Search in sources :

Example 1 with COSStaticCredentialsProvider

use of com.qcloud.cos.auth.COSStaticCredentialsProvider in project cos-java-sdk-v5 by tencentyun.

the class AsymmetricKeyEncryptionClientDemo method createCosClient.

static COSClient createCosClient(String region) {
    // 初始化用户身份信息(secretId, secretKey)
    COSCredentials cred = new BasicCOSCredentials("AKIDxxxxxxxxxxxxxxxxxxxxxxxxxxx", "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy");
    // 设置bucket的区域, COS地域的简称请参照 https://www.qcloud.com/document/product/436/6224
    ClientConfig clientConfig = new ClientConfig(new Region(region));
    // 为防止请求头部被篡改导致的数据无法解密,强烈建议只使用 https 协议发起请求
    clientConfig.setHttpProtocol(HttpProtocol.https);
    KeyPair asymKeyPair = null;
    try {
        // 加载保存在文件中的秘钥, 如果不存在,请先使用buildAndSaveAsymKeyPair生成秘钥
        // buildAndSaveAsymKeyPair();
        asymKeyPair = loadAsymKeyPair();
    } catch (Exception e) {
        throw new CosClientException(e);
    }
    // 初始化 KMS 加密材料
    EncryptionMaterials encryptionMaterials = new EncryptionMaterials(asymKeyPair);
    // 使用AES/GCM模式,并将加密信息存储在文件元信息中.
    CryptoConfiguration cryptoConf = new CryptoConfiguration(CryptoMode.AesCtrEncryption).withStorageMode(CryptoStorageMode.ObjectMetadata);
    // // 如果 kms 服务的 region 与 cos 的 region 不一致,则在加密信息里指定 kms 服务的 region
    // cryptoConf.setKmsRegion(kmsRegion);
    // // 如果需要可以为 KMS 服务的 cmk 设置对应的描述信息。
    // encryptionMaterials.addDescription("kms-region", "guangzhou");
    // 生成加密客户端EncryptionClient, COSEncryptionClient是COSClient的子类, 所有COSClient支持的接口他都支持。
    // EncryptionClient覆盖了COSClient上传下载逻辑,操作内部会执行加密操作,其他操作执行逻辑和COSClient一致
    COSEncryptionClient cosEncryptionClient = new COSEncryptionClient(new COSStaticCredentialsProvider(cred), new StaticEncryptionMaterialsProvider(encryptionMaterials), clientConfig, cryptoConf);
    return cosEncryptionClient;
}
Also used : COSStaticCredentialsProvider(com.qcloud.cos.auth.COSStaticCredentialsProvider) KeyPair(java.security.KeyPair) COSCredentials(com.qcloud.cos.auth.COSCredentials) BasicCOSCredentials(com.qcloud.cos.auth.BasicCOSCredentials) EncryptionMaterials(com.qcloud.cos.internal.crypto.EncryptionMaterials) BasicCOSCredentials(com.qcloud.cos.auth.BasicCOSCredentials) CosClientException(com.qcloud.cos.exception.CosClientException) CryptoConfiguration(com.qcloud.cos.internal.crypto.CryptoConfiguration) Region(com.qcloud.cos.region.Region) StaticEncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.StaticEncryptionMaterialsProvider) ClientConfig(com.qcloud.cos.ClientConfig) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) CosClientException(com.qcloud.cos.exception.CosClientException) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) COSEncryptionClient(com.qcloud.cos.COSEncryptionClient)

Example 2 with COSStaticCredentialsProvider

use of com.qcloud.cos.auth.COSStaticCredentialsProvider in project cos-java-sdk-v5 by tencentyun.

the class AbstractCOSClientTest method initEncryptionClient.

protected static void initEncryptionClient() {
    COSCredentials cred = new BasicCOSCredentials(secretId, secretKey);
    clientConfig = new ClientConfig(new Region(region));
    if (generalApiEndpoint != null && generalApiEndpoint.trim().length() > 0 && serviceApiEndpoint != null && serviceApiEndpoint.trim().length() > 0) {
        UserSpecifiedEndpointBuilder userSpecifiedEndpointBuilder = new UserSpecifiedEndpointBuilder(generalApiEndpoint, serviceApiEndpoint);
        clientConfig.setEndpointBuilder(userSpecifiedEndpointBuilder);
    }
    EncryptionMaterialsProvider encryptionMaterialsProvider;
    if (encryptionMaterials instanceof KMSEncryptionMaterials) {
        KMSEncryptionMaterials kmsEncryptionMaterials = new KMSEncryptionMaterials(cmk);
        encryptionMaterialsProvider = new KMSEncryptionMaterialsProvider(kmsEncryptionMaterials);
    } else {
        encryptionMaterialsProvider = new StaticEncryptionMaterialsProvider(encryptionMaterials);
    }
    cosclient = new COSEncryptionClient(qcloudkms, new COSStaticCredentialsProvider(cred), encryptionMaterialsProvider, clientConfig, cryptoConfiguration);
}
Also used : COSStaticCredentialsProvider(com.qcloud.cos.auth.COSStaticCredentialsProvider) COSCredentials(com.qcloud.cos.auth.COSCredentials) BasicCOSCredentials(com.qcloud.cos.auth.BasicCOSCredentials) UserSpecifiedEndpointBuilder(com.qcloud.cos.endpoint.UserSpecifiedEndpointBuilder) BasicCOSCredentials(com.qcloud.cos.auth.BasicCOSCredentials) StaticEncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.StaticEncryptionMaterialsProvider) EncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.EncryptionMaterialsProvider) KMSEncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.KMSEncryptionMaterialsProvider) KMSEncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.KMSEncryptionMaterialsProvider) Region(com.qcloud.cos.region.Region) StaticEncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.StaticEncryptionMaterialsProvider) KMSEncryptionMaterials(com.qcloud.cos.internal.crypto.KMSEncryptionMaterials)

Example 3 with COSStaticCredentialsProvider

use of com.qcloud.cos.auth.COSStaticCredentialsProvider in project cos-java-sdk-v5 by tencentyun.

the class COSClient method setCOSCredentials.

public void setCOSCredentials(COSCredentials cred) {
    rejectNull(cred, "cred must not be null");
    this.credProvider = new COSStaticCredentialsProvider(cred);
}
Also used : COSStaticCredentialsProvider(com.qcloud.cos.auth.COSStaticCredentialsProvider)

Example 4 with COSStaticCredentialsProvider

use of com.qcloud.cos.auth.COSStaticCredentialsProvider in project cos-java-sdk-v5 by tencentyun.

the class KMSEncryptionClientDemo method createCosClient.

static COSClient createCosClient(String region) {
    // 初始化用户身份信息(secretId, secretKey)
    COSCredentials cred = new BasicCOSCredentials("AKIDxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy");
    // 设置bucket的区域, COS地域的简称请参照 https://www.qcloud.com/document/product/436/6224
    ClientConfig clientConfig = new ClientConfig(new Region(region));
    // 为防止请求头部被篡改导致的数据无法解密,强烈建议只使用 https 协议发起请求
    clientConfig.setHttpProtocol(HttpProtocol.https);
    // 初始化 KMS 加密材料
    KMSEncryptionMaterials encryptionMaterials = new KMSEncryptionMaterials(cmk);
    // 使用AES/CTR模式,并将加密信息存储在文件元信息中.
    // 如果想要此次加密的对象被 COS 其他的 SDK 解密下载,则必须选择 AesCtrEncryption 模式
    CryptoConfiguration cryptoConf = new CryptoConfiguration(CryptoMode.AesCtrEncryption).withStorageMode(CryptoStorageMode.ObjectMetadata);
    // // 如果 kms 服务的 region 与 cos 的 region 不一致,则在加密信息里指定 kms 服务的 region
    // cryptoConf.setKmsRegion(kmsRegion);
    // // 如果需要可以为 KMS 服务的 cmk 设置对应的描述信息。
    // encryptionMaterials.addDescription("kms-region", "guangzhou");
    // 生成加密客户端EncryptionClient, COSEncryptionClient是COSClient的子类, 所有COSClient支持的接口他都支持。
    // EncryptionClient覆盖了COSClient上传下载逻辑,操作内部会执行加密操作,其他操作执行逻辑和COSClient一致
    COSEncryptionClient cosEncryptionClient = new COSEncryptionClient(new COSStaticCredentialsProvider(cred), new KMSEncryptionMaterialsProvider(encryptionMaterials), clientConfig, cryptoConf);
    return cosEncryptionClient;
}
Also used : COSStaticCredentialsProvider(com.qcloud.cos.auth.COSStaticCredentialsProvider) COSCredentials(com.qcloud.cos.auth.COSCredentials) BasicCOSCredentials(com.qcloud.cos.auth.BasicCOSCredentials) BasicCOSCredentials(com.qcloud.cos.auth.BasicCOSCredentials) KMSEncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.KMSEncryptionMaterialsProvider) CryptoConfiguration(com.qcloud.cos.internal.crypto.CryptoConfiguration) Region(com.qcloud.cos.region.Region) ClientConfig(com.qcloud.cos.ClientConfig) KMSEncryptionMaterials(com.qcloud.cos.internal.crypto.KMSEncryptionMaterials) COSEncryptionClient(com.qcloud.cos.COSEncryptionClient)

Example 5 with COSStaticCredentialsProvider

use of com.qcloud.cos.auth.COSStaticCredentialsProvider in project cos-java-sdk-v5 by tencentyun.

the class SymmetricKeyEncryptionClientDemo method createCosClient.

static COSClient createCosClient(String region) {
    // 初始化用户身份信息(secretId, secretKey)
    COSCredentials cred = new BasicCOSCredentials("AKIDxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy");
    // 设置bucket的区域, COS地域的简称请参照 https://www.qcloud.com/document/product/436/6224
    ClientConfig clientConfig = new ClientConfig(new Region(region));
    // 为防止请求头部被篡改导致的数据无法解密,强烈建议只使用 https 协议发起请求
    clientConfig.setHttpProtocol(HttpProtocol.https);
    SecretKey symKey = null;
    try {
        // 加载保存在文件中的秘钥, 如果不存在,请先使用buildAndSaveAsymKeyPair生成秘钥
        // buildAndSaveSymmetricKey();
        symKey = loadSymmetricAESKey();
    } catch (Exception e) {
        throw new CosClientException(e);
    }
    // 初始化 KMS 加密材料
    EncryptionMaterials encryptionMaterials = new EncryptionMaterials(symKey);
    // 使用AES/GCM模式,并将加密信息存储在文件元信息中.
    CryptoConfiguration cryptoConf = new CryptoConfiguration(CryptoMode.AesCtrEncryption).withStorageMode(CryptoStorageMode.ObjectMetadata);
    // // 如果 kms 服务的 region 与 cos 的 region 不一致,则在加密信息里指定 kms 服务的 region
    // cryptoConf.setKmsRegion(kmsRegion);
    // // 如果需要可以为 KMS 服务的 cmk 设置对应的描述信息。
    // encryptionMaterials.addDescription("kms-region", "guangzhou");
    // 生成加密客户端EncryptionClient, COSEncryptionClient是COSClient的子类, 所有COSClient支持的接口他都支持。
    // EncryptionClient覆盖了COSClient上传下载逻辑,操作内部会执行加密操作,其他操作执行逻辑和COSClient一致
    COSEncryptionClient cosEncryptionClient = new COSEncryptionClient(new COSStaticCredentialsProvider(cred), new StaticEncryptionMaterialsProvider(encryptionMaterials), clientConfig, cryptoConf);
    return cosEncryptionClient;
}
Also used : COSStaticCredentialsProvider(com.qcloud.cos.auth.COSStaticCredentialsProvider) SecretKey(javax.crypto.SecretKey) COSCredentials(com.qcloud.cos.auth.COSCredentials) BasicCOSCredentials(com.qcloud.cos.auth.BasicCOSCredentials) EncryptionMaterials(com.qcloud.cos.internal.crypto.EncryptionMaterials) BasicCOSCredentials(com.qcloud.cos.auth.BasicCOSCredentials) CosClientException(com.qcloud.cos.exception.CosClientException) CryptoConfiguration(com.qcloud.cos.internal.crypto.CryptoConfiguration) Region(com.qcloud.cos.region.Region) StaticEncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.StaticEncryptionMaterialsProvider) ClientConfig(com.qcloud.cos.ClientConfig) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) CosClientException(com.qcloud.cos.exception.CosClientException) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) COSEncryptionClient(com.qcloud.cos.COSEncryptionClient)

Aggregations

COSStaticCredentialsProvider (com.qcloud.cos.auth.COSStaticCredentialsProvider)5 BasicCOSCredentials (com.qcloud.cos.auth.BasicCOSCredentials)4 COSCredentials (com.qcloud.cos.auth.COSCredentials)4 Region (com.qcloud.cos.region.Region)4 COSEncryptionClient (com.qcloud.cos.COSEncryptionClient)3 ClientConfig (com.qcloud.cos.ClientConfig)3 CryptoConfiguration (com.qcloud.cos.internal.crypto.CryptoConfiguration)3 StaticEncryptionMaterialsProvider (com.qcloud.cos.internal.crypto.StaticEncryptionMaterialsProvider)3 CosClientException (com.qcloud.cos.exception.CosClientException)2 EncryptionMaterials (com.qcloud.cos.internal.crypto.EncryptionMaterials)2 KMSEncryptionMaterials (com.qcloud.cos.internal.crypto.KMSEncryptionMaterials)2 KMSEncryptionMaterialsProvider (com.qcloud.cos.internal.crypto.KMSEncryptionMaterialsProvider)2 IOException (java.io.IOException)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)2 UserSpecifiedEndpointBuilder (com.qcloud.cos.endpoint.UserSpecifiedEndpointBuilder)1 EncryptionMaterialsProvider (com.qcloud.cos.internal.crypto.EncryptionMaterialsProvider)1 InvalidKeyException (java.security.InvalidKeyException)1 KeyPair (java.security.KeyPair)1 SecretKey (javax.crypto.SecretKey)1