Search in sources :

Example 1 with AbstractPutObjectRequest

use of com.amazonaws.services.s3.model.AbstractPutObjectRequest in project aws-sdk-android by aws-amplify.

the class S3CryptoModuleBase method newS3CipherLiteInputStream.

private CipherLiteInputStream newS3CipherLiteInputStream(AbstractPutObjectRequest req, ContentCryptoMaterial cekMaterial, long plaintextLength) {
    final File fileOrig = req.getFile();
    final InputStream isOrig = req.getInputStream();
    InputStream isCurr = null;
    try {
        if (fileOrig == null) {
            // When input is a FileInputStream, this wrapping enables
            // unlimited mark-and-reset
            isCurr = isOrig == null ? null : ReleasableInputStream.wrap(isOrig);
        } else {
            isCurr = new ResettableInputStream(fileOrig);
        }
        if (plaintextLength > -1) {
            // S3 allows a single PUT to be no more than 5GB, which
            // therefore won't exceed the maximum length that can be
            // encrypted either using any cipher such as CBC or GCM.
            // This ensures the plain-text read from the underlying data
            // stream has the same length as the expected total.
            isCurr = new LengthCheckInputStream(isCurr, plaintextLength, EXCLUDE_SKIPPED_BYTES);
        }
        final CipherLite cipherLite = cekMaterial.getCipherLite();
        if (cipherLite.markSupported()) {
            return new CipherLiteInputStream(isCurr, cipherLite, DEFAULT_BUFFER_SIZE);
        } else {
            return new RenewableCipherLiteInputStream(isCurr, cipherLite, DEFAULT_BUFFER_SIZE);
        }
    } catch (final Exception e) {
        cleanupDataSource(req, fileOrig, isOrig, isCurr, log);
        throw new AmazonClientException("Unable to create cipher input stream", e);
    }
}
Also used : LengthCheckInputStream(com.amazonaws.util.LengthCheckInputStream) LengthCheckInputStream(com.amazonaws.util.LengthCheckInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) ReleasableInputStream(com.amazonaws.internal.ReleasableInputStream) ResettableInputStream(com.amazonaws.internal.ResettableInputStream) SdkFilterInputStream(com.amazonaws.internal.SdkFilterInputStream) InputStream(java.io.InputStream) AmazonClientException(com.amazonaws.AmazonClientException) InstructionFile(com.amazonaws.services.s3.model.CryptoStorageMode.InstructionFile) File(java.io.File) ResettableInputStream(com.amazonaws.internal.ResettableInputStream) AmazonServiceException(com.amazonaws.AmazonServiceException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) AmazonClientException(com.amazonaws.AmazonClientException) IOException(java.io.IOException)

Example 2 with AbstractPutObjectRequest

use of com.amazonaws.services.s3.model.AbstractPutObjectRequest in project aws-sdk-android by aws-amplify.

the class S3CryptoModuleBase method wrapWithCipher.

/**
 * Returns the given <code>PutObjectRequest</code> but has the content as
 * input stream wrapped with a cipher, and configured with some meta data
 * and user metadata.
 */
protected final <R extends AbstractPutObjectRequest> R wrapWithCipher(final R request, ContentCryptoMaterial cekMaterial) {
    // Create a new metadata object if there is no metadata already.
    ObjectMetadata metadata = request.getMetadata();
    if (metadata == null) {
        metadata = new ObjectMetadata();
    }
    // Record the original Content MD5, if present, for the unencrypted data
    if (metadata.getContentMD5() != null) {
        metadata.addUserMetadata(Headers.UNENCRYPTED_CONTENT_MD5, metadata.getContentMD5());
    }
    // Removes the original content MD5 if present from the meta data.
    metadata.setContentMD5(null);
    // Record the original, unencrypted content-length so it can be accessed
    // later
    final long plaintextLength = plaintextLength(request, metadata);
    if (plaintextLength >= 0) {
        metadata.addUserMetadata(Headers.UNENCRYPTED_CONTENT_LENGTH, Long.toString(plaintextLength));
        // Put the ciphertext length in the metadata
        metadata.setContentLength(ciphertextLength(plaintextLength));
    }
    request.setMetadata(metadata);
    request.setInputStream(newS3CipherLiteInputStream(request, cekMaterial, plaintextLength));
    // Treat all encryption requests as input stream upload requests, not as
    // file upload requests.
    request.setFile(null);
    return request;
}
Also used : ObjectMetadata(com.amazonaws.services.s3.model.ObjectMetadata) ObjectMetadata(com.amazonaws.services.s3.model.CryptoStorageMode.ObjectMetadata)

Aggregations

AmazonClientException (com.amazonaws.AmazonClientException)1 AmazonServiceException (com.amazonaws.AmazonServiceException)1 ReleasableInputStream (com.amazonaws.internal.ReleasableInputStream)1 ResettableInputStream (com.amazonaws.internal.ResettableInputStream)1 SdkFilterInputStream (com.amazonaws.internal.SdkFilterInputStream)1 InstructionFile (com.amazonaws.services.s3.model.CryptoStorageMode.InstructionFile)1 ObjectMetadata (com.amazonaws.services.s3.model.CryptoStorageMode.ObjectMetadata)1 ObjectMetadata (com.amazonaws.services.s3.model.ObjectMetadata)1 LengthCheckInputStream (com.amazonaws.util.LengthCheckInputStream)1 ByteArrayInputStream (java.io.ByteArrayInputStream)1 File (java.io.File)1 IOException (java.io.IOException)1 InputStream (java.io.InputStream)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1