runtime issue for xks-proxy with RSA_0 keyspec for AES_256 keys

[HarshVaragiya]

Problem:

Compiling xks-proxy server using latest version of rust and scratchstack-aws-signature version =0.10.5 , the server returns a runtime error with key metadata endpoint where the key spec returns RSA_0 as the keyspec rather than AES_256 . The error is silent in nature and the aws-kms-xksproxy-test-client does not flag the issue but prints out the response with RSA_0 as the response.

This issue also stops the xks-server from being added to the AWS Account as a Custom Key Store as the keyspec does not match.

Solution:

Without diving into the root cause of the issue, changing rust version to 1.75.0 fixes the runtime issue and the correct keyspec of AES_256 is returned.

[HarshVaragiya]