use of com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider in project aws-doc-sdk-examples by awsdocs.
the class S3Encrypt method authenticatedEncryption_CustomerManagedAsymmetricKey.
/**
* Same as {@link #authenticatedEncryption_CustomerManagedKey()} except uses an asymmetric key pair and
* RSA/ECB/OAEPWithSHA-256AndMGF1Padding as the key wrapping algorithm.
*/
public void authenticatedEncryption_CustomerManagedAsymmetricKey() throws NoSuchAlgorithmException {
KeyPair keyPair = KeyPairGenerator.getInstance("RSA").generateKeyPair();
AmazonS3Encryption s3Encryption = AmazonS3EncryptionClientBuilder.standard().withRegion(Regions.US_WEST_2).withCryptoConfiguration(new CryptoConfiguration(CryptoMode.AuthenticatedEncryption)).withEncryptionMaterials(new StaticEncryptionMaterialsProvider(new EncryptionMaterials(keyPair))).build();
AmazonS3 s3NonEncrypt = AmazonS3ClientBuilder.standard().withRegion(Regions.DEFAULT_REGION).build();
s3Encryption.putObject(BUCKET_NAME, ENCRYPTED_KEY, "some contents");
s3NonEncrypt.putObject(BUCKET_NAME, NON_ENCRYPTED_KEY, "some other contents");
System.out.println(s3Encryption.getObjectAsString(BUCKET_NAME, ENCRYPTED_KEY));
System.out.println(s3Encryption.getObjectAsString(BUCKET_NAME, NON_ENCRYPTED_KEY));
}
use of com.amazonaws.services.s3.model.StaticEncryptionMaterialsProvider in project aws-doc-sdk-examples by awsdocs.
the class S3Encrypt method encryptionOnly_RangeGet_CustomerManagedKey.
/**
* Non-authenticated encryption schemes can do range GETs without an issue.
*/
// snippet-start:[s3.java1.s3_encrypt.encryption_only]
public void encryptionOnly_RangeGet_CustomerManagedKey() throws NoSuchAlgorithmException {
SecretKey secretKey = KeyGenerator.getInstance("AES").generateKey();
AmazonS3Encryption s3Encryption = AmazonS3EncryptionClientBuilder.standard().withRegion(Regions.US_WEST_2).withCryptoConfiguration(new CryptoConfiguration(CryptoMode.EncryptionOnly)).withEncryptionMaterials(new StaticEncryptionMaterialsProvider(new EncryptionMaterials(secretKey))).build();
s3Encryption.putObject(BUCKET_NAME, ENCRYPTED_KEY, "some contents");
System.out.println(s3Encryption.getObject(new GetObjectRequest(BUCKET_NAME, ENCRYPTED_KEY).withRange(0, 2)));
}
Aggregations