diff options
Diffstat (limited to 'vendor/aws/aws-crt-php/ext/signing.c')
-rw-r--r-- | vendor/aws/aws-crt-php/ext/signing.c | 374 |
1 files changed, 374 insertions, 0 deletions
diff --git a/vendor/aws/aws-crt-php/ext/signing.c b/vendor/aws/aws-crt-php/ext/signing.c new file mode 100644 index 0000000..69da25a --- /dev/null +++ b/vendor/aws/aws-crt-php/ext/signing.c @@ -0,0 +1,374 @@ +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ + +#include "php_aws_crt.h" + +PHP_FUNCTION(aws_crt_signing_config_aws_new) { + if (zend_parse_parameters_none() == FAILURE) { + RETURN_NULL(); + } + + aws_crt_signing_config_aws *signing_config = aws_crt_signing_config_aws_new(); + RETURN_LONG((zend_ulong)signing_config); +} + +PHP_FUNCTION(aws_crt_signing_config_aws_release) { + zend_ulong php_signing_config = 0; + + aws_php_parse_parameters("l", &php_signing_config); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + aws_crt_signing_config_aws_release(signing_config); +} + +PHP_FUNCTION(aws_crt_signing_config_aws_set_algorithm) { + zend_ulong php_signing_config = 0; + zend_ulong php_algorithm = 0; + + aws_php_parse_parameters("ll", &php_signing_config, &php_algorithm); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + aws_crt_signing_algorithm algorithm = php_algorithm; + aws_crt_signing_config_aws_set_algorithm(signing_config, algorithm); +} + +PHP_FUNCTION(aws_crt_signing_config_aws_set_signature_type) { + zend_ulong php_signing_config = 0; + zend_ulong php_signature_type = 0; + + aws_php_parse_parameters("ll", &php_signing_config, &php_signature_type); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + aws_crt_signature_type signature_type = php_signature_type; + aws_crt_signing_config_aws_set_signature_type(signing_config, signature_type); +} + +PHP_FUNCTION(aws_crt_signing_config_aws_set_credentials_provider) { + zend_ulong php_signing_config = 0; + zend_ulong php_credentials_provider = 0; + + aws_php_parse_parameters("ll", &php_signing_config, &php_credentials_provider); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + aws_crt_credentials_provider *credentials_provider = (void *)php_credentials_provider; + aws_crt_signing_config_aws_set_credentials_provider(signing_config, credentials_provider); +} + +PHP_FUNCTION(aws_crt_signing_config_aws_set_region) { + zend_ulong php_signing_config = 0; + const char *region = NULL; + size_t region_len = 0; + + aws_php_parse_parameters("ls", &php_signing_config, ®ion, ®ion_len); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + aws_crt_signing_config_aws_set_region(signing_config, (uint8_t *)region, region_len); +} + +PHP_FUNCTION(aws_crt_signing_config_aws_set_service) { + zend_ulong php_signing_config = 0; + const char *service = NULL; + size_t service_len = 0; + + aws_php_parse_parameters("ls", &php_signing_config, &service, &service_len); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + aws_crt_signing_config_aws_set_service(signing_config, (uint8_t *)service, service_len); +} + +PHP_FUNCTION(aws_crt_signing_config_aws_set_use_double_uri_encode) { + zend_ulong php_signing_config = 0; + zend_bool php_use_double_uri_encode = 0; + + aws_php_parse_parameters("lb", &php_signing_config, &php_use_double_uri_encode); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + aws_crt_signing_config_aws_set_use_double_uri_encode(signing_config, php_use_double_uri_encode); +} + +PHP_FUNCTION(aws_crt_signing_config_aws_set_should_normalize_uri_path) { + zend_ulong php_signing_config = 0; + zend_bool php_should_normalize_uri_path = 0; + + aws_php_parse_parameters("lb", &php_signing_config, &php_should_normalize_uri_path); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + aws_crt_signing_config_aws_set_should_normalize_uri_path(signing_config, php_should_normalize_uri_path); +} + +PHP_FUNCTION(aws_crt_signing_config_aws_set_omit_session_token) { + zend_ulong php_signing_config = 0; + zend_bool php_omit_session_token = 0; + + aws_php_parse_parameters("lb", &php_signing_config, &php_omit_session_token); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + aws_crt_signing_config_aws_set_omit_session_token(signing_config, php_omit_session_token); +} + +PHP_FUNCTION(aws_crt_signing_config_aws_set_signed_body_value) { + zend_ulong php_signing_config = 0; + const char *signed_body_value = NULL; + size_t signed_body_value_len = 0; + + aws_php_parse_parameters("ls", &php_signing_config, &signed_body_value, &signed_body_value_len); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + aws_crt_signing_config_aws_set_signed_body_value( + signing_config, (uint8_t *)signed_body_value, signed_body_value_len); +} + +PHP_FUNCTION(aws_crt_signing_config_aws_set_signed_body_header_type) { + zend_ulong php_signing_config = 0; + zend_ulong php_signed_body_header_type = 0; + + aws_php_parse_parameters("ll", &php_signing_config, &php_signed_body_header_type); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + aws_crt_signed_body_header_type signed_body_header_type = php_signed_body_header_type; + aws_crt_signing_config_aws_set_signed_body_header_type(signing_config, signed_body_header_type); +} + +PHP_FUNCTION(aws_crt_signing_config_aws_set_expiration_in_seconds) { + zend_ulong php_signing_config = 0; + zend_ulong php_expiration_in_seconds = 0; + + aws_php_parse_parameters("ll", &php_signing_config, &php_expiration_in_seconds); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + aws_crt_signing_config_aws_set_expiration_in_seconds(signing_config, php_expiration_in_seconds); +} + +PHP_FUNCTION(aws_crt_signing_config_aws_set_date) { + zend_ulong php_signing_config = 0; + zend_ulong php_timestamp = 0; + + aws_php_parse_parameters("ll", &php_signing_config, &php_timestamp); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + aws_crt_signing_config_aws_set_date(signing_config, php_timestamp); +} + +typedef struct _should_sign_header_data { + zval *should_sign_header; + zval *header_name; + bool result; +} should_sign_header_data; + +static void should_sign_header_task(void *data) { + should_sign_header_data *task = data; + zval result = aws_php_invoke_callback(task->should_sign_header, "z", task->header_name); + task->result = aws_php_zval_as_bool(&result); + zval_dtor(&result); +} + +static bool aws_php_should_sign_header(const char *header_name, size_t header_length, void *user_data) { + zval php_header_name; + aws_php_zval_stringl(&php_header_name, header_name, header_length); + + should_sign_header_data task_data = { + .should_sign_header = user_data, + .header_name = &php_header_name, + .result = false, + }; + + aws_php_task task = { + .callback = should_sign_header_task, + .data = &task_data, + }; + + aws_php_thread_queue_push(&s_aws_php_main_thread_queue, task); + aws_php_thread_queue_yield(&s_aws_php_main_thread_queue); + + zval_dtor(&php_header_name); + + return task_data.result; +} + +PHP_FUNCTION(aws_crt_signing_config_aws_set_should_sign_header_fn) { + zend_ulong php_signing_config = 0; + zval *php_should_sign_header = NULL; + + aws_php_parse_parameters("lz", &php_signing_config, &php_should_sign_header); + + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + + /* copy/retain PHP callback, add as user data for signing_config resource */ + zval *should_sign_header = aws_php_zval_new(); + aws_php_zval_copy(should_sign_header, php_should_sign_header); + aws_crt_resource_set_user_data(signing_config, should_sign_header, aws_php_zval_dtor); + + aws_crt_signing_config_aws_set_should_sign_header_fn( + signing_config, aws_php_should_sign_header, should_sign_header); +} + +PHP_FUNCTION(aws_crt_signable_new_from_http_request) { + zend_ulong php_http_message = 0; + + aws_php_parse_parameters("l", &php_http_message); + + const aws_crt_http_message *http_message = (void *)php_http_message; + aws_crt_signable *signable = aws_crt_signable_new_from_http_request(http_message); + RETURN_LONG((zend_ulong)signable); +} + +PHP_FUNCTION(aws_crt_signable_new_from_chunk) { + zend_ulong php_input_stream = 0; + const char *previous_signature = NULL; + size_t previous_signature_len = 0; + + aws_php_parse_parameters("ls", &php_input_stream, &previous_signature, &previous_signature_len); + + aws_crt_input_stream *input_stream = (void *)php_input_stream; + aws_crt_signable *signable = + aws_crt_signable_new_from_chunk(input_stream, (uint8_t *)previous_signature, previous_signature_len); + RETURN_LONG((zend_ulong)signable); +} + +PHP_FUNCTION(aws_crt_signable_new_from_canonical_request) { + const char *canonical_request = NULL; + size_t canonical_request_len = 0; + + aws_crt_signable *signable = + aws_crt_signable_new_from_canonical_request((uint8_t *)canonical_request, canonical_request_len); + RETURN_LONG((zend_ulong)signable); +} + +PHP_FUNCTION(aws_crt_signable_release) { + zend_ulong php_signable = 0; + + aws_php_parse_parameters("l", &php_signable); + + aws_crt_signable *signable = (void *)php_signable; + aws_crt_signable_release(signable); +} + +PHP_FUNCTION(aws_crt_signing_result_release) { + zend_ulong php_signing_result = 0; + + aws_php_parse_parameters("l", &php_signing_result); + aws_crt_signing_result *result = (void *)php_signing_result; + aws_crt_signing_result_release(result); +} + +PHP_FUNCTION(aws_crt_signing_result_apply_to_http_request) { + zend_ulong php_signing_result = 0; + zend_ulong php_http_request = 0; + + aws_php_parse_parameters("ll", &php_signing_result, &php_http_request); + aws_crt_signing_result *result = (void *)php_signing_result; + aws_crt_http_message *request = (void *)php_http_request; + + if (aws_crt_signing_result_apply_to_http_request(result, request)) { + aws_php_throw_exception( + "Failed to apply signing result to HTTP request: %s", aws_crt_error_name(aws_crt_last_error())); + } +} + +typedef struct _signing_state { + struct aws_promise *promise; + zval *on_complete; + aws_crt_signing_result *signing_result; + int error_code; +} signing_state; + +/* called on main thread to deliver result to php */ +static void s_sign_aws_complete(void *data) { + signing_state *state = data; + zval *on_complete = state->on_complete; + aws_php_invoke_callback(on_complete, "ll", (zend_ulong)state->signing_result, (zend_ulong)state->error_code); +} + +/* called from signing process in aws_sign_request_aws */ +static void s_on_sign_request_aws_complete(aws_crt_signing_result *result, int error_code, void *user_data) { + signing_state *state = user_data; + struct aws_promise *promise = state->promise; + + state->signing_result = result; + state->error_code = error_code; + + /* + * Must execute PHP callback before this function returns, or signing_result will be killed + * so the callback is queued back to the main thread and will have run when yield returns + */ + aws_php_task complete_callback_task = { + .callback = s_sign_aws_complete, + .data = state, + }; + aws_php_thread_queue_push(&s_aws_php_main_thread_queue, complete_callback_task); + aws_php_thread_queue_yield(&s_aws_php_main_thread_queue); + + if (error_code) { + aws_promise_fail(promise, error_code); + } else { + aws_promise_complete(promise, result, NULL); + } +} + +PHP_FUNCTION(aws_crt_sign_request_aws) { + zend_ulong php_signable = 0; + zend_ulong php_signing_config = 0; + zval *php_on_complete = 0; + zend_ulong php_user_data = 0; + + aws_php_parse_parameters("llzl", &php_signable, &php_signing_config, &php_on_complete, &php_user_data); + + aws_crt_signable *signable = (void *)php_signable; + aws_crt_signing_config_aws *signing_config = (void *)php_signing_config; + + struct aws_promise *promise = aws_promise_new(aws_crt_default_allocator()); + signing_state state = { + .promise = promise, + .on_complete = php_on_complete, + }; + int ret = aws_crt_sign_request_aws(signable, signing_config, s_on_sign_request_aws_complete, &state); + if (ret != 0) { + int last_error = aws_crt_last_error(); + aws_promise_fail(promise, last_error); + aws_php_throw_exception( + "aws_crt_sign_request_aws: error starting signing process: %s", aws_crt_error_name(last_error)); + } + + aws_php_thread_queue_wait(&s_aws_php_main_thread_queue, promise); + +done: + aws_promise_release(promise); + RETURN_LONG(ret); +} + +PHP_FUNCTION(aws_crt_test_verify_sigv4a_signing) { + zend_ulong php_signable = 0; + zend_ulong php_signing_config = 0; + const char *expected_canonical_request = NULL; + size_t expected_canonical_request_len = 0; + const char *signature = NULL; + size_t signature_len = 0; + const char *ecc_key_pub_x = NULL; + size_t ecc_key_pub_x_len = 0; + const char *ecc_key_pub_y = NULL; + size_t ecc_key_pub_y_len = 0; + + aws_php_parse_parameters( + "llssss", + &php_signable, + &php_signing_config, + &expected_canonical_request, + &expected_canonical_request_len, + &signature, + &signature_len, + &ecc_key_pub_x, + &ecc_key_pub_x_len, + &ecc_key_pub_y, + &ecc_key_pub_y_len); + + const aws_crt_signable *signable = (void *)php_signable; + const aws_crt_signing_config *signing_config = (void *)php_signing_config; + + bool result = AWS_OP_SUCCESS == + aws_crt_test_verify_sigv4a_signing( + signable, signing_config, expected_canonical_request, signature, ecc_key_pub_x, ecc_key_pub_y); + + RETURN_BOOL(result); +} |