chore(mpl;Rust): bump mpl to include rust input validation, aes-192 tests (#722)

Author: RitvikKapila

AwsEncryptionSDK/runtimes/rust/.gitignore

@@ -30,6 +30,7 @@ src/storm_tracker.rs
 src/time.rs
 src/types/
 src/uuid.rs
+src/validation.rs
 standard_library_conversions.rs
 standard_library_externs.rs
 target

AwsEncryptionSDK/runtimes/rust/CHANGELOG.md

@@ -1,2 +1,15 @@
 # Changelog
 
+All notable changes to this project will be documented in this file.
+
+## 0.2.0 (2024-12-18)
+
+### Fixes
+- Support input validation
+
+### Maintenance
+- Add version branch key example
+
+## 0.1.0 (2024-12-09)
+
+Initial launch of the AWS Encryption SDK for Rust.

AwsEncryptionSDK/runtimes/rust/Cargo.toml

@@ -2,7 +2,7 @@
 name = "aws-esdk"
 version = "0.1.0"
 edition = "2021"
-rust-version = "1.80.0"
+rust-version = "1.81.0"
 keywords = ["cryptography", "security", "dynamodb", "encryption", "client-side"]
 license = "ISC AND (Apache-2.0 OR ISC)"
 description = "aws-esdk is a library for implementing client side encryption."
@@ -16,14 +16,15 @@ readme = "README.md"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-aws-config = "1.5.10"
-aws-lc-rs = "1.11.1"
-aws-lc-sys = "0.23.1"
+aws-config = "1.5.11"
+aws-lc-rs = "1.12.0"
+aws-lc-sys = "0.24.0"
 aws-sdk-dynamodb = "1.55.0"
 aws-sdk-kms = "1.51.0"
 aws-smithy-runtime-api = {version = "1.7.3", features = ["client"] }
-aws-smithy-types = "1.2.9"
-chrono = "0.4.38"
+aws-smithy-types = "1.2.10"
+chrono = "0.4.39"
+cpu-time = "1.0.0"
 dafny-runtime = "0.1.1"
 dashmap = "6.1.0"
 pem = "3.0.4"

AwsEncryptionSDK/runtimes/rust/README.md

@@ -1,63 +1,25 @@
 # AWS Encryption SDK for Rust
 
-AWS Encryption SDK for Rust
+[![build status](https://github.com/aws/aws-encryption-sdk-dafny/actions/workflows/daily_ci.yml/badge.svg?branch=mainline)](https://github.com/aws/aws-encryption-sdk-dafny/actions/workflows/daily_ci.yml)
+[![crates.io](https://img.shields.io/crates/v/aws-esdk.svg)](https://crates.io/crates/aws-esdk)
+[![docs](https://docs.rs/aws-esdk/badge.svg)](https://docs.rs/aws-esdk)
+[![rustc](https://img.shields.io/badge/rust-1.81%2B-orange.svg)](https://img.shields.io/badge/rust-1.81%2B-orange.svg)
 
-## Using the AWS Encryption SDK for Rust
+This is the official [AWS Encryption SDK for Rust](https://crates.io/crates/aws-esdk).
 
-The AWS Encryption SDK is available on [Crates.io](https://www.crates.io/).
+## [CHANGELOG](https://github.com/aws/aws-encryption-sdk-dafny/blob/mainline/AwsEncryptionSDK/runtimes/rust/CHANGELOG.md)
 
-For more details about the design and architecture of the AWS Encryption SDK, see the [AWS Encryption SDK Developer Guide](https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/introduction.html).
-
-## Building the AWS Encryption SDK for Rust
-
-To build, the AWS Encryption SDK requires the most up to date version of [Dafny](https://github.com/dafny-lang/dafny) on your PATH.
-
-You will also need to ensure that you fetch all submodules using either `git clone --recursive ...` when cloning the repository or `git submodule update --init` on an existing clone.
-
-To setup your project to use the AWS Encryption SDK in Rust, run:
-
-```
-cd AwsEncryptionSDK
-# Polymorph smithy to Rust
-make polymorph_rust
-# Transpile Dafny to Rust
-make transpile_rust
-```
-
-### (Optional) Set up the AWS Encryption SDK to work with AWS KMS
-
-If you set up the AWS Encryption SDK to use the AWS KMS Keyring,
-the AWS Encryption SDK will make calls to AWS KMS on your behalf,
-using the appropriate AWS SDK.
+## Overview
 
-However, you must first set up AWS credentials for use with the AWS SDK.
+The AWS Encryption SDK enables secure client-side encryption. It uses cryptography best practices to protect your data and protect the encryption keys that protect your data. Each data object is protected with a unique data encryption key, and the data encryption key is protected with a key encryption key called a wrapping key. The encryption method returns a single, portable [encrypted message](https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/message-format.html) that contains the encrypted data and the encrypted data key, so you don't need to keep track of the data encryption keys for your data. You can use KMS keys in [AWS Key Management Service](https://aws.amazon.com/kms/) (AWS KMS) as wrapping keys. The AWS Encryption SDK also provides APIs to define and use encryption keys from other key providers.
 
-## Testing the AWS Encryption SDK for Rust
-
-### Configure AWS credentials
-
-To run the test suite you must first set up AWS credentials for use with the AWS SDK.
-This is required in order to run the integration tests, which use a KMS Keyring against a publicly accessible KMS CMK.
-
-### Run the tests
-
-Run the test suite with:
-
-```
-cd AwsEncryptionSDK
-make test_rust
-```
-
-Run tests on examples, to ensure they are up to date:
+For more details about the design and architecture of the AWS Encryption SDK, see the [AWS Encryption SDK Developer Guide](https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/introduction.html).
 
-```
-cd AwsEncryptionSDK/runtimes/rust/
-cargo test --examples
-```
+## Examples for AWS Encryption SDK in Rust
 
-Please look at the Examples on how to use the Encryption SDK in Rust [here](examples).
+Please look at the Examples on how to use the Encryption SDK in Rust [here](https://github.com/aws/aws-encryption-sdk-dafny/tree/mainline/AwsEncryptionSDK/runtimes/rust/examples).
 
-Please note that tests and test vectors require internet access and valid AWS credentials, since calls to KMS are made as part of the test workflow.
+Please note that some examples MAY require internet access and valid AWS credentials, since calls to KMS are made.
 
 ## License
 

AwsEncryptionSDK/runtimes/rust/src/README.md

@@ -0,0 +1,48 @@
+## Building the AWS Encryption SDK for Rust from source
+
+To build, the AWS Encryption SDK requires the most up to date version of [Dafny](https://github.com/dafny-lang/dafny) on your PATH.
+
+You will also need to ensure that you fetch all submodules using either `git clone --recursive ...` when cloning the repository or `git submodule update --init` on an existing clone.
+
+To setup your project to use the AWS Encryption SDK in Rust, run:
+
+```
+cd AwsEncryptionSDK
+# Polymorph smithy to Rust
+make polymorph_rust
+# Transpile Dafny to Rust
+make transpile_rust
+```
+
+### (Optional) Set up the AWS Encryption SDK to work with AWS KMS
+
+If you set up the AWS Encryption SDK to use the AWS KMS Keyring,
+the AWS Encryption SDK will make calls to AWS KMS on your behalf,
+using the appropriate AWS SDK.
+
+However, you must first set up AWS credentials for use with the AWS SDK.
+
+## Testing the AWS Encryption SDK for Rust
+
+### Configure AWS credentials
+
+To run the test suite you must first set up AWS credentials for use with the AWS SDK.
+This is required in order to run the integration tests, which use a KMS Keyring against a publicly accessible KMS CMK.
+
+### Run the tests
+
+Run the test suite with:
+
+```
+cd AwsEncryptionSDK
+make test_rust
+```
+
+Run tests on examples, to ensure they are up to date:
+
+```
+cd AwsEncryptionSDK/runtimes/rust/
+cargo test --examples
+```
+
+Please note that tests and test vectors require internet access and valid AWS credentials, since calls to KMS are made as part of the test workflow.

AwsEncryptionSDK/runtimes/rust/src/lib.rs

@@ -14,6 +14,7 @@ pub mod error;
 /// All operations that this crate can perform.
 pub mod operation;
 pub mod types;
+pub mod validation;
 
 #[cfg(feature = "wrapped-client")]
 pub mod wrapped;

AwsEncryptionSDK/runtimes/rust/start_release.sh

@@ -40,7 +40,7 @@ cp -r . ../../../releases/rust/esdk
 cd ../../../releases/rust/esdk
 
 # Remove unnecessary files and directories
-rm -rf *~ copy_externs.sh start_release.sh test_published.sh test_examples *.pem RELEASE.md CHANGELOG.md
+rm -rf *~ copy_externs.sh start_release.sh test_published.sh test_examples *.pem RELEASE.md CHANGELOG.md src/README.md
 
 # Create .gitignore file with specified entries
 echo Cargo.lock > .gitignore

AwsEncryptionSDK/runtimes/rust/test_examples/Cargo.toml

@@ -1,19 +1,19 @@
 [package]
 name = "aws-esdk-examples"
 edition = "2021"
-rust-version = "1.80.0"
+rust-version = "1.81.0"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-aws-config = "1.5.10"
-aws-lc-rs = "1.11.1"
-aws-lc-sys = "0.23.1"
+aws-config = "1.5.11"
+aws-lc-rs = "1.12.0"
+aws-lc-sys = "0.24.0"
 aws-sdk-dynamodb = "1.55.0"
 aws-sdk-kms = "1.51.0"
 aws-smithy-runtime-api = {version = "1.7.3", features = ["client"] }
-aws-smithy-types = "1.2.9"
-chrono = "0.4.38"
+aws-smithy-types = "1.2.10"
+chrono = "0.4.39"
 dafny-runtime = "0.1.1"
 dashmap = "6.1.0"
 pem = "3.0.4"

TestVectors/runtimes/rust/.gitignore

@@ -34,4 +34,5 @@ src/types/
 src/uuid.rs
 src/wrapped.rs
 src/wrapped/
+src/validation.rs
 target

TestVectors/runtimes/rust/Cargo.toml

@@ -2,7 +2,7 @@
 name = "aws-esdk-test-vectors"
 version = "0.1.0"
 edition = "2021"
-rust-version = "1.80.0"
+rust-version = "1.81.0"
 description = "aws-esdk-test-vectors is a library for testing aws-esdk."
 authors = ["AWS-CryptoTools"]
 autoexamples = false
@@ -14,20 +14,21 @@ readme = "README.md"
 wrapped-client = []
 
 [dependencies]
-aws-config = "1.5.6"
-aws-lc-rs = "1.11.1"
-aws-lc-sys = "0.23.1"
-aws-sdk-dynamodb = "1.55.0"
-aws-sdk-kms = "1.51.0"
-aws-smithy-runtime-api = {version = "1.7.2", features = ["client"] }
-aws-smithy-types = "1.2.6"
-chrono = "0.4.38"
+aws-config = "1.5.11"
+aws-lc-rs = "1.12.0"
+aws-lc-sys = "0.24.0"
+aws-sdk-dynamodb = "1.56.0"
+aws-sdk-kms = "1.52.0"
+aws-smithy-runtime-api = {version = "1.7.3", features = ["client"] }
+aws-smithy-types = "1.2.10"
+chrono = "0.4.39"
+cpu-time = "1.0.0"
 dafny-runtime = "0.1.1"
 dashmap = "6.1.0"
 pem = "3.0.4"
 rand = "0.8.5"
 tokio = {version = "1.42.0", features = ["full"] }
-uuid = { version = "1.10.0", features = ["v4"] }
+uuid = { version = "1.11.0", features = ["v4"] }
 
 [dev-dependencies]
 aws-esdk-test-vectors = { path = ".", features = ["wrapped-client"] }