Add support for aws-lc-rs

Cargo.toml

@@ -46,6 +46,7 @@ url = "2.2"
 walkdir = { version = "2", optional = true }
 
 # Cloud storage support
+aws-lc-rs = { version = "1.15", default-features = false, features = ["non-fips", "ring-io"], optional = true }
 base64 = { version = "0.22", default-features = false, features = ["std"], optional = true }
 form_urlencoded = { version = "1.2", optional = true }
 http-body-util = { version = "0.1.2", optional = true }
@@ -54,7 +55,7 @@ hyper = { version = "1.2", default-features = false, optional = true }
 md-5 = { version = "0.10.6", default-features = false, optional = true }
 quick-xml = { version = "0.38.0", features = ["serialize", "overlapped-lists"], optional = true }
 rand = { version = "0.9", default-features = false, features = ["std", "std_rng", "thread_rng"], optional = true }
-reqwest = { version = "0.12", default-features = false, features = ["rustls-tls-native-roots", "http2"], optional = true }
+reqwest = { version = "0.12", default-features = false, features = ["http2", "rustls-tls-webpki-roots-no-provider"], optional = true }
 ring = { version = "0.17", default-features = false, features = ["std"], optional = true }
 rustls-pki-types = { version = "1.9", default-features = false, features = ["std"], optional = true }
 serde = { version = "1.0", default-features = false, features = ["derive"], optional = true }
@@ -71,14 +72,20 @@ wasm-bindgen-futures = "0.4.18"
 
 [features]
 default = ["fs"]
-cloud = ["serde", "serde_json", "quick-xml", "hyper", "reqwest", "reqwest/stream", "chrono/serde", "base64", "rand", "ring", "http-body-util", "form_urlencoded", "serde_urlencoded"]
-azure = ["cloud", "httparse"]
 fs = ["walkdir"]
-gcp = ["cloud", "rustls-pki-types"]
-aws = ["cloud", "md-5"]
-http = ["cloud"]
+cloud = ["serde", "serde_json", "quick-xml", "hyper", "reqwest", "reqwest/stream", "chrono/serde", "base64", "rand", "http-body-util", "form_urlencoded", "serde_urlencoded"]
+azure = ["cloud", "httparse", "ring"]
+gcp = ["cloud", "rustls-pki-types", "ring"]
+aws = ["cloud", "md-5", "ring"]
+http = ["cloud", "ring"]
+azure-aws-lc = ["cloud", "httparse", "aws-lc"]
+gcp-aws-lc = ["cloud", "rustls-pki-types", "aws-lc"]
+aws-aws-lc = ["cloud", "md-5", "aws-lc"]
+http-aws-lc = ["cloud", "aws-lc"]
 tls-webpki-roots = ["reqwest?/rustls-tls-webpki-roots"]
 integration = ["rand"]
+ring = ["dep:ring"]
+aws-lc = ["dep:aws-lc-rs"]
 
 [dev-dependencies] # In alphabetical order
 hyper = { version = "1.2", features = ["server"] }

src/aws/client.rs

@@ -33,6 +33,7 @@ use crate::client::s3::{
     InitiateMultipartUploadResult, ListResponse, PartMetadata,
 };
 use crate::client::{GetOptionsExt, HttpClient, HttpError, HttpResponse};
+use crate::crypto;
 use crate::list::{PaginatedListOptions, PaginatedListResult};
 use crate::multipart::PartId;
 use crate::{
@@ -43,6 +44,8 @@ use async_trait::async_trait;
 use base64::Engine;
 use base64::prelude::BASE64_STANDARD;
 use bytes::{Buf, Bytes};
+use crypto::digest;
+use crypto::digest::Context;
 use http::header::{
     CACHE_CONTROL, CONTENT_DISPOSITION, CONTENT_ENCODING, CONTENT_LANGUAGE, CONTENT_LENGTH,
     CONTENT_TYPE,
@@ -52,8 +55,6 @@ use itertools::Itertools;
 use md5::{Digest, Md5};
 use percent_encoding::{PercentEncode, utf8_percent_encode};
 use quick_xml::events::{self as xml_events};
-use ring::digest;
-use ring::digest::Context;
 use serde::{Deserialize, Serialize};
 use std::sync::Arc;
 

src/client/builder.rs

@@ -63,7 +63,12 @@ impl HttpRequestBuilder {
         }
     }
 
-    #[cfg(any(feature = "aws", feature = "azure"))]
+    #[cfg(any(
+        feature = "aws",
+        feature = "azure",
+        feature = "aws-aws-lc",
+        feature = "azure-aws-lc"
+    ))]
     pub(crate) fn from_parts(client: HttpClient, request: HttpRequest) -> Self {
         Self {
             client,
@@ -116,7 +121,7 @@ impl HttpRequestBuilder {
         self
     }
 
-    #[cfg(feature = "aws")]
+    #[cfg(any(feature = "aws", feature = "aws-aws-lc"))]
     pub(crate) fn headers(mut self, headers: http::HeaderMap) -> Self {
         use http::header::{Entry, OccupiedEntry};
 
@@ -151,7 +156,7 @@ impl HttpRequestBuilder {
         self
     }
 
-    #[cfg(feature = "gcp")]
+    #[cfg(any(feature = "gcp", feature = "gcp-aws-lc"))]
     pub(crate) fn bearer_auth(mut self, token: &str) -> Self {
         let value = HeaderValue::try_from(format!("Bearer {token}"));
         match (value, &mut self.request) {
@@ -165,7 +170,7 @@ impl HttpRequestBuilder {
         self
     }
 
-    #[cfg(feature = "gcp")]
+    #[cfg(any(feature = "gcp", feature = "gcp-aws-lc"))]
     pub(crate) fn json<S: serde::Serialize>(mut self, s: S) -> Self {
         match (serde_json::to_vec(&s), &mut self.request) {
             (Ok(json), Ok(request)) => {
@@ -177,7 +182,15 @@ impl HttpRequestBuilder {
         self
     }
 
-    #[cfg(any(test, feature = "aws", feature = "gcp", feature = "azure"))]
+    #[cfg(any(
+        test,
+        feature = "aws",
+        feature = "gcp",
+        feature = "azure",
+        feature = "aws-aws-lc",
+        feature = "gcp-aws-lc",
+        feature = "azure-aws-lc"
+    ))]
     pub(crate) fn query<T: serde::Serialize + ?Sized>(mut self, query: &T) -> Self {
         let mut error = None;
         if let Ok(ref mut req) = self.request {
@@ -205,7 +218,12 @@ impl HttpRequestBuilder {
         self
     }
 
-    #[cfg(any(feature = "gcp", feature = "azure"))]
+    #[cfg(any(
+        feature = "gcp",
+        feature = "azure",
+        feature = "gcp-aws-lc",
+        feature = "azure-aws-lc"
+    ))]
     pub(crate) fn form<T: serde::Serialize>(mut self, form: T) -> Self {
         let mut error = None;
         if let Ok(ref mut req) = self.request {
@@ -226,7 +244,14 @@ impl HttpRequestBuilder {
         self
     }
 
-    #[cfg(any(feature = "aws", feature = "gcp", feature = "azure"))]
+    #[cfg(any(
+        feature = "aws",
+        feature = "gcp",
+        feature = "azure",
+        feature = "aws-aws-lc",
+        feature = "gcp-aws-lc",
+        feature = "azure-aws-lc"
+    ))]
     pub(crate) fn body(mut self, b: impl Into<HttpRequestBody>) -> Self {
         if let Ok(r) = &mut self.request {
             *r.body_mut() = b.into();
@@ -239,7 +264,7 @@ impl HttpRequestBuilder {
     }
 }
 
-#[cfg(any(test, feature = "azure"))]
+#[cfg(any(test, feature = "azure", feature = "azure-aws-lc"))]
 pub(crate) fn add_query_pairs<I, K, V>(uri: &mut Uri, query_pairs: I)
 where
     I: IntoIterator,

src/client/header.rs

@@ -71,7 +71,14 @@ pub(crate) enum Error {
 }
 
 /// Extracts a PutResult from the provided [`HeaderMap`]
-#[cfg(any(feature = "aws", feature = "gcp", feature = "azure"))]
+#[cfg(any(
+    feature = "aws",
+    feature = "gcp",
+    feature = "azure",
+    feature = "aws-aws-lc",
+    feature = "gcp-aws-lc",
+    feature = "azure-aws-lc"
+))]
 pub(crate) fn get_put_result(
     headers: &HeaderMap,
     version: &str,
@@ -82,7 +89,14 @@ pub(crate) fn get_put_result(
 }
 
 /// Extracts a optional version from the provided [`HeaderMap`]
-#[cfg(any(feature = "aws", feature = "gcp", feature = "azure"))]
+#[cfg(any(
+    feature = "aws",
+    feature = "gcp",
+    feature = "azure",
+    feature = "aws-aws-lc",
+    feature = "gcp-aws-lc",
+    feature = "azure-aws-lc"
+))]
 pub(crate) fn get_version(headers: &HeaderMap, version: &str) -> Result<Option<String>, Error> {
     Ok(match headers.get(version) {
         Some(x) => Some(

src/client/http/body.rs

@@ -196,7 +196,14 @@ impl HttpResponseBody {
         String::from_utf8(b.into()).map_err(|e| HttpError::new(HttpErrorKind::Decode, e))
     }
 
-    #[cfg(any(feature = "aws", feature = "gcp", feature = "azure"))]
+    #[cfg(any(
+        feature = "aws",
+        feature = "gcp",
+        feature = "azure",
+        feature = "aws-aws-lc",
+        feature = "gcp-aws-lc",
+        feature = "azure-aws-lc"
+    ))]
     pub(crate) async fn json<B: serde::de::DeserializeOwned>(self) -> Result<B, HttpError> {
         let b = self.bytes().await?;
         serde_json::from_slice(&b).map_err(|e| HttpError::new(HttpErrorKind::Decode, e))

src/client/mod.rs

@@ -30,26 +30,59 @@ pub(crate) mod mock_server;
 
 pub(crate) mod retry;
 
-#[cfg(any(feature = "aws", feature = "gcp", feature = "azure"))]
+#[cfg(any(
+    feature = "aws",
+    feature = "gcp",
+    feature = "azure",
+    feature = "aws-aws-lc",
+    feature = "gcp-aws-lc",
+    feature = "azure-aws-lc"
+))]
 pub(crate) mod pagination;
 
 pub(crate) mod get;
 
-#[cfg(any(feature = "aws", feature = "gcp", feature = "azure"))]
+#[cfg(any(
+    feature = "aws",
+    feature = "gcp",
+    feature = "azure",
+    feature = "aws-aws-lc",
+    feature = "gcp-aws-lc",
+    feature = "azure-aws-lc"
+))]
 pub(crate) mod list;
 
-#[cfg(any(feature = "aws", feature = "gcp", feature = "azure"))]
+#[cfg(any(
+    feature = "aws",
+    feature = "gcp",
+    feature = "azure",
+    feature = "aws-aws-lc",
+    feature = "gcp-aws-lc",
+    feature = "azure-aws-lc"
+))]
 pub(crate) mod token;
 
 pub(crate) mod header;
 
-#[cfg(any(feature = "aws", feature = "gcp"))]
+#[cfg(any(
+    feature = "aws",
+    feature = "gcp",
+    feature = "aws-aws-lc",
+    feature = "gcp-aws-lc"
+))]
 pub(crate) mod s3;
 
 pub(crate) mod builder;
 mod http;
 
-#[cfg(any(feature = "aws", feature = "gcp", feature = "azure"))]
+#[cfg(any(
+    feature = "aws",
+    feature = "gcp",
+    feature = "azure",
+    feature = "aws-aws-lc",
+    feature = "gcp-aws-lc",
+    feature = "azure-aws-lc"
+))]
 pub(crate) mod parts;
 pub use http::*;
 
@@ -723,7 +756,14 @@ impl ClientOptions {
     /// In particular:
     /// * Allows HTTP as metadata endpoints do not use TLS
     /// * Configures a low connection timeout to provide quick feedback if not present
-    #[cfg(any(feature = "aws", feature = "gcp", feature = "azure"))]
+    #[cfg(any(
+        feature = "aws",
+        feature = "gcp",
+        feature = "azure",
+        feature = "aws-aws-lc",
+        feature = "gcp-aws-lc",
+        feature = "azure-aws-lc"
+    ))]
     pub(crate) fn metadata_options(&self) -> Self {
         self.clone()
             .with_allow_http(true)
@@ -926,7 +966,14 @@ where
     }
 }
 
-#[cfg(any(feature = "aws", feature = "azure", feature = "gcp"))]
+#[cfg(any(
+    feature = "aws",
+    feature = "azure",
+    feature = "gcp",
+    feature = "aws-aws-lc",
+    feature = "azure-aws-lc",
+    feature = "gcp-aws-lc"
+))]
 mod cloud {
     use super::*;
     use crate::RetryConfig;
@@ -952,7 +999,12 @@ mod cloud {
         }
 
         /// Override the minimum remaining TTL for a cached token to be used
-        #[cfg(any(feature = "aws", feature = "gcp"))]
+        #[cfg(any(
+            feature = "aws",
+            feature = "gcp",
+            feature = "aws-aws-lc",
+            feature = "gcp-aws-lc"
+        ))]
         pub(crate) fn with_min_ttl(mut self, min_ttl: Duration) -> Self {
             self.cache = self.cache.with_min_ttl(min_ttl);
             self
@@ -983,7 +1035,14 @@ mod cloud {
 }
 
 use crate::client::builder::HttpRequestBuilder;
-#[cfg(any(feature = "aws", feature = "azure", feature = "gcp"))]
+#[cfg(any(
+    feature = "aws",
+    feature = "azure",
+    feature = "gcp",
+    feature = "aws-aws-lc",
+    feature = "azure-aws-lc",
+    feature = "gcp-aws-lc"
+))]
 pub(crate) use cloud::*;
 
 #[cfg(test)]

src/client/retry.rs

@@ -277,7 +277,7 @@ impl RetryableRequestBuilder {
     }
 
     /// Set whether this request should be retried on a 409 Conflict response.
-    #[cfg(feature = "aws")]
+    #[cfg(any(feature = "aws", feature = "aws-aws-lc"))]
     pub(crate) fn retry_on_conflict(mut self, retry_on_conflict: bool) -> Self {
         self.request.retry_on_conflict = retry_on_conflict;
         self

src/client/s3.rs

@@ -92,7 +92,7 @@ pub(crate) struct InitiateMultipartUploadResult {
     pub upload_id: String,
 }
 
-#[cfg(feature = "aws")]
+#[cfg(any(feature = "aws", feature = "aws-aws-lc"))]
 #[derive(Debug, Deserialize)]
 #[serde(rename_all = "PascalCase")]
 pub(crate) struct CopyPartResult {

src/client/token.rs

@@ -52,7 +52,12 @@ impl<T> Default for TokenCache<T> {
 
 impl<T: Clone + Send> TokenCache<T> {
     /// Override the minimum remaining TTL for a cached token to be used
-    #[cfg(any(feature = "aws", feature = "gcp"))]
+    #[cfg(any(
+        feature = "aws",
+        feature = "gcp",
+        feature = "aws-aws-lc",
+        feature = "gcp-aws-lc"
+    ))]
     pub(crate) fn with_min_ttl(self, min_ttl: Duration) -> Self {
         Self { min_ttl, ..self }
     }