1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
use crate::types::DateExt;
use chrono::{Date, Utc};
use ring::{
digest::{self, Digest},
hmac::{self, Key, Tag},
};
pub fn encode(s: String) -> Vec<u8> {
let calculated = digest::digest(&digest::SHA256, s.as_bytes());
calculated.as_ref().to_vec()
}
pub fn encode_with_hex(s: String) -> String {
let digest: Digest = digest::digest(&digest::SHA256, s.as_bytes());
hex::encode(digest)
}
pub fn encode_bytes_with_hex<B>(bytes: B) -> String
where
B: AsRef<[u8]>,
{
let digest: Digest = digest::digest(&digest::SHA256, bytes.as_ref());
hex::encode(digest)
}
pub fn calculate_signature(signing_key: Tag, string_to_sign: &[u8]) -> String {
let s_key = Key::new(hmac::HMAC_SHA256, signing_key.as_ref());
let tag = hmac::sign(&s_key, string_to_sign);
hex::encode(tag)
}
pub fn generate_signing_key(
secret: &str,
date: Date<Utc>,
region: &str,
service: &str,
) -> hmac::Tag {
let secret = format!("AWS4{}", secret);
let secret = hmac::Key::new(hmac::HMAC_SHA256, &secret.as_bytes());
let tag = hmac::sign(&secret, date.fmt_aws().as_bytes());
let key = hmac::Key::new(hmac::HMAC_SHA256, tag.as_ref());
let tag = hmac::sign(&key, region.as_bytes());
let key = hmac::Key::new(hmac::HMAC_SHA256, tag.as_ref());
let tag = hmac::sign(&key, service.as_bytes());
let key = hmac::Key::new(hmac::HMAC_SHA256, tag.as_ref());
hmac::sign(&key, "aws4_request".as_bytes())
}