign: &[u8]) hex::encode(mac.finalize_fixed()) } -#[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] -/// Calculates a Sigv4 signature -pub fn calculate_signature(signing_key: impl AsRef<[u8]>, string_to_sign: &[u8]) -> String { - let s_key = Key::new(hmac::HMAC_SHA256, signing_key.as_ref()); - let tag = hmac::sign(&s_key, string_to_sign); - hex::encode(tag) -} - -#[cfg(any(target_arch = "powerpc", target_arch = "powerpc64"))] /// Generates a signing key for Sigv4 pub fn generate_signing_key( secret: &str, @@ -88,37 +61,6 @@ pub fn generate_signing_key( mac.finalize_fixed() } -#[cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))] -/// Generates a signing key for Sigv4 -pub fn generate_signing_key( - secret: &str, - time: SystemTime, - region: &str, - service: &str, -) -> impl AsRef<[u8]> { - // kSecret = your secret access key - // kDate = HMAC("AWS4" + kSecret, Date) - // kRegion = HMAC(kDate, Region) - // kService = HMAC(kRegion, Service) - // kSigning = HMAC(kService, "aws4_request") - - let secret = format!("AWS4{}", secret); - let secret = hmac::Key::new(hmac::HMAC_SHA256, secret.as_bytes()); - let tag = hmac::sign(&secret, format_date(time).as_bytes()); - - // sign region - let key = hmac::Key::new(hmac::HMAC_SHA256, tag.as_ref()); - let tag = hmac::sign(&key, region.as_bytes()); - - // sign service - let key = hmac::Key::new(hmac::HMAC_SHA256, tag.as_ref()); - let tag = hmac::sign(&key, service.as_bytes()); - - // sign request - let key = hmac::Key::new(hmac::HMAC_SHA256, tag.as_ref()); - hmac::sign(&key, "aws4_request".as_bytes()) -} - #[cfg(test)] mod tests { use super::{calculate_signature, generate_signing_key}; From 299120d520e4ab5136e0a27b340b9392d6aa84d6 Mon Sep 17 00:00:00 2001 From: Luca Palmieri <20745048+LukeMathWalker@users.noreply.github.com> Date: Tue, 25 Oct 2022 12:50:54 +0200 Subject: [PATCH 27/28] Update changelog entries. --- CHANGELOG.next.toml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.next.toml b/CHANGELOG.next.toml index 032ea8f644..a899952cba 100644 --- a/CHANGELOG.next.toml +++ b/CHANGELOG.next.toml @@ -182,13 +182,13 @@ meta = { "breaking" = false, "tada" = false, "bug" = false } author = "ogudavid" [[smithy-rs]] -message = "Support Sigv4 signature generation on PowerPC 32 and 64 bit. This architecture cannot compile ring, so the PowerPC implementation uses hmac + sha2 to achive the same result. We also updated the CI which is now running as many tests as possible against i686 and PowerPC 32 and 64 bit." +message = "Support Sigv4 signature generation on PowerPC 32 and 64 bit. This architecture cannot compile `ring`, so the implementation has been updated to rely on `hamc` + `sha2` to achive the same result with broader platform compatibility and higher performance. We also updated the CI which is now running as many tests as possible against i686 and PowerPC 32 and 64 bit." references = ["smithy-rs#1847"] meta = { "breaking" = false, "tada" = false, "bug" = true } author = "crisidev" [[aws-sdk-rust]] -message = "Support Sigv4 signature generation on PowerPC 32 and 64 bit. This architecture cannot compile ring, so the PowerPC implementation uses hmac + sha2 to achive the same result." +message = "Support Sigv4 signature generation on PowerPC 32 and 64 bit. This architecture cannot compile `ring`, so the implementation has been updated to rely on `hamc` + `sha2` to achive the same result with broader platform compatibility and higher performance. We also updated the CI which is now running as many tests as possible against i686 and PowerPC 32 and 64 bit." references = ["smithy-rs#1847"] meta = { "breaking" = true, "tada" = false, "bug" = true } author = "crisidev" From f9e96d492cf9787ae63b5851e1dc4c3edb0445f9 Mon Sep 17 00:00:00 2001 From: Luca Palmieri <20745048+LukeMathWalker@users.noreply.github.com> Date: Tue, 25 Oct 2022 17:54:47 +0200 Subject: [PATCH 28/28] Remove redundant dev dependencies. --- aws/rust-runtime/aws-sigv4/Cargo.toml | 2 -- 1 file changed, 2 deletions(-) diff --git a/aws/rust-runtime/aws-sigv4/Cargo.toml b/aws/rust-runtime/aws-sigv4/Cargo.toml index 336cce5bce..ad1570bb86 100644 --- a/aws/rust-runtime/aws-sigv4/Cargo.toml +++ b/aws/rust-runtime/aws-sigv4/Cargo.toml @@ -31,11 +31,9 @@ sha2 = "0.10" [dev-dependencies] criterion = "0.4" bytes = "1" -hmac = "0.12" httparse = "1.5" pretty_assertions = "1.0" proptest = "1" -sha2 = "0.10" time = { version = "0.3.4", features = ["parsing"] } [target.'cfg(not(any(target_arch = "powerpc", target_arch = "powerpc64")))'.dev-dependencies]