本文整理匯總了Java中com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider類的典型用法代碼示例。如果您正苦於以下問題:Java StaticEncryptionMaterialsProvider類的具體用法?Java StaticEncryptionMaterialsProvider怎麽用?Java StaticEncryptionMaterialsProvider使用的例子?那麽, 這裏精選的類代碼示例或許可以為您提供幫助。
StaticEncryptionMaterialsProvider類屬於com.amazonaws.services.s3.model包,在下文中一共展示了StaticEncryptionMaterialsProvider類的9個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: authenticatedEncryption_CustomerManagedKey
import com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider; //導入依賴的package包/類
/**
* Uses AES/GCM with AESWrap key wrapping to encrypt the key. Uses v2 metadata schema. Note that authenticated
* encryption requires the bouncy castle provider to be on the classpath. Also, for authenticated encryption the size
* of the data can be no longer than 64 GB.
*/
public void authenticatedEncryption_CustomerManagedKey() throws NoSuchAlgorithmException {
SecretKey secretKey = KeyGenerator.getInstance("AES").generateKey();
AmazonS3Encryption s3Encryption = AmazonS3EncryptionClientBuilder
.standard()
.withRegion(Regions.US_WEST_2)
.withCryptoConfiguration(new CryptoConfiguration(CryptoMode.AuthenticatedEncryption))
.withEncryptionMaterials(new StaticEncryptionMaterialsProvider(new EncryptionMaterials(secretKey)))
.build();
AmazonS3 s3NonEncrypt = AmazonS3ClientBuilder.defaultClient();
s3Encryption.putObject(BUCKET_NAME, ENCRYPTED_KEY, "some contents");
s3NonEncrypt.putObject(BUCKET_NAME, NON_ENCRYPTED_KEY, "some other contents");
System.out.println(s3Encryption.getObjectAsString(BUCKET_NAME, ENCRYPTED_KEY));
System.out.println(s3Encryption.getObjectAsString(BUCKET_NAME, NON_ENCRYPTED_KEY));
}
示例2: authenticatedEncryption_RangeGet_CustomerManagedKey
import com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider; //導入依賴的package包/類
/**
* For ranged GET we do not use authenticated encryption since we aren't reading the entire message and can't produce the
* MAC. Instead we use AES/CTR, an unauthenticated encryption algorithm. If {@link CryptoMode#StrictAuthenticatedEncryption}
* is enabled, ranged GETs will not be allowed since they do not use authenticated encryption..
*/
public void authenticatedEncryption_RangeGet_CustomerManagedKey() throws NoSuchAlgorithmException {
SecretKey secretKey = KeyGenerator.getInstance("AES").generateKey();
AmazonS3Encryption s3Encryption = AmazonS3EncryptionClientBuilder
.standard()
.withRegion(Regions.US_WEST_2)
.withCryptoConfiguration(new CryptoConfiguration(CryptoMode.AuthenticatedEncryption))
.withEncryptionMaterials(new StaticEncryptionMaterialsProvider(new EncryptionMaterials(secretKey)))
.build();
AmazonS3 s3NonEncrypt = AmazonS3ClientBuilder.defaultClient();
s3Encryption.putObject(BUCKET_NAME, ENCRYPTED_KEY, "some contents");
s3NonEncrypt.putObject(BUCKET_NAME, NON_ENCRYPTED_KEY, "some other contents");
System.out.println(s3Encryption.getObjectAsString(BUCKET_NAME, ENCRYPTED_KEY));
System.out.println(s3Encryption.getObjectAsString(BUCKET_NAME, NON_ENCRYPTED_KEY));
}
示例3: authenticatedEncryption_CustomerManagedAsymmetricKey
import com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider; //導入依賴的package包/類
/**
* Same as {@link #authenticatedEncryption_CustomerManagedKey()} except uses an asymmetric key pair and
* RSA/ECB/OAEPWithSHA-256AndMGF1Padding as the key wrapping algorithm.
*/
public void authenticatedEncryption_CustomerManagedAsymmetricKey() throws NoSuchAlgorithmException {
KeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
AmazonS3Encryption s3Encryption = AmazonS3EncryptionClientBuilder
.standard()
.withRegion(Regions.US_WEST_2)
.withCryptoConfiguration(new CryptoConfiguration(CryptoMode.AuthenticatedEncryption))
.withEncryptionMaterials(new StaticEncryptionMaterialsProvider(new EncryptionMaterials(keyPair)))
.build();
AmazonS3 s3NonEncrypt = AmazonS3ClientBuilder.defaultClient();
s3Encryption.putObject(BUCKET_NAME, ENCRYPTED_KEY, "some contents");
s3NonEncrypt.putObject(BUCKET_NAME, NON_ENCRYPTED_KEY, "some other contents");
System.out.println(s3Encryption.getObjectAsString(BUCKET_NAME, ENCRYPTED_KEY));
System.out.println(s3Encryption.getObjectAsString(BUCKET_NAME, NON_ENCRYPTED_KEY));
}
示例4: strictAuthenticatedEncryption_CustomerManagedKey
import com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider; //導入依賴的package包/類
/**
* Uses AES/GCM with AESWrap key wrapping to encrypt the key. Uses v2 metadata schema. The only difference between this and
* {@link #authenticatedEncryption_CustomerManagedKey()} is that attempting to retrieve an object non
* encrypted with AES/GCM will thrown an exception instead of falling back to encryption only or plaintext GET.
*/
public void strictAuthenticatedEncryption_CustomerManagedKey() throws NoSuchAlgorithmException {
SecretKey secretKey = KeyGenerator.getInstance("AES").generateKey();
AmazonS3Encryption s3Encryption = AmazonS3EncryptionClientBuilder
.standard()
.withRegion(Regions.US_WEST_2)
.withCryptoConfiguration(new CryptoConfiguration(CryptoMode.StrictAuthenticatedEncryption))
.withEncryptionMaterials(new StaticEncryptionMaterialsProvider(new EncryptionMaterials(secretKey)))
.build();
AmazonS3 s3NonEncrypt = AmazonS3ClientBuilder.defaultClient();
s3Encryption.putObject(BUCKET_NAME, ENCRYPTED_KEY, "some contents");
s3NonEncrypt.putObject(BUCKET_NAME, NON_ENCRYPTED_KEY, "some other contents");
System.out.println(s3Encryption.getObjectAsString(BUCKET_NAME, ENCRYPTED_KEY));
try {
s3Encryption.getObjectAsString(BUCKET_NAME, NON_ENCRYPTED_KEY);
} catch (SecurityException e) {
// Strict authenticated encryption will throw an exception if an object is not encrypted with AES/GCM
System.err.println(NON_ENCRYPTED_KEY + " was not encrypted with AES/GCM");
}
}
示例5: strictAuthenticatedEncryption_RangeGet_CustomerManagedKey
import com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider; //導入依賴的package包/類
/**
* Strict authenticated encryption mode does not support ranged GETs. This is because we must use AES/CTR for ranged
* GETs which is not an authenticated encryption algorithm. To do a partial get using authenticated encryption you have to
* get the whole object and filter to the data you want.
*/
public void strictAuthenticatedEncryption_RangeGet_CustomerManagedKey() throws NoSuchAlgorithmException {
SecretKey secretKey = KeyGenerator.getInstance("AES").generateKey();
AmazonS3Encryption s3Encryption = AmazonS3EncryptionClientBuilder
.standard()
.withRegion(Regions.US_WEST_2)
.withCryptoConfiguration(new CryptoConfiguration(CryptoMode.StrictAuthenticatedEncryption))
.withEncryptionMaterials(new StaticEncryptionMaterialsProvider(new EncryptionMaterials(secretKey)))
.build();
s3Encryption.putObject(BUCKET_NAME, ENCRYPTED_KEY, "some contents");
try {
s3Encryption.getObject(new GetObjectRequest(BUCKET_NAME, ENCRYPTED_KEY).withRange(0, 2));
} catch (SecurityException e) {
System.err.println("Range GET is not supported with authenticated encryption");
}
}
示例6: encryptionOnly_CustomerManagedKey
import com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider; //導入依賴的package包/類
/**
* Uses AES/CBC algorithm, no key wrapping.
*/
public void encryptionOnly_CustomerManagedKey() throws NoSuchAlgorithmException {
SecretKey secretKey = KeyGenerator.getInstance("AES").generateKey();
AmazonS3Encryption s3Encryption = AmazonS3EncryptionClientBuilder
.standard()
.withRegion(Regions.US_WEST_2)
.withCryptoConfiguration(new CryptoConfiguration(CryptoMode.EncryptionOnly))
.withEncryptionMaterials(new StaticEncryptionMaterialsProvider(new EncryptionMaterials(secretKey)))
.build();
AmazonS3 s3NonEncrypt = AmazonS3ClientBuilder.defaultClient();
s3Encryption.putObject(BUCKET_NAME, ENCRYPTED_KEY, "some contents");
s3NonEncrypt.putObject(BUCKET_NAME, NON_ENCRYPTED_KEY, "some other contents");
System.out.println(s3Encryption.getObjectAsString(BUCKET_NAME, ENCRYPTED_KEY));
System.out.println(s3Encryption.getObjectAsString(BUCKET_NAME, NON_ENCRYPTED_KEY));
}
示例7: encryptionOnly_CustomerManagedAsymetricKey
import com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider; //導入依賴的package包/類
/**
* Uses an asymmetric key pair instead of a symmetric key. Note this does not change the algorithm used to encrypt
* the content, that will still be a symmetric key algorithm (AES/CBC in this case) using the derived CEK. It does impact
* the algorithm used to encrypt the CEK, in this case we use RSA/ECB/OAEPWithSHA-256AndMGF1Padding.
*/
public void encryptionOnly_CustomerManagedAsymetricKey() throws NoSuchAlgorithmException {
KeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
AmazonS3Encryption s3Encryption = AmazonS3EncryptionClientBuilder
.standard()
.withRegion(Regions.US_WEST_2)
.withCryptoConfiguration(new CryptoConfiguration(CryptoMode.EncryptionOnly))
.withEncryptionMaterials(new StaticEncryptionMaterialsProvider(new EncryptionMaterials(keyPair)))
.build();
AmazonS3 s3NonEncrypt = AmazonS3ClientBuilder.defaultClient();
s3Encryption.putObject(BUCKET_NAME, ENCRYPTED_KEY, "some contents");
s3NonEncrypt.putObject(BUCKET_NAME, NON_ENCRYPTED_KEY, "some other contents");
System.out.println(s3Encryption.getObjectAsString(BUCKET_NAME, ENCRYPTED_KEY));
System.out.println(s3Encryption.getObjectAsString(BUCKET_NAME, NON_ENCRYPTED_KEY));
}
示例8: encryptionOnly_RangeGet_CustomerManagedKey
import com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider; //導入依賴的package包/類
/**
* Non-authenticated encryption schemes can do range GETs without an issue.
*/
public void encryptionOnly_RangeGet_CustomerManagedKey() throws NoSuchAlgorithmException {
SecretKey secretKey = KeyGenerator.getInstance("AES").generateKey();
AmazonS3Encryption s3Encryption = AmazonS3EncryptionClientBuilder
.standard()
.withRegion(Regions.US_WEST_2)
.withCryptoConfiguration(new CryptoConfiguration(CryptoMode.EncryptionOnly))
.withEncryptionMaterials(new StaticEncryptionMaterialsProvider(new EncryptionMaterials(secretKey)))
.build();
s3Encryption.putObject(BUCKET_NAME, ENCRYPTED_KEY, "some contents");
System.out.println(s3Encryption.getObject(new GetObjectRequest(BUCKET_NAME, ENCRYPTED_KEY)
.withRange(0, 2)));
}
示例9: AmazonS3EncryptionClient
import com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider; //導入依賴的package包/類
/**
* <p>
* Constructs a new Amazon S3 Encryption client that will make <b>anonymous</b>
* requests to Amazon S3. If {@link #getObject(String, String)} is called,
* the object contents will be decrypted with the encryption materials provided.
* The encryption implementation of the provided crypto provider will be
* used to encrypt and decrypt data.
* </p>
* <p>
* Only a subset of the Amazon S3 API will work with anonymous
* <i>(i.e. unsigned)</i> requests, but this can prove useful in some situations.
* For example:
* <ul>
* <li>If an Amazon S3 bucket has {@link Permission#Read} permission for the
* {@link GroupGrantee#AllUsers} group, anonymous clients can call
* {@link #listObjects(String)} to see what objects are stored in a bucket.</li>
* <li>If an object has {@link Permission#Read} permission for the
* {@link GroupGrantee#AllUsers} group, anonymous clients can call
* {@link #getObject(String, String)} and
* {@link #getObjectMetadata(String, String)} to pull object content and
* metadata.</li>
* <li>If a bucket has {@link Permission#Write} permission for the
* {@link GroupGrantee#AllUsers} group, anonymous clients can upload objects
* to the bucket.</li>
* </ul>
* </p>
*
* @param encryptionMaterials
* The encryption materials to be used to encrypt and decrypt data.
* @param cryptoConfig
* The crypto configuration whose parameters will be used to encrypt and decrypt data.
* @deprecated use {@link AmazonS3EncryptionClientBuilder#withEncryptionMaterials(EncryptionMaterialsProvider)} and
* {@link AmazonS3EncryptionClientBuilder#withCryptoConfiguration(CryptoConfiguration)}
*/
@Deprecated
public AmazonS3EncryptionClient(EncryptionMaterials encryptionMaterials,
CryptoConfiguration cryptoConfig) {
this(new StaticEncryptionMaterialsProvider(encryptionMaterials),
cryptoConfig);
}