From e3932e9f03a5e82de32b3a285364af88fedc01e7 Mon Sep 17 00:00:00 2001 From: Andy Jewell Date: Wed, 29 Oct 2025 11:35:54 -0400 Subject: [PATCH 01/13] chore: cpp-v3 test server --- .github/workflows/test.yml | 11 +- test-server/cpp-v2-server/.duvet/config.toml | 11 +- .../.duvet/.gitignore | 3 + .../.duvet/config.toml | 11 +- test-server/cpp-v3-server/.duvet/.gitignore | 3 + test-server/cpp-v3-server/.duvet/config.toml | 27 ++ test-server/cpp-v3-server/CMakeLists.txt | 39 +++ test-server/cpp-v3-server/Makefile | 35 +++ test-server/cpp-v3-server/README.md | 37 +++ test-server/cpp-v3-server/main.cpp | 287 ++++++++++++++++++ .../amazon/encryption/s3/TestUtils.java | 5 +- 11 files changed, 458 insertions(+), 11 deletions(-) create mode 100644 test-server/cpp-v2-transition-server/.duvet/.gitignore create mode 100644 test-server/cpp-v3-server/.duvet/.gitignore create mode 100644 test-server/cpp-v3-server/.duvet/config.toml create mode 100644 test-server/cpp-v3-server/CMakeLists.txt create mode 100644 test-server/cpp-v3-server/Makefile create mode 100644 test-server/cpp-v3-server/README.md create mode 100644 test-server/cpp-v3-server/main.cpp diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8c8a9616..02ef67c1 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -27,7 +27,7 @@ jobs: # ask Ryan to edit this PAT's permissions to add access to a new private repo. token: ${{ secrets.PAT_FOR_PRIVATE_RUBY }} - - name: Checkout CPP code + - name: Checkout CPP code for cpp-v2-transition uses: actions/checkout@v5 with: submodules: recursive @@ -36,6 +36,15 @@ jobs: ref: fire-egg-dev path: test-server/cpp-v2-transition-server/aws-sdk-cpp/ + - name: Checkout CPP code cpp-v3 + uses: actions/checkout@v5 + with: + submodules: recursive + token: ${{ secrets.PAT_FOR_CPP }} + repository: awslabs/aws-sdk-cpp-staging + ref: fire-egg-dev + path: test-server/cpp-v3-server/aws-sdk-cpp/ + - name: Checkout .NET V2 code uses: actions/checkout@v5 with: diff --git a/test-server/cpp-v2-server/.duvet/config.toml b/test-server/cpp-v2-server/.duvet/config.toml index 88bb7213..eaea972c 100644 --- a/test-server/cpp-v2-server/.duvet/config.toml +++ b/test-server/cpp-v2-server/.duvet/config.toml @@ -1,10 +1,8 @@ '$schema' = "https://awslabs.github.io/duvet/config/v0.4.0.json" [[source]] -pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.cpp" - -[[source]] -pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.h" +pattern = "local-ruby-sdk/gems/aws-sdk-s3/lib/**/*.rb" +comment-style = { meta = "##=", content = "##%" } # Include required specifications here [[specification]] @@ -14,7 +12,12 @@ source = "../specification/s3-encryption/data-format/metadata-strategy.md" [[specification]] source = "../specification/s3-encryption/encryption.md" [[specification]] +source = "../specification/s3-encryption/decryption.md" +[[specification]] source = "../specification/s3-encryption/key-derivation.md" +[[specification]] +source = "../specification/s3-encryption/key-commitment.md" + [report.html] enabled = true diff --git a/test-server/cpp-v2-transition-server/.duvet/.gitignore b/test-server/cpp-v2-transition-server/.duvet/.gitignore new file mode 100644 index 00000000..93956e36 --- /dev/null +++ b/test-server/cpp-v2-transition-server/.duvet/.gitignore @@ -0,0 +1,3 @@ +reports/ +requirements/ +specification/ \ No newline at end of file diff --git a/test-server/cpp-v2-transition-server/.duvet/config.toml b/test-server/cpp-v2-transition-server/.duvet/config.toml index 88bb7213..eaea972c 100644 --- a/test-server/cpp-v2-transition-server/.duvet/config.toml +++ b/test-server/cpp-v2-transition-server/.duvet/config.toml @@ -1,10 +1,8 @@ '$schema' = "https://awslabs.github.io/duvet/config/v0.4.0.json" [[source]] -pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.cpp" - -[[source]] -pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.h" +pattern = "local-ruby-sdk/gems/aws-sdk-s3/lib/**/*.rb" +comment-style = { meta = "##=", content = "##%" } # Include required specifications here [[specification]] @@ -14,7 +12,12 @@ source = "../specification/s3-encryption/data-format/metadata-strategy.md" [[specification]] source = "../specification/s3-encryption/encryption.md" [[specification]] +source = "../specification/s3-encryption/decryption.md" +[[specification]] source = "../specification/s3-encryption/key-derivation.md" +[[specification]] +source = "../specification/s3-encryption/key-commitment.md" + [report.html] enabled = true diff --git a/test-server/cpp-v3-server/.duvet/.gitignore b/test-server/cpp-v3-server/.duvet/.gitignore new file mode 100644 index 00000000..93956e36 --- /dev/null +++ b/test-server/cpp-v3-server/.duvet/.gitignore @@ -0,0 +1,3 @@ +reports/ +requirements/ +specification/ \ No newline at end of file diff --git a/test-server/cpp-v3-server/.duvet/config.toml b/test-server/cpp-v3-server/.duvet/config.toml new file mode 100644 index 00000000..eaea972c --- /dev/null +++ b/test-server/cpp-v3-server/.duvet/config.toml @@ -0,0 +1,27 @@ +'$schema' = "https://awslabs.github.io/duvet/config/v0.4.0.json" + +[[source]] +pattern = "local-ruby-sdk/gems/aws-sdk-s3/lib/**/*.rb" +comment-style = { meta = "##=", content = "##%" } + +# Include required specifications here +[[specification]] +source = "../specification/s3-encryption/data-format/content-metadata.md" +[[specification]] +source = "../specification/s3-encryption/data-format/metadata-strategy.md" +[[specification]] +source = "../specification/s3-encryption/encryption.md" +[[specification]] +source = "../specification/s3-encryption/decryption.md" +[[specification]] +source = "../specification/s3-encryption/key-derivation.md" +[[specification]] +source = "../specification/s3-encryption/key-commitment.md" + + +[report.html] +enabled = true + +# Enable snapshots to prevent requirement coverage regressions +[report.snapshot] +enabled = false diff --git a/test-server/cpp-v3-server/CMakeLists.txt b/test-server/cpp-v3-server/CMakeLists.txt new file mode 100644 index 00000000..b282dbc4 --- /dev/null +++ b/test-server/cpp-v3-server/CMakeLists.txt @@ -0,0 +1,39 @@ +cmake_minimum_required(VERSION 3.16) +project(s3ec-cpp-v2-server) + +set(CMAKE_CXX_STANDARD 17) + +# Configure AWS SDK build options +set(BUILD_ONLY "kms;s3;s3-encryption" CACHE STRING "Build only KMS, S3, and S3-encryption components") +set(ENABLE_TESTING OFF CACHE BOOL "Disable testing") +set(BUILD_SHARED_LIBS OFF CACHE BOOL "Build static libraries") + +# Add AWS SDK as subdirectory +add_subdirectory(aws-sdk-cpp) + +find_package(PkgConfig REQUIRED) +pkg_check_modules(LIBMICROHTTPD REQUIRED libmicrohttpd) + +find_package(nlohmann_json REQUIRED) + +add_executable(s3ec-server main.cpp) + +target_include_directories(s3ec-server PRIVATE + ${LIBMICROHTTPD_INCLUDE_DIRS} + /opt/homebrew/include +) + +target_link_directories(s3ec-server PRIVATE + ${LIBMICROHTTPD_LIBRARY_DIRS} + /opt/homebrew/lib +) + +target_link_libraries(s3ec-server + ${LIBMICROHTTPD_LIBRARIES} + aws-cpp-sdk-core + aws-cpp-sdk-kms + aws-cpp-sdk-s3 + aws-cpp-sdk-s3-encryption + nlohmann_json::nlohmann_json + uuid +) \ No newline at end of file diff --git a/test-server/cpp-v3-server/Makefile b/test-server/cpp-v3-server/Makefile new file mode 100644 index 00000000..86fc285e --- /dev/null +++ b/test-server/cpp-v3-server/Makefile @@ -0,0 +1,35 @@ +# Makefile for S3 Encryption Client Testing + +.PHONY: start-server stop-server wait-for-server + +PID_FILE := server.pid +PORT := 8091 + +build/s3ec-server: + brew install libmicrohttpd nlohmann-json ossp-uuid + mkdir -p build && cd build && cmake .. + +start-server: | build/s3ec-server + @echo "Starting Cpp V2 server..." + cd build && make && \ + AWS_ACCESS_KEY_ID="$$AWS_ACCESS_KEY_ID" \ + AWS_SECRET_ACCESS_KEY="$$AWS_SECRET_ACCESS_KEY" \ + AWS_SESSION_TOKEN="$$AWS_SESSION_TOKEN" \ + AWS_REGION="us-west-2" \ + ./s3ec-server & echo $$! > $(PID_FILE) + @echo "Cpp V2 server starting..." + +stop-server: + @if [ -f $(PID_FILE) ]; then \ + kill $$(cat $(PID_FILE)) 2>/dev/null || true; \ + rm $(PID_FILE); \ + fi + +wait-for-server: + $(MAKE) -C .. wait-for-port PORT=$(PORT) + +duvet: + duvet report + +view-report-mac: + open .duvet/reports/report.html diff --git a/test-server/cpp-v3-server/README.md b/test-server/cpp-v3-server/README.md new file mode 100644 index 00000000..8e77feda --- /dev/null +++ b/test-server/cpp-v3-server/README.md @@ -0,0 +1,37 @@ +# C++ S3 Encryption Test Server + +Minimal C++ implementation of the S3 Encryption test server. + +## Dependencies + +- libmicrohttpd +- AWS SDK for C++ +- nlohmann/json +- uuid + +On MacOS you can +```bash +brew install libmicrohttpd nlohmann-json ossp-uuid +``` + +## Build + +```bash +mkdir build && cd build +cmake .. +make +``` + +## Run + +```bash +./s3ec-server +``` + +Server runs on localhost:8085 + +## API Endpoints + +- `POST /client` - Create S3 encryption client +- `GET /object/{bucket}/{key}` - Get encrypted object +- `PUT /object/{bucket}/{key}` - Put encrypted object \ No newline at end of file diff --git a/test-server/cpp-v3-server/main.cpp b/test-server/cpp-v3-server/main.cpp new file mode 100644 index 00000000..721f5071 --- /dev/null +++ b/test-server/cpp-v3-server/main.cpp @@ -0,0 +1,287 @@ +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include + +using json = nlohmann::json; +using namespace Aws::S3Encryption; +using Aws::S3Encryption::Materials::KMSWithContextEncryptionMaterials; +std::unordered_map> + client_cache; + +std::string generate_uuid() { + uuid_t uuid; + uuid_generate(uuid); + char uuid_str[37]; + uuid_unparse(uuid, uuid_str); + return std::string(uuid_str); +} + +std::string get_header_value(struct MHD_Connection *connection, + const char *key) { + const char *value = + MHD_lookup_connection_value(connection, MHD_HEADER_KIND, key); + return value ? std::string(value) : ""; +} + +MHD_Result send_response(struct MHD_Connection *connection, int status_code, + const std::string &content) { + struct MHD_Response *response = MHD_create_response_from_buffer( + content.length(), (void *)content.data(), MHD_RESPMEM_MUST_COPY); + MHD_Result ret = MHD_queue_response(connection, status_code, response); + MHD_destroy_response(response); + return ret; +} + +std::string make_error(const std::string &message, int status_code) { + return "{\"__type\": " + "\"software.amazon.encryption.s3#S3EncryptionClientError\", " + "\"message\": \"" + + message + "\"}"; +} + +MHD_Result handle_create_client(struct MHD_Connection *connection, + const std::string &body) { + try { + json request = json::parse(body); + std::string kms_key_id = request["config"]["keyMaterial"]["kmsKeyId"]; + bool legacy1 = request["config"]["enableLegacyWrappingAlgorithms"]; + bool legacy2 = request["config"]["enableLegacyUnauthenticatedModes"]; + + auto materials = + std::make_shared(kms_key_id); + CryptoConfigurationV3 config(materials); + if (legacy1 || legacy2) + config.allowLegacy(); + + auto encryption_client = std::make_shared(config); + + std::string client_id = generate_uuid(); + client_cache[client_id] = encryption_client; + + json response = {{"clientId", client_id}}; + return send_response(connection, 200, response.dump()); + } catch (const std::exception &e) { + return send_response(connection, 500, + "{\"error\":\"An exception was thrown.\"}"); + } catch (...) { + return send_response(connection, 500, "{\"error\":\"Unknown error\"}"); + } +} + +void fill_context(Aws::Map &map, + const std::string &metadata) { + if (metadata.empty()) { + return; + } + + // Parse metadata format: [key1]:[value1],[key2]:[value2],... + // or single pair: [key]:[value] + std::string current = metadata; + size_t pos = 0; + + while (pos < current.length()) { + // Find opening bracket for key + size_t key_start = current.find('[', pos); + if (key_start == std::string::npos) + break; + + // Find closing bracket for key + size_t key_end = current.find(']', key_start); + if (key_end == std::string::npos) + break; + + // Find colon separator + size_t colon = current.find(':', key_end); + if (colon == std::string::npos) + break; + + // Find opening bracket for value + size_t value_start = current.find('[', colon); + if (value_start == std::string::npos) + break; + + // Find closing bracket for value + size_t value_end = current.find(']', value_start); + if (value_end == std::string::npos) + break; + + // Extract key and value + std::string key = current.substr(key_start + 1, key_end - key_start - 1); + std::string value = + current.substr(value_start + 1, value_end - value_start - 1); + + // Add to map + map.emplace(key, value); + + // Move to next pair (look for comma or next opening bracket) + pos = value_end + 1; + size_t comma = current.find(',', pos); + if (comma != std::string::npos) { + pos = comma + 1; + } + } +} + +MHD_Result handle_get_object(struct MHD_Connection *connection, + const std::string &bucket, const std::string &key, + const std::string &client_id, + const std::string &metadata) { + auto it = client_cache.find(client_id); + if (it == client_cache.end()) { + return send_response(connection, 404, "{\"error\":\"Client not found\"}"); + } + + try { + Aws::S3::Model::GetObjectRequest request; + request.SetBucket(bucket); + request.SetKey(key); + + // S3EncryptionGetObjectOutcome outcome ; + // if (metadata.empty()) { + // outcome = it->second->GetObject(request); + // } else { + // Aws::Map kmsContextMap; + // fill_context(kmsContextMap, metadata); + // outcome = it->second->GetObject(request, kmsContextMap); + // } + + Aws::Map kmsContextMap; + fill_context(kmsContextMap, metadata); + auto outcome = it->second->GetObject(request, kmsContextMap); + + if (outcome.IsSuccess()) { + auto &stream = outcome.GetResult().GetBody(); + std::string content((std::istreambuf_iterator(stream)), + std::istreambuf_iterator()); + return send_response(connection, 200, content); + } else { + auto msg = make_error(outcome.GetError().GetMessage(), 500); + return send_response(connection, 500, msg); + } + } catch (const std::exception &e) { + auto msg = make_error("An exception was thrown", 500); + return send_response(connection, 500, msg); + } +} + +MHD_Result handle_put_object(struct MHD_Connection *connection, + const std::string &bucket, const std::string &key, + const std::string &client_id, + const std::string &body, + const std::string &metadata) { + auto it = client_cache.find(client_id); + if (it == client_cache.end()) { + return send_response(connection, 404, "{\"error\":\"Client not found\"}"); + } + + try { + Aws::Map kmsContextMap; + fill_context(kmsContextMap, metadata); + + Aws::S3::Model::PutObjectRequest request; + request.SetBucket(bucket); + request.SetKey(key); + + auto stream = std::make_shared(body); + request.SetBody(stream); + + auto outcome = it->second->PutObject(request, kmsContextMap); + if (outcome.IsSuccess()) { + json response = {{"bucket", bucket}, {"key", key}}; + return send_response(connection, 200, response.dump()); + } else { + auto msg = make_error(outcome.GetError().GetMessage(), 500); + return send_response(connection, 500, msg); + } + } catch (const std::exception &e) { + auto msg = make_error(e.what(), 500); + return send_response(connection, 500, msg); + } +} + +MHD_Result request_handler(void *cls, struct MHD_Connection *connection, + const char *url, const char *method, + const char *version, const char *upload_data, + size_t *upload_data_size, void **con_cls) { + std::string method_str(method); + bool is_push = method_str == "POST" || method_str == "PUT"; + static int dummy; + if (*con_cls == nullptr) { + if (is_push) { + *con_cls = new std::string(); + } else { + *con_cls = &dummy; + } + return MHD_YES; + } + if (is_push && *upload_data_size) { + std::string *body = static_cast(*con_cls); + body->append(upload_data, *upload_data_size); + *upload_data_size = 0; + return MHD_YES; + } + + std::string url_str(url); + + if (is_push && url_str == "/client") { + std::unique_ptr body(static_cast(*con_cls)); + return handle_create_client(connection, *body); + } + + if (url_str.find("/object/") == 0) { + std::string path = url_str.substr(8); // Remove "/object/" + size_t slash_pos = path.find('/'); + if (slash_pos != std::string::npos) { + std::string bucket = path.substr(0, slash_pos); + std::string key = path.substr(slash_pos + 1); + std::string client_id = get_header_value(connection, "clientid"); + + std::string metadata = get_header_value(connection, "content-metadata"); + if (method_str == "GET") { + return handle_get_object(connection, bucket, key, client_id, metadata); + } else if (method_str == "PUT") { + std::unique_ptr body(static_cast(*con_cls)); + *upload_data_size = 0; + return handle_put_object(connection, bucket, key, client_id, *body, metadata); + } + } + } + + return send_response(connection, 404, + "{\"error\":\"Not idea what is happening\"}"); +} + +int main() { + Aws::SDKOptions options; + Aws::InitAPI(options); + int port = 8091; + + struct MHD_Daemon *daemon = + MHD_start_daemon(MHD_USE_SELECT_INTERNALLY, port, NULL, NULL, + &request_handler, NULL, MHD_OPTION_END); + + if (!daemon) { + fprintf(stderr, "Failed to start server on port %d\n", port); + Aws::ShutdownAPI(options); + return 1; + } + + fprintf(stderr, "Server running on port %d\n", port); + sleep(10000); + + MHD_stop_daemon(daemon); + Aws::ShutdownAPI(options); + fprintf(stderr, "Ending server\n"); + return 0; +} diff --git a/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java b/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java index a6af0872..4b0c8e74 100644 --- a/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java +++ b/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java @@ -123,7 +123,7 @@ public class TestUtils { // PYTHON_V3, GO_V4, // NET_V3, - // CPP_V3, + CPP_V3, // PHP_V3, RUBY_V3 ); @@ -138,6 +138,8 @@ public class TestUtils { servers.put(NET_V2_CURRENT, new LanguageServerTarget(NET_V2_CURRENT, "8083")); servers.put(NET_V3, new LanguageServerTarget(NET_V3, "8084")); servers.put(CPP_V2_CURRENT, new LanguageServerTarget(CPP_V2_CURRENT, "8085")); + servers.put(CPP_V2_TRANSITION, new LanguageServerTarget(CPP_V2_TRANSITION, "8097")); + servers.put(CPP_V3, new LanguageServerTarget(CPP_V3, "8091")); // servers.put(RUBY_V2_CURRENT, new LanguageServerTarget(RUBY_V2_CURRENT, "8086")); servers.put(PHP_V2_CURRENT, new LanguageServerTarget(PHP_V2_CURRENT, "8087")); servers.put(GO_V4, new LanguageServerTarget(GO_V4, "8089")); @@ -147,7 +149,6 @@ public class TestUtils { servers.put(JAVA_V3_TRANSITION, new LanguageServerTarget(JAVA_V3_TRANSITION, "8094")); // servers.put(GO_V3_TRANSITION, new LanguageServerTarget(GO_V3_TRANSITION, "8095")); // servers.put(NET_V2_TRANSITION, new LanguageServerTarget(NET_V2_TRANSITION, "8096")); - servers.put(CPP_V2_TRANSITION, new LanguageServerTarget(CPP_V2_TRANSITION, "8097")); servers.put(RUBY_V2_TRANSITION, new LanguageServerTarget(RUBY_V2_TRANSITION, "8098")); servers.put(PHP_V2_TRANSITION, new LanguageServerTarget(PHP_V2_TRANSITION, "8099")); servers.put(JAVA_V4, new LanguageServerTarget(JAVA_V4, "8090")); From 4f0fb14c0165f02c27e8599df11906f342f8acd8 Mon Sep 17 00:00:00 2001 From: Andy Jewell Date: Wed, 29 Oct 2025 12:24:38 -0400 Subject: [PATCH 02/13] m --- test-server/cpp-v2-transition-server/main.cpp | 16 ++++++++++++ test-server/cpp-v3-server/main.cpp | 26 ++++++++++++++++--- 2 files changed, 39 insertions(+), 3 deletions(-) diff --git a/test-server/cpp-v2-transition-server/main.cpp b/test-server/cpp-v2-transition-server/main.cpp index e8ce8e5c..381f186d 100644 --- a/test-server/cpp-v2-transition-server/main.cpp +++ b/test-server/cpp-v2-transition-server/main.cpp @@ -50,10 +50,26 @@ std::string make_error(const std::string &message, int status_code) { message + "\"}"; } +bool unsupported(std::string& commitmentPolicy, std::string& encryptionAlgorithm) +{ + if (encryptionAlgorithm == "ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY") return true; + if (commitmentPolicy == "REQUIRE_ENCRYPT_REQUIRE_DECRYPT") return true; + if (commitmentPolicy == "REQUIRE_ENCRYPT_ALLOW_DECRYPT") return true; + return false; +} + MHD_Result handle_create_client(struct MHD_Connection *connection, const std::string &body) { try { json request = json::parse(body); + std::string commitmentPolicy = request["config"]["commitmentPolicy"]; + std::string encryptionAlgorithm = request["config"]["encryptionAlgorithm"]; + + if (unsupported(commitmentPolicy, encryptionAlgorithm)) { + send_response(connection, 404, "{\"error\":\"Unsupported Option.\"}"); + return MHD_YES; + } + std::string kms_key_id = request["config"]["keyMaterial"]["kmsKeyId"]; bool legacy1 = request["config"]["enableLegacyWrappingAlgorithms"]; bool legacy2 = request["config"]["enableLegacyUnauthenticatedModes"]; diff --git a/test-server/cpp-v3-server/main.cpp b/test-server/cpp-v3-server/main.cpp index 721f5071..c77791b0 100644 --- a/test-server/cpp-v3-server/main.cpp +++ b/test-server/cpp-v3-server/main.cpp @@ -16,7 +16,7 @@ using json = nlohmann::json; using namespace Aws::S3Encryption; using Aws::S3Encryption::Materials::KMSWithContextEncryptionMaterials; -std::unordered_map> +std::unordered_map> client_cache; std::string generate_uuid() { @@ -50,6 +50,11 @@ std::string make_error(const std::string &message, int status_code) { message + "\"}"; } +MHD_Result unsupported(struct MHD_Connection *connection) { + send_response(connection, 404, "{\"error\":\"Unsupported Option.\"}"); + return MHD_YES; +} + MHD_Result handle_create_client(struct MHD_Connection *connection, const std::string &body) { try { @@ -62,7 +67,22 @@ MHD_Result handle_create_client(struct MHD_Connection *connection, std::make_shared(kms_key_id); CryptoConfigurationV3 config(materials); if (legacy1 || legacy2) - config.allowLegacy(); + config.AllowLegacy(); + + std::string commitmentPolicy = request["config"]["commitmentPolicy"]; + std::string encryptionAlgorithm = request["config"]["encryptionAlgorithm"]; + + if (encryptionAlgorithm == "ALG_AES_256_CBC_IV16_NO_KDF") return unsupported(connection); + if (commitmentPolicy == "REQUIRE_ENCRYPT_REQUIRE_DECRYPT") { + if (encryptionAlgorithm == "ALG_AES_256_GCM_IV12_TAG16_NO_KDF") return unsupported(connection); + config.SetCommitmentPolicy(CommitmentPolicy::REQUIRE_ENCRYPT_REQUIRE_DECRYPT); + } else if (commitmentPolicy == "REQUIRE_ENCRYPT_ALLOW_DECRYPT") { + if (encryptionAlgorithm == "ALG_AES_256_GCM_IV12_TAG16_NO_KDF") return unsupported(connection); + config.SetCommitmentPolicy(CommitmentPolicy::REQUIRE_ENCRYPT_ALLOW_DECRYPT); + } else if (commitmentPolicy == "FORBID_ENCRYPT_ALLOW_DECRYPT") { + if (encryptionAlgorithm == "ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY") return unsupported(connection); + config.SetCommitmentPolicy(CommitmentPolicy::FORBID_ENCRYPT_ALLOW_DECRYPT); + } auto encryption_client = std::make_shared(config); @@ -73,7 +93,7 @@ MHD_Result handle_create_client(struct MHD_Connection *connection, return send_response(connection, 200, response.dump()); } catch (const std::exception &e) { return send_response(connection, 500, - "{\"error\":\"An exception was thrown.\"}"); + "{\"error\":\"An exception was thrown.\"}"); } catch (...) { return send_response(connection, 500, "{\"error\":\"Unknown error\"}"); } From 97533288bbcef89a13b61197846335468e271b90 Mon Sep 17 00:00:00 2001 From: Andy Jewell Date: Wed, 29 Oct 2025 14:48:54 -0400 Subject: [PATCH 03/13] m --- test-server/cpp-v3-server/main.cpp | 29 ++++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/test-server/cpp-v3-server/main.cpp b/test-server/cpp-v3-server/main.cpp index c77791b0..5b924f39 100644 --- a/test-server/cpp-v3-server/main.cpp +++ b/test-server/cpp-v3-server/main.cpp @@ -50,11 +50,21 @@ std::string make_error(const std::string &message, int status_code) { message + "\"}"; } -MHD_Result unsupported(struct MHD_Connection *connection) { +MHD_Result unsupported(struct MHD_Connection *connection, std::string & commitmentPolicy, std::string & encryptionAlgorithm) { + fprintf(stderr, "Unsupported %s %s\n",commitmentPolicy.c_str(), encryptionAlgorithm.c_str() ); send_response(connection, 404, "{\"error\":\"Unsupported Option.\"}"); return MHD_YES; } +std::string get_config(json & request, const char * x) +{ + if (!request.contains("config")) return ""; + auto config = request["config"]; + if (config.contains(x)) + return config[x]; + return ""; +} + MHD_Result handle_create_client(struct MHD_Connection *connection, const std::string &body) { try { @@ -69,18 +79,18 @@ MHD_Result handle_create_client(struct MHD_Connection *connection, if (legacy1 || legacy2) config.AllowLegacy(); - std::string commitmentPolicy = request["config"]["commitmentPolicy"]; - std::string encryptionAlgorithm = request["config"]["encryptionAlgorithm"]; + std::string commitmentPolicy = get_config(request, "commitmentPolicy"); + std::string encryptionAlgorithm = get_config(request, "encryptionAlgorithm"); - if (encryptionAlgorithm == "ALG_AES_256_CBC_IV16_NO_KDF") return unsupported(connection); if (commitmentPolicy == "REQUIRE_ENCRYPT_REQUIRE_DECRYPT") { - if (encryptionAlgorithm == "ALG_AES_256_GCM_IV12_TAG16_NO_KDF") return unsupported(connection); + if (encryptionAlgorithm == "ALG_AES_256_GCM_IV12_TAG16_NO_KDF") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); + if (encryptionAlgorithm == "ALG_AES_256_CBC_IV16_NO_KDF") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); config.SetCommitmentPolicy(CommitmentPolicy::REQUIRE_ENCRYPT_REQUIRE_DECRYPT); } else if (commitmentPolicy == "REQUIRE_ENCRYPT_ALLOW_DECRYPT") { - if (encryptionAlgorithm == "ALG_AES_256_GCM_IV12_TAG16_NO_KDF") return unsupported(connection); + if (encryptionAlgorithm == "ALG_AES_256_GCM_IV12_TAG16_NO_KDF") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); config.SetCommitmentPolicy(CommitmentPolicy::REQUIRE_ENCRYPT_ALLOW_DECRYPT); } else if (commitmentPolicy == "FORBID_ENCRYPT_ALLOW_DECRYPT") { - if (encryptionAlgorithm == "ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY") return unsupported(connection); + if (encryptionAlgorithm == "ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); config.SetCommitmentPolicy(CommitmentPolicy::FORBID_ENCRYPT_ALLOW_DECRYPT); } @@ -92,6 +102,7 @@ MHD_Result handle_create_client(struct MHD_Connection *connection, json response = {{"clientId", client_id}}; return send_response(connection, 200, response.dump()); } catch (const std::exception &e) { + fprintf(stderr, "handle_create_client exception %s\n", e.what()); return send_response(connection, 500, "{\"error\":\"An exception was thrown.\"}"); } catch (...) { @@ -187,9 +198,11 @@ MHD_Result handle_get_object(struct MHD_Connection *connection, return send_response(connection, 200, content); } else { auto msg = make_error(outcome.GetError().GetMessage(), 500); + fprintf(stderr, "handle_get_object error %s\n", msg.c_str()); return send_response(connection, 500, msg); } } catch (const std::exception &e) { + fprintf(stderr, "handle_get_object exception %s\n", e.what()); auto msg = make_error("An exception was thrown", 500); return send_response(connection, 500, msg); } @@ -222,9 +235,11 @@ MHD_Result handle_put_object(struct MHD_Connection *connection, return send_response(connection, 200, response.dump()); } else { auto msg = make_error(outcome.GetError().GetMessage(), 500); + fprintf(stderr, "handle_put_object error %s\n", msg.c_str()); return send_response(connection, 500, msg); } } catch (const std::exception &e) { + fprintf(stderr, "handle_put_object exception %s\n", e.what()); auto msg = make_error(e.what(), 500); return send_response(connection, 500, msg); } From 9106e50f04d38a4afd177064e456e752fcdcd527 Mon Sep 17 00:00:00 2001 From: Andy Jewell Date: Wed, 29 Oct 2025 15:32:33 -0400 Subject: [PATCH 04/13] m --- test-server/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test-server/Makefile b/test-server/Makefile index a166030a..be8df10b 100644 --- a/test-server/Makefile +++ b/test-server/Makefile @@ -3,10 +3,10 @@ .PHONY: all start-servers run-tests stop-servers clean ci check-env help # Default target -all: start-all-servers run-tests +all: start-all-servers wait-all-servers run-tests # CI target for GitHub Actions -ci: start-all-servers run-tests stop-servers +ci: start-all-servers wait-all-servers run-tests stop-servers SERVER_DIRS := $(shell find . -maxdepth 1 -type d -name '*-server' | sed 's|^\./||' | $(if $(FILTER),grep -E "$$(echo '$(FILTER)' | sed 's/,/|/g')",cat) | sort) From 2d897159c934485d8f85120315a8af84152ef66c Mon Sep 17 00:00:00 2001 From: Andy Jewell Date: Wed, 29 Oct 2025 16:03:50 -0400 Subject: [PATCH 05/13] m --- test-server/net-v2-v3-server/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test-server/net-v2-v3-server/Makefile b/test-server/net-v2-v3-server/Makefile index a16ff57e..e752b925 100644 --- a/test-server/net-v2-v3-server/Makefile +++ b/test-server/net-v2-v3-server/Makefile @@ -51,7 +51,7 @@ start-net-v3-server: @echo ".NET V3 server starting..." wait-for-server: - $(MAKE) -C .. wait-for-port PORT=$(PORT_NET_V2) \ + $(MAKE) -C .. wait-for-port PORT=$(PORT_NET_V2) $(MAKE) -C .. wait-for-port PORT=$(PORT_NET_V3) duvet: From 84327adb07ed3e7af6f8d17ed6aae2f749839dec Mon Sep 17 00:00:00 2001 From: Andy Jewell Date: Wed, 29 Oct 2025 16:52:00 -0400 Subject: [PATCH 06/13] m --- test-server/cpp-v3-server/main.cpp | 3 +++ 1 file changed, 3 insertions(+) diff --git a/test-server/cpp-v3-server/main.cpp b/test-server/cpp-v3-server/main.cpp index 5b924f39..32840fcc 100644 --- a/test-server/cpp-v3-server/main.cpp +++ b/test-server/cpp-v3-server/main.cpp @@ -68,6 +68,7 @@ std::string get_config(json & request, const char * x) MHD_Result handle_create_client(struct MHD_Connection *connection, const std::string &body) { try { + fprintf(stderr, "CPP V3 create_client called with %s\n", body.c_str()); json request = json::parse(body); std::string kms_key_id = request["config"]["keyMaterial"]["kmsKeyId"]; bool legacy1 = request["config"]["enableLegacyWrappingAlgorithms"]; @@ -81,6 +82,8 @@ MHD_Result handle_create_client(struct MHD_Connection *connection, std::string commitmentPolicy = get_config(request, "commitmentPolicy"); std::string encryptionAlgorithm = get_config(request, "encryptionAlgorithm"); + fprintf(stderr, "CPP V3 create_client got <%s> <%s>\n", commitmentPolicy.c_str(), encryptionAlgorithm.c_str()); + if (commitmentPolicy == "REQUIRE_ENCRYPT_REQUIRE_DECRYPT") { if (encryptionAlgorithm == "ALG_AES_256_GCM_IV12_TAG16_NO_KDF") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); From 6fc2a83e437390e237af756c6de762446b7b1eb4 Mon Sep 17 00:00:00 2001 From: Andy Jewell Date: Wed, 29 Oct 2025 18:09:37 -0400 Subject: [PATCH 07/13] m --- test-server/cpp-v2-transition-server/main.cpp | 13 +++++++++++-- test-server/cpp-v3-server/main.cpp | 4 ++-- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/test-server/cpp-v2-transition-server/main.cpp b/test-server/cpp-v2-transition-server/main.cpp index 381f186d..58d807ef 100644 --- a/test-server/cpp-v2-transition-server/main.cpp +++ b/test-server/cpp-v2-transition-server/main.cpp @@ -58,12 +58,21 @@ bool unsupported(std::string& commitmentPolicy, std::string& encryptionAlgorithm return false; } +std::string get_config(json & request, const char * x) +{ + if (!request.contains("config")) return ""; + auto config = request["config"]; + if (config.contains(x)) + return config[x]; + return ""; +} + MHD_Result handle_create_client(struct MHD_Connection *connection, const std::string &body) { try { json request = json::parse(body); - std::string commitmentPolicy = request["config"]["commitmentPolicy"]; - std::string encryptionAlgorithm = request["config"]["encryptionAlgorithm"]; + std::string commitmentPolicy = get_config(request, "commitmentPolicy"); + std::string encryptionAlgorithm = get_config(request, "encryptionAlgorithm"); if (unsupported(commitmentPolicy, encryptionAlgorithm)) { send_response(connection, 404, "{\"error\":\"Unsupported Option.\"}"); diff --git a/test-server/cpp-v3-server/main.cpp b/test-server/cpp-v3-server/main.cpp index 32840fcc..d363c9e8 100644 --- a/test-server/cpp-v3-server/main.cpp +++ b/test-server/cpp-v3-server/main.cpp @@ -68,7 +68,7 @@ std::string get_config(json & request, const char * x) MHD_Result handle_create_client(struct MHD_Connection *connection, const std::string &body) { try { - fprintf(stderr, "CPP V3 create_client called with %s\n", body.c_str()); + // fprintf(stderr, "CPP V3 create_client called with %s\n", body.c_str()); json request = json::parse(body); std::string kms_key_id = request["config"]["keyMaterial"]["kmsKeyId"]; bool legacy1 = request["config"]["enableLegacyWrappingAlgorithms"]; @@ -82,7 +82,7 @@ MHD_Result handle_create_client(struct MHD_Connection *connection, std::string commitmentPolicy = get_config(request, "commitmentPolicy"); std::string encryptionAlgorithm = get_config(request, "encryptionAlgorithm"); - fprintf(stderr, "CPP V3 create_client got <%s> <%s>\n", commitmentPolicy.c_str(), encryptionAlgorithm.c_str()); + // fprintf(stderr, "CPP V3 create_client got <%s> <%s>\n", commitmentPolicy.c_str(), encryptionAlgorithm.c_str()); if (commitmentPolicy == "REQUIRE_ENCRYPT_REQUIRE_DECRYPT") { From e64df9398e074417acbf32bbe623d6060d5a5693 Mon Sep 17 00:00:00 2001 From: Andy Jewell Date: Thu, 30 Oct 2025 10:17:55 -0400 Subject: [PATCH 08/13] m --- test-server/cpp-v3-server/main.cpp | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/test-server/cpp-v3-server/main.cpp b/test-server/cpp-v3-server/main.cpp index d363c9e8..ce26da94 100644 --- a/test-server/cpp-v3-server/main.cpp +++ b/test-server/cpp-v3-server/main.cpp @@ -68,7 +68,7 @@ std::string get_config(json & request, const char * x) MHD_Result handle_create_client(struct MHD_Connection *connection, const std::string &body) { try { - // fprintf(stderr, "CPP V3 create_client called with %s\n", body.c_str()); + fprintf(stderr, "CPP V3 create_client called with %s\n", body.c_str()); json request = json::parse(body); std::string kms_key_id = request["config"]["keyMaterial"]["kmsKeyId"]; bool legacy1 = request["config"]["enableLegacyWrappingAlgorithms"]; @@ -82,19 +82,24 @@ MHD_Result handle_create_client(struct MHD_Connection *connection, std::string commitmentPolicy = get_config(request, "commitmentPolicy"); std::string encryptionAlgorithm = get_config(request, "encryptionAlgorithm"); - // fprintf(stderr, "CPP V3 create_client got <%s> <%s>\n", commitmentPolicy.c_str(), encryptionAlgorithm.c_str()); + fprintf(stderr, "CPP V3 create_client got <%s> <%s>\n", commitmentPolicy.c_str(), encryptionAlgorithm.c_str()); if (commitmentPolicy == "REQUIRE_ENCRYPT_REQUIRE_DECRYPT") { if (encryptionAlgorithm == "ALG_AES_256_GCM_IV12_TAG16_NO_KDF") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); - if (encryptionAlgorithm == "ALG_AES_256_CBC_IV16_NO_KDF") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); + if (encryptionAlgorithm == "ALG_AES_256_CBC_IV16_NO_KDF") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); config.SetCommitmentPolicy(CommitmentPolicy::REQUIRE_ENCRYPT_REQUIRE_DECRYPT); + fprintf(stderr, "CPPV3 Setting CommitmentPolicy to REQUIRE_ENCRYPT_REQUIRE_DECRYPT"); } else if (commitmentPolicy == "REQUIRE_ENCRYPT_ALLOW_DECRYPT") { if (encryptionAlgorithm == "ALG_AES_256_GCM_IV12_TAG16_NO_KDF") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); config.SetCommitmentPolicy(CommitmentPolicy::REQUIRE_ENCRYPT_ALLOW_DECRYPT); + fprintf(stderr, "CPPV3 Setting CommitmentPolicy to REQUIRE_ENCRYPT_ALLOW_DECRYPT"); } else if (commitmentPolicy == "FORBID_ENCRYPT_ALLOW_DECRYPT") { if (encryptionAlgorithm == "ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); config.SetCommitmentPolicy(CommitmentPolicy::FORBID_ENCRYPT_ALLOW_DECRYPT); + fprintf(stderr, "CPPV3 Setting CommitmentPolicy to FORBID_ENCRYPT_ALLOW_DECRYPT"); + } else { + fprintf(stderr, "CPPV3 Not Setting CommitmentPolicy."); } auto encryption_client = std::make_shared(config); From 6052a4ee92cf3abafbd53c23687058447f9ca9cf Mon Sep 17 00:00:00 2001 From: Andy Jewell Date: Thu, 30 Oct 2025 10:53:08 -0400 Subject: [PATCH 09/13] m --- test-server/cpp-v3-server/main.cpp | 8 -------- 1 file changed, 8 deletions(-) diff --git a/test-server/cpp-v3-server/main.cpp b/test-server/cpp-v3-server/main.cpp index ce26da94..59167078 100644 --- a/test-server/cpp-v3-server/main.cpp +++ b/test-server/cpp-v3-server/main.cpp @@ -68,7 +68,6 @@ std::string get_config(json & request, const char * x) MHD_Result handle_create_client(struct MHD_Connection *connection, const std::string &body) { try { - fprintf(stderr, "CPP V3 create_client called with %s\n", body.c_str()); json request = json::parse(body); std::string kms_key_id = request["config"]["keyMaterial"]["kmsKeyId"]; bool legacy1 = request["config"]["enableLegacyWrappingAlgorithms"]; @@ -82,24 +81,17 @@ MHD_Result handle_create_client(struct MHD_Connection *connection, std::string commitmentPolicy = get_config(request, "commitmentPolicy"); std::string encryptionAlgorithm = get_config(request, "encryptionAlgorithm"); - fprintf(stderr, "CPP V3 create_client got <%s> <%s>\n", commitmentPolicy.c_str(), encryptionAlgorithm.c_str()); - if (commitmentPolicy == "REQUIRE_ENCRYPT_REQUIRE_DECRYPT") { if (encryptionAlgorithm == "ALG_AES_256_GCM_IV12_TAG16_NO_KDF") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); if (encryptionAlgorithm == "ALG_AES_256_CBC_IV16_NO_KDF") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); config.SetCommitmentPolicy(CommitmentPolicy::REQUIRE_ENCRYPT_REQUIRE_DECRYPT); - fprintf(stderr, "CPPV3 Setting CommitmentPolicy to REQUIRE_ENCRYPT_REQUIRE_DECRYPT"); } else if (commitmentPolicy == "REQUIRE_ENCRYPT_ALLOW_DECRYPT") { if (encryptionAlgorithm == "ALG_AES_256_GCM_IV12_TAG16_NO_KDF") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); config.SetCommitmentPolicy(CommitmentPolicy::REQUIRE_ENCRYPT_ALLOW_DECRYPT); - fprintf(stderr, "CPPV3 Setting CommitmentPolicy to REQUIRE_ENCRYPT_ALLOW_DECRYPT"); } else if (commitmentPolicy == "FORBID_ENCRYPT_ALLOW_DECRYPT") { if (encryptionAlgorithm == "ALG_AES_256_GCM_HKDF_SHA512_COMMIT_KEY") return unsupported(connection, commitmentPolicy, encryptionAlgorithm); config.SetCommitmentPolicy(CommitmentPolicy::FORBID_ENCRYPT_ALLOW_DECRYPT); - fprintf(stderr, "CPPV3 Setting CommitmentPolicy to FORBID_ENCRYPT_ALLOW_DECRYPT"); - } else { - fprintf(stderr, "CPPV3 Not Setting CommitmentPolicy."); } auto encryption_client = std::make_shared(config); From 9cc561431f5979dd9c93845a471c6a5ebf32ec43 Mon Sep 17 00:00:00 2001 From: Andy Jewell Date: Thu, 30 Oct 2025 11:25:00 -0400 Subject: [PATCH 10/13] m --- test-server/cpp-v2-server/.duvet/config.toml | 3 +-- test-server/cpp-v2-transition-server/.duvet/config.toml | 3 +-- test-server/cpp-v3-server/.duvet/config.toml | 3 +-- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/test-server/cpp-v2-server/.duvet/config.toml b/test-server/cpp-v2-server/.duvet/config.toml index eaea972c..09a893bc 100644 --- a/test-server/cpp-v2-server/.duvet/config.toml +++ b/test-server/cpp-v2-server/.duvet/config.toml @@ -1,8 +1,7 @@ '$schema' = "https://awslabs.github.io/duvet/config/v0.4.0.json" [[source]] -pattern = "local-ruby-sdk/gems/aws-sdk-s3/lib/**/*.rb" -comment-style = { meta = "##=", content = "##%" } +pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.cpp aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.h" # Include required specifications here [[specification]] diff --git a/test-server/cpp-v2-transition-server/.duvet/config.toml b/test-server/cpp-v2-transition-server/.duvet/config.toml index eaea972c..09a893bc 100644 --- a/test-server/cpp-v2-transition-server/.duvet/config.toml +++ b/test-server/cpp-v2-transition-server/.duvet/config.toml @@ -1,8 +1,7 @@ '$schema' = "https://awslabs.github.io/duvet/config/v0.4.0.json" [[source]] -pattern = "local-ruby-sdk/gems/aws-sdk-s3/lib/**/*.rb" -comment-style = { meta = "##=", content = "##%" } +pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.cpp aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.h" # Include required specifications here [[specification]] diff --git a/test-server/cpp-v3-server/.duvet/config.toml b/test-server/cpp-v3-server/.duvet/config.toml index eaea972c..09a893bc 100644 --- a/test-server/cpp-v3-server/.duvet/config.toml +++ b/test-server/cpp-v3-server/.duvet/config.toml @@ -1,8 +1,7 @@ '$schema' = "https://awslabs.github.io/duvet/config/v0.4.0.json" [[source]] -pattern = "local-ruby-sdk/gems/aws-sdk-s3/lib/**/*.rb" -comment-style = { meta = "##=", content = "##%" } +pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.cpp aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.h" # Include required specifications here [[specification]] From 6ac39960cfc820bcb95482f590db409120289d35 Mon Sep 17 00:00:00 2001 From: Andy Jewell Date: Thu, 30 Oct 2025 12:51:33 -0400 Subject: [PATCH 11/13] m --- .github/workflows/test.yml | 4 ++-- test-server/cpp-v2-server/.duvet/config.toml | 5 ++++- test-server/cpp-v2-transition-server/.duvet/config.toml | 5 ++++- test-server/cpp-v3-server/.duvet/config.toml | 5 ++++- 4 files changed, 14 insertions(+), 5 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 02ef67c1..898f7a91 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -89,7 +89,7 @@ jobs: run: composer install - name: Install PHP V3 dependencies - working-directory: ./test-server/php-v3-server + working-directory: php-v3-server shell: bash run: composer install @@ -103,7 +103,7 @@ jobs: uses: actions/cache@v3 with: path: ~/.cache/uv - key: ${{ runner.os }}-uv-${{ hashFiles('**/pyproject.toml') }} + key: ${{ runner.os }}-uv-${{ hashFiles('./test-server/python-v3-server/**/pyproject.toml') }} restore-keys: | ${{ runner.os }}-uv- diff --git a/test-server/cpp-v2-server/.duvet/config.toml b/test-server/cpp-v2-server/.duvet/config.toml index 09a893bc..d137df36 100644 --- a/test-server/cpp-v2-server/.duvet/config.toml +++ b/test-server/cpp-v2-server/.duvet/config.toml @@ -1,7 +1,10 @@ '$schema' = "https://awslabs.github.io/duvet/config/v0.4.0.json" [[source]] -pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.cpp aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.h" +pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.cpp" + +[[source]] +pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.h" # Include required specifications here [[specification]] diff --git a/test-server/cpp-v2-transition-server/.duvet/config.toml b/test-server/cpp-v2-transition-server/.duvet/config.toml index 09a893bc..d137df36 100644 --- a/test-server/cpp-v2-transition-server/.duvet/config.toml +++ b/test-server/cpp-v2-transition-server/.duvet/config.toml @@ -1,7 +1,10 @@ '$schema' = "https://awslabs.github.io/duvet/config/v0.4.0.json" [[source]] -pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.cpp aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.h" +pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.cpp" + +[[source]] +pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.h" # Include required specifications here [[specification]] diff --git a/test-server/cpp-v3-server/.duvet/config.toml b/test-server/cpp-v3-server/.duvet/config.toml index 09a893bc..d137df36 100644 --- a/test-server/cpp-v3-server/.duvet/config.toml +++ b/test-server/cpp-v3-server/.duvet/config.toml @@ -1,7 +1,10 @@ '$schema' = "https://awslabs.github.io/duvet/config/v0.4.0.json" [[source]] -pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.cpp aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.h" +pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.cpp" + +[[source]] +pattern = "aws-sdk-cpp/src/aws-cpp-sdk-s3-encryption/**/*.h" # Include required specifications here [[specification]] From 930f61bb4d812aec97dcbfc94ddee1e3a77dd1a0 Mon Sep 17 00:00:00 2001 From: Andy Jewell Date: Thu, 30 Oct 2025 13:44:53 -0400 Subject: [PATCH 12/13] m --- .github/workflows/test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 898f7a91..29087869 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -79,7 +79,7 @@ jobs: php-version: "8.1" - name: Install PHP V2 dependencies - working-directory: ./test-server/php-v2-server + working-directory: ./php-v2-server shell: bash run: composer install From f688aeadd1dc49b0eee0e6f51a4ab729ddb13edd Mon Sep 17 00:00:00 2001 From: Andy Jewell Date: Thu, 30 Oct 2025 13:46:22 -0400 Subject: [PATCH 13/13] m --- .github/workflows/test.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 29087869..72045f16 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -79,7 +79,7 @@ jobs: php-version: "8.1" - name: Install PHP V2 dependencies - working-directory: ./php-v2-server + working-directory: ./test-server/php-v2-server shell: bash run: composer install @@ -89,7 +89,7 @@ jobs: run: composer install - name: Install PHP V3 dependencies - working-directory: php-v3-server + working-directory: ./test-server/php-v3-server shell: bash run: composer install