aws-sdk-signer 1.41.0 → 1.43.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-signer/client.rb +102 -11
- data/lib/aws-sdk-signer/client_api.rb +66 -0
- data/lib/aws-sdk-signer/endpoint_provider.rb +27 -24
- data/lib/aws-sdk-signer/endpoints.rb +29 -0
- data/lib/aws-sdk-signer/plugins/endpoints.rb +4 -0
- data/lib/aws-sdk-signer/types.rb +108 -1
- data/lib/aws-sdk-signer.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8b49d3323a898b899beda973679ee22d2557791c8a020d04e48cc47412aba135
|
|
4
|
+
data.tar.gz: 72fd1ab4a13255c60eeb37a615498cda873f1a2e75ccd6639164ba0a49eadd46
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 74575b44b7bda04923d00dda2a9d7a4653380e35d2ae38806663a29d8d72a64b6d1d9579e0846b6ea4286cb999f8dc0a6710f4163618a59449ec581528957059
|
|
7
|
+
data.tar.gz: f1cdae6b7df016ca5b45b188cafad2fe5307ef53f17a40f56899da3a609fe0f7ef31e25d385702760dc2e9706f202e201ab789023b52737c70a08d4af2548218
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.43.0 (2023-06-15)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
|
8
|
+
|
|
9
|
+
1.42.0 (2023-06-06)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - AWS Signer is launching Container Image Signing, a new feature that enables you to sign and verify container images. This feature enables you to validate that only container images you approve are used in your enterprise.
|
|
13
|
+
|
|
4
14
|
1.41.0 (2023-05-31)
|
|
5
15
|
------------------
|
|
6
16
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.43.0
|
|
@@ -526,6 +526,56 @@ module Aws::Signer
|
|
|
526
526
|
req.send_request(options)
|
|
527
527
|
end
|
|
528
528
|
|
|
529
|
+
# Retrieves the revocation status of one or more of the signing profile,
|
|
530
|
+
# signing job, and signing certificate.
|
|
531
|
+
#
|
|
532
|
+
# @option params [required, Time,DateTime,Date,Integer,String] :signature_timestamp
|
|
533
|
+
# The timestamp of the signature that validates the profile or job.
|
|
534
|
+
#
|
|
535
|
+
# @option params [required, String] :platform_id
|
|
536
|
+
# The ID of a signing platform.
|
|
537
|
+
#
|
|
538
|
+
# @option params [required, String] :profile_version_arn
|
|
539
|
+
# The version of a signing profile.
|
|
540
|
+
#
|
|
541
|
+
# @option params [required, String] :job_arn
|
|
542
|
+
# The ARN of a signing job.
|
|
543
|
+
#
|
|
544
|
+
# @option params [required, Array<String>] :certificate_hashes
|
|
545
|
+
# A list of composite signed hashes that identify certificates.
|
|
546
|
+
#
|
|
547
|
+
# A certificate identifier consists of a subject certificate TBS hash
|
|
548
|
+
# (signed by the parent CA) combined with a parent CA TBS hash (signed
|
|
549
|
+
# by the parent CA’s CA). Root certificates are defined as their own CA.
|
|
550
|
+
#
|
|
551
|
+
# @return [Types::GetRevocationStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
552
|
+
#
|
|
553
|
+
# * {Types::GetRevocationStatusResponse#revoked_entities #revoked_entities} => Array<String>
|
|
554
|
+
#
|
|
555
|
+
# @example Request syntax with placeholder values
|
|
556
|
+
#
|
|
557
|
+
# resp = client.get_revocation_status({
|
|
558
|
+
# signature_timestamp: Time.now, # required
|
|
559
|
+
# platform_id: "PlatformId", # required
|
|
560
|
+
# profile_version_arn: "Arn", # required
|
|
561
|
+
# job_arn: "Arn", # required
|
|
562
|
+
# certificate_hashes: ["String"], # required
|
|
563
|
+
# })
|
|
564
|
+
#
|
|
565
|
+
# @example Response structure
|
|
566
|
+
#
|
|
567
|
+
# resp.revoked_entities #=> Array
|
|
568
|
+
# resp.revoked_entities[0] #=> String
|
|
569
|
+
#
|
|
570
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/signer-2017-08-25/GetRevocationStatus AWS API Documentation
|
|
571
|
+
#
|
|
572
|
+
# @overload get_revocation_status(params = {})
|
|
573
|
+
# @param [Hash] params ({})
|
|
574
|
+
def get_revocation_status(params = {}, options = {})
|
|
575
|
+
req = build_request(:get_revocation_status, params)
|
|
576
|
+
req.send_request(options)
|
|
577
|
+
end
|
|
578
|
+
|
|
529
579
|
# Returns information on a specific signing platform.
|
|
530
580
|
#
|
|
531
581
|
# @option params [required, String] :platform_id
|
|
@@ -960,13 +1010,7 @@ module Aws::Signer
|
|
|
960
1010
|
end
|
|
961
1011
|
|
|
962
1012
|
# Creates a signing profile. A signing profile is a code signing
|
|
963
|
-
# template that can be used to carry out a pre-defined signing job.
|
|
964
|
-
# more information, see
|
|
965
|
-
# [http://docs.aws.amazon.com/signer/latest/developerguide/gs-profile.html][1]
|
|
966
|
-
#
|
|
967
|
-
#
|
|
968
|
-
#
|
|
969
|
-
# [1]: http://docs.aws.amazon.com/signer/latest/developerguide/gs-profile.html
|
|
1013
|
+
# template that can be used to carry out a pre-defined signing job.
|
|
970
1014
|
#
|
|
971
1015
|
# @option params [required, String] :profile_name
|
|
972
1016
|
# The name of the signing profile to be created.
|
|
@@ -1149,12 +1193,59 @@ module Aws::Signer
|
|
|
1149
1193
|
req.send_request(options)
|
|
1150
1194
|
end
|
|
1151
1195
|
|
|
1196
|
+
# Signs a binary payload and returns a signature envelope.
|
|
1197
|
+
#
|
|
1198
|
+
# @option params [required, String] :profile_name
|
|
1199
|
+
# The name of the signing profile.
|
|
1200
|
+
#
|
|
1201
|
+
# @option params [String] :profile_owner
|
|
1202
|
+
# The AWS account ID of the profile owner.
|
|
1203
|
+
#
|
|
1204
|
+
# @option params [required, String, StringIO, File] :payload
|
|
1205
|
+
# Specifies the object digest (hash) to sign.
|
|
1206
|
+
#
|
|
1207
|
+
# @option params [required, String] :payload_format
|
|
1208
|
+
# Payload content type
|
|
1209
|
+
#
|
|
1210
|
+
# @return [Types::SignPayloadResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1211
|
+
#
|
|
1212
|
+
# * {Types::SignPayloadResponse#job_id #job_id} => String
|
|
1213
|
+
# * {Types::SignPayloadResponse#job_owner #job_owner} => String
|
|
1214
|
+
# * {Types::SignPayloadResponse#metadata #metadata} => Hash<String,String>
|
|
1215
|
+
# * {Types::SignPayloadResponse#signature #signature} => String
|
|
1216
|
+
#
|
|
1217
|
+
# @example Request syntax with placeholder values
|
|
1218
|
+
#
|
|
1219
|
+
# resp = client.sign_payload({
|
|
1220
|
+
# profile_name: "ProfileName", # required
|
|
1221
|
+
# profile_owner: "AccountId",
|
|
1222
|
+
# payload: "data", # required
|
|
1223
|
+
# payload_format: "String", # required
|
|
1224
|
+
# })
|
|
1225
|
+
#
|
|
1226
|
+
# @example Response structure
|
|
1227
|
+
#
|
|
1228
|
+
# resp.job_id #=> String
|
|
1229
|
+
# resp.job_owner #=> String
|
|
1230
|
+
# resp.metadata #=> Hash
|
|
1231
|
+
# resp.metadata["String"] #=> String
|
|
1232
|
+
# resp.signature #=> String
|
|
1233
|
+
#
|
|
1234
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/signer-2017-08-25/SignPayload AWS API Documentation
|
|
1235
|
+
#
|
|
1236
|
+
# @overload sign_payload(params = {})
|
|
1237
|
+
# @param [Hash] params ({})
|
|
1238
|
+
def sign_payload(params = {}, options = {})
|
|
1239
|
+
req = build_request(:sign_payload, params)
|
|
1240
|
+
req.send_request(options)
|
|
1241
|
+
end
|
|
1242
|
+
|
|
1152
1243
|
# Initiates a signing job to be performed on the code provided. Signing
|
|
1153
1244
|
# jobs are viewable by the `ListSigningJobs` operation for two years
|
|
1154
1245
|
# after they are performed. Note the following requirements:
|
|
1155
1246
|
#
|
|
1156
1247
|
# * You must create an Amazon S3 source bucket. For more information,
|
|
1157
|
-
# see [
|
|
1248
|
+
# see [Creating a Bucket][1] in the *Amazon S3 Getting Started Guide*.
|
|
1158
1249
|
#
|
|
1159
1250
|
# * Your S3 source bucket must be version enabled.
|
|
1160
1251
|
#
|
|
@@ -1171,12 +1262,12 @@ module Aws::Signer
|
|
|
1171
1262
|
# after you call `StartSigningJob`.
|
|
1172
1263
|
#
|
|
1173
1264
|
# For a Java example that shows how to use this action, see
|
|
1174
|
-
# [
|
|
1265
|
+
# [StartSigningJob][2].
|
|
1175
1266
|
#
|
|
1176
1267
|
#
|
|
1177
1268
|
#
|
|
1178
1269
|
# [1]: http://docs.aws.amazon.com/AmazonS3/latest/gsg/CreatingABucket.html
|
|
1179
|
-
# [2]:
|
|
1270
|
+
# [2]: https://docs.aws.amazon.com/signer/latest/developerguide/api-startsigningjob.html
|
|
1180
1271
|
#
|
|
1181
1272
|
# @option params [required, Types::Source] :source
|
|
1182
1273
|
# The S3 bucket that contains the object to sign or a BLOB that contains
|
|
@@ -1311,7 +1402,7 @@ module Aws::Signer
|
|
|
1311
1402
|
params: params,
|
|
1312
1403
|
config: config)
|
|
1313
1404
|
context[:gem_name] = 'aws-sdk-signer'
|
|
1314
|
-
context[:gem_version] = '1.
|
|
1405
|
+
context[:gem_version] = '1.43.0'
|
|
1315
1406
|
Seahorse::Client::Request.new(handlers, context)
|
|
1316
1407
|
end
|
|
1317
1408
|
|
|
@@ -19,10 +19,12 @@ module Aws::Signer
|
|
|
19
19
|
AddProfilePermissionResponse = Shapes::StructureShape.new(name: 'AddProfilePermissionResponse')
|
|
20
20
|
Arn = Shapes::StringShape.new(name: 'Arn')
|
|
21
21
|
BadRequestException = Shapes::StructureShape.new(name: 'BadRequestException')
|
|
22
|
+
Blob = Shapes::BlobShape.new(name: 'Blob')
|
|
22
23
|
BucketName = Shapes::StringShape.new(name: 'BucketName')
|
|
23
24
|
CancelSigningProfileRequest = Shapes::StructureShape.new(name: 'CancelSigningProfileRequest')
|
|
24
25
|
Category = Shapes::StringShape.new(name: 'Category')
|
|
25
26
|
CertificateArn = Shapes::StringShape.new(name: 'CertificateArn')
|
|
27
|
+
CertificateHashes = Shapes::ListShape.new(name: 'CertificateHashes')
|
|
26
28
|
ClientRequestToken = Shapes::StringShape.new(name: 'ClientRequestToken')
|
|
27
29
|
ConflictException = Shapes::StructureShape.new(name: 'ConflictException')
|
|
28
30
|
DescribeSigningJobRequest = Shapes::StructureShape.new(name: 'DescribeSigningJobRequest')
|
|
@@ -34,6 +36,8 @@ module Aws::Signer
|
|
|
34
36
|
EncryptionAlgorithms = Shapes::ListShape.new(name: 'EncryptionAlgorithms')
|
|
35
37
|
ErrorCode = Shapes::StringShape.new(name: 'ErrorCode')
|
|
36
38
|
ErrorMessage = Shapes::StringShape.new(name: 'ErrorMessage')
|
|
39
|
+
GetRevocationStatusRequest = Shapes::StructureShape.new(name: 'GetRevocationStatusRequest')
|
|
40
|
+
GetRevocationStatusResponse = Shapes::StructureShape.new(name: 'GetRevocationStatusResponse')
|
|
37
41
|
GetSigningPlatformRequest = Shapes::StructureShape.new(name: 'GetSigningPlatformRequest')
|
|
38
42
|
GetSigningPlatformResponse = Shapes::StructureShape.new(name: 'GetSigningPlatformResponse')
|
|
39
43
|
GetSigningProfileRequest = Shapes::StructureShape.new(name: 'GetSigningProfileRequest')
|
|
@@ -59,8 +63,10 @@ module Aws::Signer
|
|
|
59
63
|
ListTagsForResourceResponse = Shapes::StructureShape.new(name: 'ListTagsForResourceResponse')
|
|
60
64
|
MaxResults = Shapes::IntegerShape.new(name: 'MaxResults')
|
|
61
65
|
MaxSizeInMB = Shapes::IntegerShape.new(name: 'MaxSizeInMB')
|
|
66
|
+
Metadata = Shapes::MapShape.new(name: 'Metadata')
|
|
62
67
|
NextToken = Shapes::StringShape.new(name: 'NextToken')
|
|
63
68
|
NotFoundException = Shapes::StructureShape.new(name: 'NotFoundException')
|
|
69
|
+
Payload = Shapes::BlobShape.new(name: 'Payload')
|
|
64
70
|
Permission = Shapes::StructureShape.new(name: 'Permission')
|
|
65
71
|
Permissions = Shapes::ListShape.new(name: 'Permissions')
|
|
66
72
|
PlatformId = Shapes::StringShape.new(name: 'PlatformId')
|
|
@@ -77,10 +83,13 @@ module Aws::Signer
|
|
|
77
83
|
RevocationReasonString = Shapes::StringShape.new(name: 'RevocationReasonString')
|
|
78
84
|
RevokeSignatureRequest = Shapes::StructureShape.new(name: 'RevokeSignatureRequest')
|
|
79
85
|
RevokeSigningProfileRequest = Shapes::StructureShape.new(name: 'RevokeSigningProfileRequest')
|
|
86
|
+
RevokedEntities = Shapes::ListShape.new(name: 'RevokedEntities')
|
|
80
87
|
S3Destination = Shapes::StructureShape.new(name: 'S3Destination')
|
|
81
88
|
S3SignedObject = Shapes::StructureShape.new(name: 'S3SignedObject')
|
|
82
89
|
S3Source = Shapes::StructureShape.new(name: 'S3Source')
|
|
83
90
|
ServiceLimitExceededException = Shapes::StructureShape.new(name: 'ServiceLimitExceededException')
|
|
91
|
+
SignPayloadRequest = Shapes::StructureShape.new(name: 'SignPayloadRequest')
|
|
92
|
+
SignPayloadResponse = Shapes::StructureShape.new(name: 'SignPayloadResponse')
|
|
84
93
|
SignatureValidityPeriod = Shapes::StructureShape.new(name: 'SignatureValidityPeriod')
|
|
85
94
|
SignedObject = Shapes::StructureShape.new(name: 'SignedObject')
|
|
86
95
|
SigningConfiguration = Shapes::StructureShape.new(name: 'SigningConfiguration')
|
|
@@ -146,6 +155,8 @@ module Aws::Signer
|
|
|
146
155
|
CancelSigningProfileRequest.add_member(:profile_name, Shapes::ShapeRef.new(shape: ProfileName, required: true, location: "uri", location_name: "profileName"))
|
|
147
156
|
CancelSigningProfileRequest.struct_class = Types::CancelSigningProfileRequest
|
|
148
157
|
|
|
158
|
+
CertificateHashes.member = Shapes::ShapeRef.new(shape: String)
|
|
159
|
+
|
|
149
160
|
ConflictException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "message"))
|
|
150
161
|
ConflictException.add_member(:code, Shapes::ShapeRef.new(shape: ErrorCode, location_name: "code"))
|
|
151
162
|
ConflictException.struct_class = Types::ConflictException
|
|
@@ -183,6 +194,16 @@ module Aws::Signer
|
|
|
183
194
|
|
|
184
195
|
EncryptionAlgorithms.member = Shapes::ShapeRef.new(shape: EncryptionAlgorithm)
|
|
185
196
|
|
|
197
|
+
GetRevocationStatusRequest.add_member(:signature_timestamp, Shapes::ShapeRef.new(shape: Timestamp, required: true, location: "querystring", location_name: "signatureTimestamp"))
|
|
198
|
+
GetRevocationStatusRequest.add_member(:platform_id, Shapes::ShapeRef.new(shape: PlatformId, required: true, location: "querystring", location_name: "platformId"))
|
|
199
|
+
GetRevocationStatusRequest.add_member(:profile_version_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location: "querystring", location_name: "profileVersionArn"))
|
|
200
|
+
GetRevocationStatusRequest.add_member(:job_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location: "querystring", location_name: "jobArn"))
|
|
201
|
+
GetRevocationStatusRequest.add_member(:certificate_hashes, Shapes::ShapeRef.new(shape: CertificateHashes, required: true, location: "querystring", location_name: "certificateHashes"))
|
|
202
|
+
GetRevocationStatusRequest.struct_class = Types::GetRevocationStatusRequest
|
|
203
|
+
|
|
204
|
+
GetRevocationStatusResponse.add_member(:revoked_entities, Shapes::ShapeRef.new(shape: RevokedEntities, location_name: "revokedEntities"))
|
|
205
|
+
GetRevocationStatusResponse.struct_class = Types::GetRevocationStatusResponse
|
|
206
|
+
|
|
186
207
|
GetSigningPlatformRequest.add_member(:platform_id, Shapes::ShapeRef.new(shape: PlatformId, required: true, location: "uri", location_name: "platformId"))
|
|
187
208
|
GetSigningPlatformRequest.struct_class = Types::GetSigningPlatformRequest
|
|
188
209
|
|
|
@@ -282,6 +303,9 @@ module Aws::Signer
|
|
|
282
303
|
ListTagsForResourceResponse.add_member(:tags, Shapes::ShapeRef.new(shape: TagMap, location_name: "tags"))
|
|
283
304
|
ListTagsForResourceResponse.struct_class = Types::ListTagsForResourceResponse
|
|
284
305
|
|
|
306
|
+
Metadata.key = Shapes::ShapeRef.new(shape: String)
|
|
307
|
+
Metadata.value = Shapes::ShapeRef.new(shape: String)
|
|
308
|
+
|
|
285
309
|
NotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "message"))
|
|
286
310
|
NotFoundException.add_member(:code, Shapes::ShapeRef.new(shape: ErrorCode, location_name: "code"))
|
|
287
311
|
NotFoundException.struct_class = Types::NotFoundException
|
|
@@ -331,6 +355,8 @@ module Aws::Signer
|
|
|
331
355
|
RevokeSigningProfileRequest.add_member(:effective_time, Shapes::ShapeRef.new(shape: Timestamp, required: true, location_name: "effectiveTime"))
|
|
332
356
|
RevokeSigningProfileRequest.struct_class = Types::RevokeSigningProfileRequest
|
|
333
357
|
|
|
358
|
+
RevokedEntities.member = Shapes::ShapeRef.new(shape: String)
|
|
359
|
+
|
|
334
360
|
S3Destination.add_member(:bucket_name, Shapes::ShapeRef.new(shape: BucketName, location_name: "bucketName"))
|
|
335
361
|
S3Destination.add_member(:prefix, Shapes::ShapeRef.new(shape: Prefix, location_name: "prefix"))
|
|
336
362
|
S3Destination.struct_class = Types::S3Destination
|
|
@@ -348,6 +374,18 @@ module Aws::Signer
|
|
|
348
374
|
ServiceLimitExceededException.add_member(:code, Shapes::ShapeRef.new(shape: ErrorCode, location_name: "code"))
|
|
349
375
|
ServiceLimitExceededException.struct_class = Types::ServiceLimitExceededException
|
|
350
376
|
|
|
377
|
+
SignPayloadRequest.add_member(:profile_name, Shapes::ShapeRef.new(shape: ProfileName, required: true, location_name: "profileName"))
|
|
378
|
+
SignPayloadRequest.add_member(:profile_owner, Shapes::ShapeRef.new(shape: AccountId, location_name: "profileOwner"))
|
|
379
|
+
SignPayloadRequest.add_member(:payload, Shapes::ShapeRef.new(shape: Payload, required: true, location_name: "payload"))
|
|
380
|
+
SignPayloadRequest.add_member(:payload_format, Shapes::ShapeRef.new(shape: String, required: true, location_name: "payloadFormat"))
|
|
381
|
+
SignPayloadRequest.struct_class = Types::SignPayloadRequest
|
|
382
|
+
|
|
383
|
+
SignPayloadResponse.add_member(:job_id, Shapes::ShapeRef.new(shape: JobId, location_name: "jobId"))
|
|
384
|
+
SignPayloadResponse.add_member(:job_owner, Shapes::ShapeRef.new(shape: AccountId, location_name: "jobOwner"))
|
|
385
|
+
SignPayloadResponse.add_member(:metadata, Shapes::ShapeRef.new(shape: Metadata, location_name: "metadata"))
|
|
386
|
+
SignPayloadResponse.add_member(:signature, Shapes::ShapeRef.new(shape: Blob, location_name: "signature"))
|
|
387
|
+
SignPayloadResponse.struct_class = Types::SignPayloadResponse
|
|
388
|
+
|
|
351
389
|
SignatureValidityPeriod.add_member(:value, Shapes::ShapeRef.new(shape: Integer, location_name: "value"))
|
|
352
390
|
SignatureValidityPeriod.add_member(:type, Shapes::ShapeRef.new(shape: ValidityType, location_name: "type"))
|
|
353
391
|
SignatureValidityPeriod.struct_class = Types::SignatureValidityPeriod
|
|
@@ -536,6 +574,21 @@ module Aws::Signer
|
|
|
536
574
|
o.errors << Shapes::ShapeRef.new(shape: InternalServiceErrorException)
|
|
537
575
|
end)
|
|
538
576
|
|
|
577
|
+
api.add_operation(:get_revocation_status, Seahorse::Model::Operation.new.tap do |o|
|
|
578
|
+
o.name = "GetRevocationStatus"
|
|
579
|
+
o.http_method = "GET"
|
|
580
|
+
o.http_request_uri = "/revocations"
|
|
581
|
+
o.endpoint_pattern = {
|
|
582
|
+
"hostPrefix" => "verification.",
|
|
583
|
+
}
|
|
584
|
+
o.input = Shapes::ShapeRef.new(shape: GetRevocationStatusRequest)
|
|
585
|
+
o.output = Shapes::ShapeRef.new(shape: GetRevocationStatusResponse)
|
|
586
|
+
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
|
587
|
+
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
|
588
|
+
o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
|
|
589
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServiceErrorException)
|
|
590
|
+
end)
|
|
591
|
+
|
|
539
592
|
api.add_operation(:get_signing_platform, Seahorse::Model::Operation.new.tap do |o|
|
|
540
593
|
o.name = "GetSigningPlatform"
|
|
541
594
|
o.http_method = "GET"
|
|
@@ -691,6 +744,19 @@ module Aws::Signer
|
|
|
691
744
|
o.errors << Shapes::ShapeRef.new(shape: InternalServiceErrorException)
|
|
692
745
|
end)
|
|
693
746
|
|
|
747
|
+
api.add_operation(:sign_payload, Seahorse::Model::Operation.new.tap do |o|
|
|
748
|
+
o.name = "SignPayload"
|
|
749
|
+
o.http_method = "POST"
|
|
750
|
+
o.http_request_uri = "/signing-jobs/with-payload"
|
|
751
|
+
o.input = Shapes::ShapeRef.new(shape: SignPayloadRequest)
|
|
752
|
+
o.output = Shapes::ShapeRef.new(shape: SignPayloadResponse)
|
|
753
|
+
o.errors << Shapes::ShapeRef.new(shape: ValidationException)
|
|
754
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
|
755
|
+
o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
|
|
756
|
+
o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
|
|
757
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalServiceErrorException)
|
|
758
|
+
end)
|
|
759
|
+
|
|
694
760
|
api.add_operation(:start_signing_job, Seahorse::Model::Operation.new.tap do |o|
|
|
695
761
|
o.name = "StartSigningJob"
|
|
696
762
|
o.http_method = "POST"
|
|
@@ -14,36 +14,39 @@ module Aws::Signer
|
|
|
14
14
|
use_dual_stack = parameters.use_dual_stack
|
|
15
15
|
use_fips = parameters.use_fips
|
|
16
16
|
endpoint = parameters.endpoint
|
|
17
|
-
if
|
|
18
|
-
if Aws::Endpoints::Matchers.set?(endpoint) && (url = Aws::Endpoints::Matchers.parse_url(endpoint))
|
|
19
|
-
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
|
20
|
-
raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
|
|
21
|
-
end
|
|
22
|
-
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
23
|
-
raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
|
|
24
|
-
end
|
|
25
|
-
return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
|
|
26
|
-
end
|
|
27
|
-
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
28
|
-
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
|
29
|
-
return Aws::Endpoints::Endpoint.new(url: "https://signer-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
30
|
-
end
|
|
31
|
-
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
|
32
|
-
end
|
|
17
|
+
if Aws::Endpoints::Matchers.set?(endpoint)
|
|
33
18
|
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
|
34
|
-
|
|
35
|
-
return Aws::Endpoints::Endpoint.new(url: "https://signer-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
36
|
-
end
|
|
37
|
-
raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
|
|
19
|
+
raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
|
|
38
20
|
end
|
|
39
21
|
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
40
|
-
|
|
41
|
-
|
|
22
|
+
raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
|
|
23
|
+
end
|
|
24
|
+
return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
|
|
25
|
+
end
|
|
26
|
+
if Aws::Endpoints::Matchers.set?(region)
|
|
27
|
+
if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
|
|
28
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
29
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
|
30
|
+
return Aws::Endpoints::Endpoint.new(url: "https://signer-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
31
|
+
end
|
|
32
|
+
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
|
33
|
+
end
|
|
34
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
|
35
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
|
|
36
|
+
return Aws::Endpoints::Endpoint.new(url: "https://signer-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
37
|
+
end
|
|
38
|
+
raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
|
|
39
|
+
end
|
|
40
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
41
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
|
42
|
+
return Aws::Endpoints::Endpoint.new(url: "https://signer.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
43
|
+
end
|
|
44
|
+
raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
|
|
42
45
|
end
|
|
43
|
-
|
|
46
|
+
return Aws::Endpoints::Endpoint.new(url: "https://signer.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
44
47
|
end
|
|
45
|
-
return Aws::Endpoints::Endpoint.new(url: "https://signer.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
46
48
|
end
|
|
49
|
+
raise ArgumentError, "Invalid Configuration: Missing Region"
|
|
47
50
|
raise ArgumentError, 'No endpoint could be resolved'
|
|
48
51
|
|
|
49
52
|
end
|
|
@@ -9,6 +9,7 @@
|
|
|
9
9
|
|
|
10
10
|
|
|
11
11
|
module Aws::Signer
|
|
12
|
+
# @api private
|
|
12
13
|
module Endpoints
|
|
13
14
|
|
|
14
15
|
class AddProfilePermission
|
|
@@ -53,6 +54,20 @@ module Aws::Signer
|
|
|
53
54
|
end
|
|
54
55
|
end
|
|
55
56
|
|
|
57
|
+
class GetRevocationStatus
|
|
58
|
+
def self.build(context)
|
|
59
|
+
unless context.config.regional_endpoint
|
|
60
|
+
endpoint = context.config.endpoint.to_s
|
|
61
|
+
end
|
|
62
|
+
Aws::Signer::EndpointParameters.new(
|
|
63
|
+
region: context.config.region,
|
|
64
|
+
use_dual_stack: context.config.use_dualstack_endpoint,
|
|
65
|
+
use_fips: context.config.use_fips_endpoint,
|
|
66
|
+
endpoint: endpoint,
|
|
67
|
+
)
|
|
68
|
+
end
|
|
69
|
+
end
|
|
70
|
+
|
|
56
71
|
class GetSigningPlatform
|
|
57
72
|
def self.build(context)
|
|
58
73
|
unless context.config.regional_endpoint
|
|
@@ -207,6 +222,20 @@ module Aws::Signer
|
|
|
207
222
|
end
|
|
208
223
|
end
|
|
209
224
|
|
|
225
|
+
class SignPayload
|
|
226
|
+
def self.build(context)
|
|
227
|
+
unless context.config.regional_endpoint
|
|
228
|
+
endpoint = context.config.endpoint.to_s
|
|
229
|
+
end
|
|
230
|
+
Aws::Signer::EndpointParameters.new(
|
|
231
|
+
region: context.config.region,
|
|
232
|
+
use_dual_stack: context.config.use_dualstack_endpoint,
|
|
233
|
+
use_fips: context.config.use_fips_endpoint,
|
|
234
|
+
endpoint: endpoint,
|
|
235
|
+
)
|
|
236
|
+
end
|
|
237
|
+
end
|
|
238
|
+
|
|
210
239
|
class StartSigningJob
|
|
211
240
|
def self.build(context)
|
|
212
241
|
unless context.config.regional_endpoint
|
|
@@ -62,6 +62,8 @@ module Aws::Signer
|
|
|
62
62
|
Aws::Signer::Endpoints::CancelSigningProfile.build(context)
|
|
63
63
|
when :describe_signing_job
|
|
64
64
|
Aws::Signer::Endpoints::DescribeSigningJob.build(context)
|
|
65
|
+
when :get_revocation_status
|
|
66
|
+
Aws::Signer::Endpoints::GetRevocationStatus.build(context)
|
|
65
67
|
when :get_signing_platform
|
|
66
68
|
Aws::Signer::Endpoints::GetSigningPlatform.build(context)
|
|
67
69
|
when :get_signing_profile
|
|
@@ -84,6 +86,8 @@ module Aws::Signer
|
|
|
84
86
|
Aws::Signer::Endpoints::RevokeSignature.build(context)
|
|
85
87
|
when :revoke_signing_profile
|
|
86
88
|
Aws::Signer::Endpoints::RevokeSigningProfile.build(context)
|
|
89
|
+
when :sign_payload
|
|
90
|
+
Aws::Signer::Endpoints::SignPayload.build(context)
|
|
87
91
|
when :start_signing_job
|
|
88
92
|
Aws::Signer::Endpoints::StartSigningJob.build(context)
|
|
89
93
|
when :tag_resource
|
data/lib/aws-sdk-signer/types.rb
CHANGED
|
@@ -285,6 +285,57 @@ module Aws::Signer
|
|
|
285
285
|
include Aws::Structure
|
|
286
286
|
end
|
|
287
287
|
|
|
288
|
+
# @!attribute [rw] signature_timestamp
|
|
289
|
+
# The timestamp of the signature that validates the profile or job.
|
|
290
|
+
# @return [Time]
|
|
291
|
+
#
|
|
292
|
+
# @!attribute [rw] platform_id
|
|
293
|
+
# The ID of a signing platform.
|
|
294
|
+
# @return [String]
|
|
295
|
+
#
|
|
296
|
+
# @!attribute [rw] profile_version_arn
|
|
297
|
+
# The version of a signing profile.
|
|
298
|
+
# @return [String]
|
|
299
|
+
#
|
|
300
|
+
# @!attribute [rw] job_arn
|
|
301
|
+
# The ARN of a signing job.
|
|
302
|
+
# @return [String]
|
|
303
|
+
#
|
|
304
|
+
# @!attribute [rw] certificate_hashes
|
|
305
|
+
# A list of composite signed hashes that identify certificates.
|
|
306
|
+
#
|
|
307
|
+
# A certificate identifier consists of a subject certificate TBS hash
|
|
308
|
+
# (signed by the parent CA) combined with a parent CA TBS hash (signed
|
|
309
|
+
# by the parent CA’s CA). Root certificates are defined as their own
|
|
310
|
+
# CA.
|
|
311
|
+
# @return [Array<String>]
|
|
312
|
+
#
|
|
313
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/signer-2017-08-25/GetRevocationStatusRequest AWS API Documentation
|
|
314
|
+
#
|
|
315
|
+
class GetRevocationStatusRequest < Struct.new(
|
|
316
|
+
:signature_timestamp,
|
|
317
|
+
:platform_id,
|
|
318
|
+
:profile_version_arn,
|
|
319
|
+
:job_arn,
|
|
320
|
+
:certificate_hashes)
|
|
321
|
+
SENSITIVE = []
|
|
322
|
+
include Aws::Structure
|
|
323
|
+
end
|
|
324
|
+
|
|
325
|
+
# @!attribute [rw] revoked_entities
|
|
326
|
+
# A list of revoked entities (including one or more of the signing
|
|
327
|
+
# profile ARN, signing job ID, and certificate hash) supplied as input
|
|
328
|
+
# to the API.
|
|
329
|
+
# @return [Array<String>]
|
|
330
|
+
#
|
|
331
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/signer-2017-08-25/GetRevocationStatusResponse AWS API Documentation
|
|
332
|
+
#
|
|
333
|
+
class GetRevocationStatusResponse < Struct.new(
|
|
334
|
+
:revoked_entities)
|
|
335
|
+
SENSITIVE = []
|
|
336
|
+
include Aws::Structure
|
|
337
|
+
end
|
|
338
|
+
|
|
288
339
|
# @!attribute [rw] platform_id
|
|
289
340
|
# The ID of the target signing platform.
|
|
290
341
|
# @return [String]
|
|
@@ -1048,6 +1099,62 @@ module Aws::Signer
|
|
|
1048
1099
|
include Aws::Structure
|
|
1049
1100
|
end
|
|
1050
1101
|
|
|
1102
|
+
# @!attribute [rw] profile_name
|
|
1103
|
+
# The name of the signing profile.
|
|
1104
|
+
# @return [String]
|
|
1105
|
+
#
|
|
1106
|
+
# @!attribute [rw] profile_owner
|
|
1107
|
+
# The AWS account ID of the profile owner.
|
|
1108
|
+
# @return [String]
|
|
1109
|
+
#
|
|
1110
|
+
# @!attribute [rw] payload
|
|
1111
|
+
# Specifies the object digest (hash) to sign.
|
|
1112
|
+
# @return [String]
|
|
1113
|
+
#
|
|
1114
|
+
# @!attribute [rw] payload_format
|
|
1115
|
+
# Payload content type
|
|
1116
|
+
# @return [String]
|
|
1117
|
+
#
|
|
1118
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/signer-2017-08-25/SignPayloadRequest AWS API Documentation
|
|
1119
|
+
#
|
|
1120
|
+
class SignPayloadRequest < Struct.new(
|
|
1121
|
+
:profile_name,
|
|
1122
|
+
:profile_owner,
|
|
1123
|
+
:payload,
|
|
1124
|
+
:payload_format)
|
|
1125
|
+
SENSITIVE = []
|
|
1126
|
+
include Aws::Structure
|
|
1127
|
+
end
|
|
1128
|
+
|
|
1129
|
+
# @!attribute [rw] job_id
|
|
1130
|
+
# Unique identifier of the signing job.
|
|
1131
|
+
# @return [String]
|
|
1132
|
+
#
|
|
1133
|
+
# @!attribute [rw] job_owner
|
|
1134
|
+
# The AWS account ID of the job owner.
|
|
1135
|
+
# @return [String]
|
|
1136
|
+
#
|
|
1137
|
+
# @!attribute [rw] metadata
|
|
1138
|
+
# Information including the signing profile ARN and the signing job
|
|
1139
|
+
# ID. Clients use metadata to signature records, for example, as
|
|
1140
|
+
# annotations added to the signature manifest inside an OCI registry.
|
|
1141
|
+
# @return [Hash<String,String>]
|
|
1142
|
+
#
|
|
1143
|
+
# @!attribute [rw] signature
|
|
1144
|
+
# A cryptographic signature.
|
|
1145
|
+
# @return [String]
|
|
1146
|
+
#
|
|
1147
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/signer-2017-08-25/SignPayloadResponse AWS API Documentation
|
|
1148
|
+
#
|
|
1149
|
+
class SignPayloadResponse < Struct.new(
|
|
1150
|
+
:job_id,
|
|
1151
|
+
:job_owner,
|
|
1152
|
+
:metadata,
|
|
1153
|
+
:signature)
|
|
1154
|
+
SENSITIVE = []
|
|
1155
|
+
include Aws::Structure
|
|
1156
|
+
end
|
|
1157
|
+
|
|
1051
1158
|
# The validity period for a signing job.
|
|
1052
1159
|
#
|
|
1053
1160
|
# @!attribute [rw] value
|
|
@@ -1269,7 +1376,7 @@ module Aws::Signer
|
|
|
1269
1376
|
# that are used to perform a code signing job.
|
|
1270
1377
|
#
|
|
1271
1378
|
# @!attribute [rw] platform_id
|
|
1272
|
-
# The ID of a code signing
|
|
1379
|
+
# The ID of a code signing platform.
|
|
1273
1380
|
# @return [String]
|
|
1274
1381
|
#
|
|
1275
1382
|
# @!attribute [rw] display_name
|
data/lib/aws-sdk-signer.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-signer
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.43.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2023-
|
|
11
|
+
date: 2023-06-15 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|