add implementation of AWS v4 Signer from aws-signer-v4 and HMAC+SHA256 from CryptoSwift

Author: sebsto

Package.swift

@@ -14,23 +14,30 @@ let package = Package(
     products: [
         // this library exports `AWSLambdaRuntimeCore` and adds Foundation convenience methods
         .library(name: "AWSLambdaRuntime", targets: ["AWSLambdaRuntime"]),
+
         // this has all the main functionality for lambda and it does not link Foundation
         .library(name: "AWSLambdaRuntimeCore", targets: ["AWSLambdaRuntimeCore"]),
+        
         // plugin to create a new Lambda function, based on a template
         .plugin(name: "AWSLambdaInitializer", targets: ["AWSLambdaInitializer"]),
+        
         // plugin to package the lambda, creating an archive that can be uploaded to AWS
         // requires Linux or at least macOS v15
         .plugin(name: "AWSLambdaPackager", targets: ["AWSLambdaPackager"]),
+        
         // plugin to deploy a Lambda function
-        .plugin(name: "AWSLambdadeployer", targets: ["AWSLambdaDeployer"]),
-        .executable(name: "AWSLambdaDeployerHelper", targets: ["AWSLambdaDeployerHelper"]),
+        .plugin(name: "AWSLambdaDeployer", targets: ["AWSLambdaDeployer"]),
+        
+        // an executable that implements the business logic for the plugins
+        .executable(name: "AWSLambdaPluginHelper", targets: ["AWSLambdaPluginHelper"]),
+        
         // for testing only
         .library(name: "AWSLambdaTesting", targets: ["AWSLambdaTesting"]),
     ],
     dependencies: [
         .package(url: "https://github.com/apple/swift-nio.git", from: "2.76.0"),
         .package(url: "https://github.com/apple/swift-log.git", from: "1.5.4"),
-        .package(url: "https://github.com/apple/swift-crypto.git", from: "3.9.1"),
+        // .package(url: "https://github.com/apple/swift-crypto.git", from: "3.9.1"),
     ],
     targets: [
         .target(
@@ -96,15 +103,14 @@ let package = Package(
                 ]
             ),
             dependencies: [
-                .target(name: "AWSLambdaDeployerHelper")
+                .target(name: "AWSLambdaPluginHelper")
             ]
         ),
         .executableTarget(
-            name: "AWSLambdaDeployerHelper",
+            name: "AWSLambdaPluginHelper",
             dependencies: [
                 .product(name: "NIOHTTP1", package: "swift-nio"),
                 .product(name: "NIOCore", package: "swift-nio"),
-                .product(name: "Crypto", package: "swift-crypto"),
             ],
             swiftSettings: [.swiftLanguageMode(.v6)]
         ),
@@ -148,5 +154,12 @@ let package = Package(
             ],
             swiftSettings: [.swiftLanguageMode(.v5)]
         ),
+        .testTarget(
+            name: "AWSLambdaPluginHelperTests",
+            dependencies: [
+                .byName(name: "AWSLambdaPluginHelper")
+            ]
+        ),
+
     ]
 )

Sources/AWSLambdaPluginHelper/Extensions.swift

@@ -0,0 +1,48 @@
+//===----------------------------------------------------------------------===//
+//
+// This source file is part of the SwiftAWSLambdaRuntime open source project
+//
+// Copyright (c) 2024 Apple Inc. and the SwiftAWSLambdaRuntime project authors
+// Licensed under Apache License v2.0
+//
+// See LICENSE.txt for license information
+// See CONTRIBUTORS.txt for the list of SwiftAWSLambdaRuntime project authors
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+//===----------------------------------------------------------------------===//
+
+#if canImport(FoundationEssentials)
+import FoundationEssentials
+#else
+import Foundation
+#endif
+
+// extension Array where Element == UInt8 {
+//     public var base64: String {
+//         Data(self).base64EncodedString()
+//     }
+// }
+
+extension Data {
+    var bytes: [UInt8] {
+        return [UInt8](self)
+    }
+}
+
+extension String {
+    public var array: [UInt8] {
+        Array(self.utf8)
+    }
+}
+
+extension HMAC {
+    public static func authenticate(for data: [UInt8], using key: [UInt8], variant: HMAC.Variant = .sha2(.sha256)) throws -> [UInt8] {
+        let authenticator = HMAC(key: key, variant: variant)
+        return try authenticator.authenticate(data)
+    }
+    public static func authenticate(for data: Data, using key: [UInt8], variant: HMAC.Variant = .sha2(.sha256)) throws -> [UInt8] {
+        let authenticator = HMAC(key: key, variant: variant)
+        return try authenticator.authenticate(data.bytes)
+    }
+}

Sources/AWSLambdaPluginHelper/Vendored/crypto/Array+Extensions.swift

@@ -0,0 +1,155 @@
+//
+//  CryptoSwift
+//
+//  Copyright (C) 2014-2022 Marcin Krzyżanowski <[email protected]>
+//  This software is provided 'as-is', without any express or implied warranty.
+//
+//  In no event will the authors be held liable for any damages arising from the use of this software.
+//
+//  Permission is granted to anyone to use this software for any purpose,including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:
+//
+//  - The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation is required.
+//  - Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.
+//  - This notice may not be removed or altered from any source or binary distribution.
+//
+
+extension Array {
+  @inlinable
+  init(reserveCapacity: Int) {
+    self = Array<Element>()
+    self.reserveCapacity(reserveCapacity)
+  }
+
+  @inlinable
+  var slice: ArraySlice<Element> {
+    self[self.startIndex ..< self.endIndex]
+  }
+  
+  @inlinable
+  subscript (safe index: Index) -> Element? {
+    return indices.contains(index) ? self[index] : nil
+  }
+}
+
+extension Array where Element == UInt8 {
+  public init(hex: String) {
+    self.init(reserveCapacity: hex.unicodeScalars.lazy.underestimatedCount)
+    var buffer: UInt8?
+    var skip = hex.hasPrefix("0x") ? 2 : 0
+    for char in hex.unicodeScalars.lazy {
+      guard skip == 0 else {
+        skip -= 1
+        continue
+      }
+      guard char.value >= 48 && char.value <= 102 else {
+        removeAll()
+        return
+      }
+      let v: UInt8
+      let c: UInt8 = UInt8(char.value)
+      switch c {
+        case let c where c <= 57:
+          v = c - 48
+        case let c where c >= 65 && c <= 70:
+          v = c - 55
+        case let c where c >= 97:
+          v = c - 87
+        default:
+          removeAll()
+          return
+      }
+      if let b = buffer {
+        append(b << 4 | v)
+        buffer = nil
+      } else {
+        buffer = v
+      }
+    }
+    if let b = buffer {
+      append(b)
+    }
+  }
+
+  public func toHexString() -> String {
+    `lazy`.reduce(into: "") {
+      var s = String($1, radix: 16)
+      if s.count == 1 {
+        s = "0" + s
+      }
+      $0 += s
+    }
+  }
+}
+
+extension Array where Element == UInt8 {
+  /// split in chunks with given chunk size
+  @available(*, deprecated)
+  public func chunks(size chunksize: Int) -> Array<Array<Element>> {
+    var words = Array<Array<Element>>()
+    words.reserveCapacity(count / chunksize)
+    for idx in stride(from: chunksize, through: count, by: chunksize) {
+      words.append(Array(self[idx - chunksize ..< idx])) // slow for large table
+    }
+    let remainder = suffix(count % chunksize)
+    if !remainder.isEmpty {
+      words.append(Array(remainder))
+    }
+    return words
+  }
+
+  // public func md5() -> [Element] {
+  //   Digest.md5(self)
+  // }
+
+  // public func sha1() -> [Element] {
+  //   Digest.sha1(self)
+  // }
+
+  // public func sha224() -> [Element] {
+  //   Digest.sha224(self)
+  // }
+
+  public func sha256() -> [Element] {
+    Digest.sha256(self)
+  }
+
+  public func sha384() -> [Element] {
+    Digest.sha384(self)
+  }
+
+  public func sha512() -> [Element] {
+    Digest.sha512(self)
+  }
+
+  public func sha2(_ variant: SHA2.Variant) -> [Element] {
+    Digest.sha2(self, variant: variant)
+  }
+
+  public func sha3(_ variant: SHA3.Variant) -> [Element] {
+    Digest.sha3(self, variant: variant)
+  }
+
+  // public func crc32(seed: UInt32? = nil, reflect: Bool = true) -> UInt32 {
+  //   Checksum.crc32(self, seed: seed, reflect: reflect)
+  // }
+
+  // public func crc32c(seed: UInt32? = nil, reflect: Bool = true) -> UInt32 {
+  //   Checksum.crc32c(self, seed: seed, reflect: reflect)
+  // }
+
+  // public func crc16(seed: UInt16? = nil) -> UInt16 {
+  //   Checksum.crc16(self, seed: seed)
+  // }
+
+  // public func encrypt(cipher: Cipher) throws -> [Element] {
+  //   try cipher.encrypt(self.slice)
+  // }
+
+  // public func decrypt(cipher: Cipher) throws -> [Element] {
+  //   try cipher.decrypt(self.slice)
+  // }
+
+  public func authenticate<A: Authenticator>(with authenticator: A) throws -> [Element] {
+    try authenticator.authenticate(self)
+  }
+}

Sources/AWSLambdaPluginHelper/Vendored/crypto/Authenticator.swift

@@ -0,0 +1,20 @@
+//
+//  CryptoSwift
+//
+//  Copyright (C) 2014-2022 Marcin Krzyżanowski <[email protected]>
+//  This software is provided 'as-is', without any express or implied warranty.
+//
+//  In no event will the authors be held liable for any damages arising from the use of this software.
+//
+//  Permission is granted to anyone to use this software for any purpose,including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:
+//
+//  - The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation is required.
+//  - Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.
+//  - This notice may not be removed or altered from any source or binary distribution.
+//
+
+/// Message authentication code.
+public protocol Authenticator {
+  /// Calculate Message Authentication Code (MAC) for message.
+  func authenticate(_ bytes: Array<UInt8>) throws -> Array<UInt8>
+}

Sources/AWSLambdaPluginHelper/Vendored/crypto/BatchedCollections.swift

@@ -0,0 +1,81 @@
+//
+//  CryptoSwift
+//
+//  Copyright (C) 2014-2022 Marcin Krzyżanowski <[email protected]>
+//  This software is provided 'as-is', without any express or implied warranty.
+//
+//  In no event will the authors be held liable for any damages arising from the use of this software.
+//
+//  Permission is granted to anyone to use this software for any purpose,including commercial applications, and to alter it and redistribute it freely, subject to the following restrictions:
+//
+//  - The origin of this software must not be misrepresented; you must not claim that you wrote the original software. If you use this software in a product, an acknowledgment in the product documentation is required.
+//  - Altered source versions must be plainly marked as such, and must not be misrepresented as being the original software.
+//  - This notice may not be removed or altered from any source or binary distribution.
+//
+
+@usableFromInline
+struct BatchedCollectionIndex<Base: Collection> {
+  let range: Range<Base.Index>
+}
+
+extension BatchedCollectionIndex: Comparable {
+  @usableFromInline
+  static func == <BaseCollection>(lhs: BatchedCollectionIndex<BaseCollection>, rhs: BatchedCollectionIndex<BaseCollection>) -> Bool {
+    lhs.range.lowerBound == rhs.range.lowerBound
+  }
+
+  @usableFromInline
+  static func < <BaseCollection>(lhs: BatchedCollectionIndex<BaseCollection>, rhs: BatchedCollectionIndex<BaseCollection>) -> Bool {
+    lhs.range.lowerBound < rhs.range.lowerBound
+  }
+}
+
+protocol BatchedCollectionType: Collection {
+  associatedtype Base: Collection
+}
+
+@usableFromInline
+struct BatchedCollection<Base: Collection>: Collection {
+  let base: Base
+  let size: Int
+
+  @usableFromInline
+  init(base: Base, size: Int) {
+    self.base = base
+    self.size = size
+  }
+
+  @usableFromInline
+  typealias Index = BatchedCollectionIndex<Base>
+
+  private func nextBreak(after idx: Base.Index) -> Base.Index {
+    self.base.index(idx, offsetBy: self.size, limitedBy: self.base.endIndex) ?? self.base.endIndex
+  }
+
+  @usableFromInline
+  var startIndex: Index {
+    Index(range: self.base.startIndex..<self.nextBreak(after: self.base.startIndex))
+  }
+
+  @usableFromInline
+  var endIndex: Index {
+    Index(range: self.base.endIndex..<self.base.endIndex)
+  }
+
+  @usableFromInline
+  func index(after idx: Index) -> Index {
+    Index(range: idx.range.upperBound..<self.nextBreak(after: idx.range.upperBound))
+  }
+
+  @usableFromInline
+  subscript(idx: Index) -> Base.SubSequence {
+    self.base[idx.range]
+  }
+}
+
+extension Collection {
+  @inlinable
+  func batched(by size: Int) -> BatchedCollection<Self> {
+    BatchedCollection(base: self, size: size)
+  }
+}