feat: optimize s3 module string constants (#240)

Author: jlon

curvine-s3-gateway/src/auth/sig_v4.rs

@@ -26,6 +26,7 @@ pub trait VHeader {
 }
 
 use crate::s3::error::Error;
+use crate::utils::consts::*;
 use crate::utils::GenericResult;
 #[derive(Debug)]
 pub struct BaseArgs {
@@ -103,7 +104,7 @@ pub fn extract_args<R: VHeader>(r: &R) -> Result<BaseArgs, AuthError> {
             // Special handling for common S3 content hash values
             let normalized_content_hash = match content_hash.as_str() {
                 "UNSIGNED-PAYLOAD" => content_hash,
-                "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" => content_hash,
+                EMPTY_PAYLOAD_HASH => content_hash,
                 _ => content_hash,
             };
 
@@ -223,7 +224,7 @@ pub fn get_v4_signature<T: VHeader, S: ToString>(
 fn get_v4_ksigning(secretkey: &str, region: &str, xamz_date: &str) -> GenericResult<[u8; 32]> {
     let mut ksign = [0u8; 32];
     circle_hmac_sha256(
-        format!("AWS4{secretkey}").as_str(),
+        format!("{}{}", "AWS4", secretkey).as_str(),
         vec![
             &xamz_date.as_bytes()[..8],
             region.as_bytes(),
@@ -285,8 +286,16 @@ impl HmacSha256CircleHasher {
         }
         let mut hsh = ans.unwrap();
         let tosign = format!(
-            "AWS4-HMAC-SHA256-PAYLOAD\n{}\n{}/{}/s3/aws4_request\n{}\ne3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855\n{}",
-            self.xamz_date, self.date, self.region, self.last_hash, curr_hsh
+            "{}\n{}\n{}/{}/{}/{}\n{}\n{}\n{}",
+            "AWS4-HMAC-SHA256-PAYLOAD",
+            self.xamz_date,
+            self.date,
+            self.region,
+            "s3",
+            "aws4_request",
+            self.last_hash,
+            EMPTY_PAYLOAD_HASH,
+            curr_hsh
         );
         hsh.update(tosign.as_bytes());
         let ans = hsh.finalize().into_bytes();
@@ -331,169 +340,3 @@ impl V4Head {
         &mut self.circle_hasher
     }
 }
-
-#[cfg(test)]
-mod v4test {
-    use std::{collections::HashMap, io::Write};
-    extern crate sha1;
-    use self::sha1::Digest;
-
-    use crate::utils::{BaseKv, GenericResult};
-
-    use super::VHeader;
-    impl VHeader for HashMap<String, String> {
-        fn get_header(&self, key: &str) -> Option<String> {
-            let ans = self.get(key);
-            ans.cloned()
-        }
-
-        fn set_header(&mut self, key: &str, val: &str) {
-            self.insert(key.to_string(), val.to_string());
-        }
-
-        fn delete_header(&mut self, key: &str) {
-            self.remove(key);
-        }
-
-        fn rng_header(&self, mut cb: impl FnMut(&str, &str) -> bool) {
-            self.iter().all(|(k, v)| cb(k, v));
-        }
-    }
-    #[test]
-    fn v4_signature_test() -> GenericResult<()> {
-        //case1
-        let mut hm = HashMap::new();
-        hm.insert("x-amz-date".to_string(), "20250407T021123Z".to_string());
-        hm.insert(
-            "x-amz-content-sha256".to_string(),
-            "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855".to_string(),
-        );
-        hm.insert("host".to_string(), "127.0.0.1:9000".to_string());
-        let (signature, _) = super::get_v4_signature(
-            &hm,
-            "GET",
-            "us-east-1",
-            "s3",
-            "/",
-            "root12345",
-            "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
-            &["host", "x-amz-content-sha256", "x-amz-date"],
-            vec![],
-        )?;
-        assert!(
-            signature == "2e3e50b8ab771944088edcda925d886a078ec2442e8504f58e1ac3ef8a2f40fc",
-            "expect 2e3e50b8ab771944088edcda925d886a078ec2442e8504f58e1ac3ef8a2f40fc, get {}",
-            signature,
-        );
-        //case2
-        let mut hm = HashMap::new();
-        hm.insert("x-amz-date".to_string(), "20250407T060526Z".to_string());
-        hm.insert(
-            "x-amz-content-sha256".to_string(),
-            "STREAMING-AWS4-HMAC-SHA256-PAYLOAD".to_string(),
-        );
-        hm.insert("host".to_string(), "127.0.0.1:9000".to_string());
-        hm.insert("x-amz-decoded-content-length".to_string(), "6".to_string());
-        let (signature, _) = super::get_v4_signature(
-            &hm,
-            "PUT",
-            "us-east-1",
-            "s3",
-            "/test/hello.txt",
-            "root12345",
-            "STREAMING-AWS4-HMAC-SHA256-PAYLOAD",
-            &[
-                "host",
-                "x-amz-content-sha256",
-                "x-amz-date",
-                "x-amz-decoded-content-length",
-            ],
-            vec![],
-        )?;
-        assert!(
-            signature == "ae05fb994613c1a72e9f1d3bf14de119155587b955ca7d5589a056e7ffab680f",
-            "expect ae05fb994613c1a72e9f1d3bf14de119155587b955ca7d5589a056e7ffab680f,get {}",
-            signature
-        );
-        //case3
-        let mut hm = HashMap::new();
-        hm.insert("x-amz-date".to_string(), "20250410T124056Z".to_string());
-        hm.insert(
-            "x-amz-content-sha256".to_string(),
-            "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855".to_string(),
-        );
-        hm.insert("host".to_string(), "127.0.0.1:9000".to_string());
-        let (signature, _) = super::get_v4_signature(
-            &hm,
-            "GET",
-            "us-east-1",
-            "s3",
-            "/test/",
-            "root12345",
-            "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
-            &["host", "x-amz-content-sha256", "x-amz-date"],
-            vec![BaseKv {
-                key: "location".to_string(),
-                val: "".to_string(),
-            }],
-        )?;
-        assert!(
-            signature == "f51cf31bf489474692475a74706f9382c7ba0e93e0d657dc9696efa83fc3906a",
-            "expect f51cf31bf489474692475a74706f9382c7ba0e93e0d657dc9696efa83fc3906a, get {}",
-            signature,
-        );
-        Ok(())
-    }
-    #[test]
-    fn v4_chunk_signature_test() -> Result<(), Box<dyn std::error::Error>> {
-        let mut hm = HashMap::new();
-        hm.insert("x-amz-date".to_string(), "20250407T060526Z".to_string());
-        hm.insert(
-            "x-amz-content-sha256".to_string(),
-            "STREAMING-AWS4-HMAC-SHA256-PAYLOAD".to_string(),
-        );
-        hm.insert("host".to_string(), "127.0.0.1:9000".to_string());
-        hm.insert("x-amz-decoded-content-length".to_string(), "6".to_string());
-        let (headersignature, _) = super::get_v4_signature(
-            &hm,
-            "PUT",
-            "us-east-1",
-            "s3",
-            "/test/hello.txt",
-            "root12345",
-            "STREAMING-AWS4-HMAC-SHA256-PAYLOAD",
-            &[
-                "host",
-                "x-amz-content-sha256",
-                "x-amz-date",
-                "x-amz-decoded-content-length",
-            ],
-            vec![],
-        )?;
-        let ksigning = super::get_v4_ksigning("root12345", "us-east-1", "20250407T060526Z")?;
-
-        let mut hsch = super::HmacSha256CircleHasher::new(
-            ksigning,
-            headersignature,
-            "20250407T060526Z".to_string(),
-            "us-east-1".to_string(),
-        );
-        let mut hsh = sha2::Sha256::default();
-        let _ = hsh.write_all("hello\n".as_bytes());
-        let ans = hsh.finalize();
-        let hsh = hsch.next(hex::encode(ans).as_str())?;
-        assert!(
-            hsh == "fe78329ef4be9a33af1ffb23c435cf9d985c79dc65911ac78a66317f5a0521bb",
-            "expect fe78329ef4be9a33af1ffb23c435cf9d985c79dc65911ac78a66317f5a0521bb,get {}",
-            hsh
-        );
-        let final_chunk_hsh =
-            hsch.next("e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855")?;
-        assert!(
-            final_chunk_hsh == "9095844b0da3ae2e9fe65b372662c4beadfc38ebe5a709b16ea9b03d427d03ad",
-            "expect 9095844b0da3ae2e9fe65b372662c4beadfc38ebe5a709b16ea9b03d427d03ad,get {}",
-            final_chunk_hsh
-        );
-        Ok(())
-    }
-}

curvine-s3-gateway/src/http/axum.rs

@@ -21,6 +21,7 @@ use crate::auth::sig_v4;
 use crate::s3::s3_api::VRequest;
 use crate::s3::VRequestPlus;
 use axum::body;
+
 // use std::sync::Arc; // Used via std::sync::Arc in code
 
 pub struct Request {

curvine-s3-gateway/src/s3/s3_api.rs

@@ -85,7 +85,7 @@ impl std::fmt::Display for ArchiveStatus {
     }
 }
 
-static OWNER_ID: &str = "ffffffffffffffff";
+static OWNER_ID: &str = DEFAULT_OWNER_ID;
 pub type DateTime = chrono::DateTime<chrono::Utc>;
 
 pub trait VRequest: crate::auth::sig_v4::VHeader {
@@ -258,6 +258,7 @@ use serde::Serialize;
 use sha1::Digest;
 use tokio::io::AsyncSeekExt;
 
+use crate::utils::consts::*;
 use crate::utils::io::{PollRead, PollWrite};
 
 #[derive(Debug, Serialize)]
@@ -1174,7 +1175,7 @@ pub async fn handle_put_object<T: VRequest + BodyReader, F: VResponse>(
                     .write(true)
                     .read(true)
                     .mode(0o644)
-                    .open(format!(".sys_bws/{}", cs))
+                    .open(format!("{}{}", ".sys_bws/", cs))
                     .await
                 {
                     Ok(mut fd) => match parse_body(r, &mut fd, &cs, content_length).await {
@@ -1219,7 +1220,7 @@ pub async fn handle_put_object<T: VRequest + BodyReader, F: VResponse>(
         }
         ContentSha256::Streaming => {
             let file_name = uuid::Uuid::new_v4().to_string()[..8].to_string();
-            let file_name = format!(".sys_bws/{}", file_name);
+            let file_name = format!("{}{}", ".sys_bws/", file_name);
             let ret = match tokio::fs::OpenOptions::new()
                 .create_new(true)
                 .write(true)
@@ -1287,7 +1288,7 @@ pub async fn handle_put_object<T: VRequest + BodyReader, F: VResponse>(
         ContentSha256::Unsigned => {
             // No hash verification; stream body into a temp file, then pass to handler
             let file_name = uuid::Uuid::new_v4().to_string()[..8].to_string();
-            let file_name = format!(".sys_bws/{}", file_name);
+            let file_name = format!("{}{}", ".sys_bws/", file_name);
             let ret = match tokio::fs::OpenOptions::new()
                 .create_new(true)
                 .write(true)
@@ -2174,7 +2175,8 @@ async fn get_body_stream<T: crate::utils::io::PollRead + Send, H: crate::auth::s
                     None,
                 ));
             } else {
-                let file_name = format!(".sys_bws/{}", &uuid::Uuid::new_v4().to_string()[..8]);
+                let file_name =
+                    format!("{}{}", ".sys_bws/", &uuid::Uuid::new_v4().to_string()[..8]);
                 let mut fd = tokio::fs::OpenOptions::new()
                     .create_new(true)
                     .write(true)

curvine-s3-gateway/src/utils/consts.rs

@@ -0,0 +1,18 @@
+// Copyright 2025 OPPO.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+pub const EMPTY_PAYLOAD_HASH: &str =
+    "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855";
+
+pub const DEFAULT_OWNER_ID: &str = "ffffffffffffffff";

curvine-s3-gateway/src/utils/mod.rs

@@ -17,7 +17,10 @@ use std::io::Write;
 use bytes::BytesMut;
 use sha1::Digest;
 
+use crate::utils::consts::*;
+
 pub type GenericResult<T> = Result<T, String>;
+pub mod consts;
 pub mod s3_utils;
 #[derive(Debug)]
 pub struct BaseKv<K: PartialOrd, V> {
@@ -123,15 +126,13 @@ async fn parse_buff<W: tokio::io::AsyncWrite + Send + Unpin>(
                     })?);
                     if let Some(hdr) = head {
                         if hdr.content_size == 0 {
-                            let next=circle_hasher.next(
-                                    "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
-                                ).unwrap();
+                            let next = circle_hasher.next(EMPTY_PAYLOAD_HASH).unwrap();
                             if hdr.signature.as_str() == next.as_str() {
                                 log::info!("all signature verify pass");
                                 state = ParseProcessState::End;
                                 return Ok(state);
                             } else {
-                                log::info!("hash no match expect {next} got {}", hdr.signature);
+                                log::info!("hash no match expect {} got {}", next, hdr.signature);
                                 return Err(ChunkParseError::HashNoMatch);
                             }
                         }

curvine-s3-gateway/src/utils/s3_utils.rs

@@ -117,7 +117,10 @@ pub fn create_metadata_map(file_status: &FileStatus) -> HashMap<String, String>
     // Add custom attributes from x_attr
     for (key, value) in &file_status.x_attr {
         if let Ok(value_str) = String::from_utf8(value.clone()) {
-            metadata.insert(format!("x-amz-meta-{}", key.to_lowercase()), value_str);
+            metadata.insert(
+                format!("{}{}", "x-amz-meta-", key.to_lowercase()),
+                value_str,
+            );
         }
     }