Example 1 with KMSEncryptionMaterialsProvider
use of com.qcloud.cos.internal.crypto.KMSEncryptionMaterialsProvider in project cos-java-sdk-v5 by tencentyun.
the class AbstractCOSClientTest method initEncryptionClient.
protected static void initEncryptionClient() {
COSCredentials cred = new BasicCOSCredentials(secretId, secretKey);
clientConfig = new ClientConfig(new Region(region));
if (generalApiEndpoint != null && generalApiEndpoint.trim().length() > 0 && serviceApiEndpoint != null && serviceApiEndpoint.trim().length() > 0) {
UserSpecifiedEndpointBuilder userSpecifiedEndpointBuilder = new UserSpecifiedEndpointBuilder(generalApiEndpoint, serviceApiEndpoint);
clientConfig.setEndpointBuilder(userSpecifiedEndpointBuilder);
}
EncryptionMaterialsProvider encryptionMaterialsProvider;
if (encryptionMaterials instanceof KMSEncryptionMaterials) {
KMSEncryptionMaterials kmsEncryptionMaterials = new KMSEncryptionMaterials(cmk);
encryptionMaterialsProvider = new KMSEncryptionMaterialsProvider(kmsEncryptionMaterials);
} else {
encryptionMaterialsProvider = new StaticEncryptionMaterialsProvider(encryptionMaterials);
}
cosclient = new COSEncryptionClient(qcloudkms, new COSStaticCredentialsProvider(cred), encryptionMaterialsProvider, clientConfig, cryptoConfiguration);
}
Also used :
COSStaticCredentialsProvider(com.qcloud.cos.auth.COSStaticCredentialsProvider)
COSCredentials(com.qcloud.cos.auth.COSCredentials)
BasicCOSCredentials(com.qcloud.cos.auth.BasicCOSCredentials)
UserSpecifiedEndpointBuilder(com.qcloud.cos.endpoint.UserSpecifiedEndpointBuilder)
BasicCOSCredentials(com.qcloud.cos.auth.BasicCOSCredentials)
StaticEncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.StaticEncryptionMaterialsProvider)
EncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.EncryptionMaterialsProvider)
KMSEncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.KMSEncryptionMaterialsProvider)
KMSEncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.KMSEncryptionMaterialsProvider)
Region(com.qcloud.cos.region.Region)
StaticEncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.StaticEncryptionMaterialsProvider)
KMSEncryptionMaterials(com.qcloud.cos.internal.crypto.KMSEncryptionMaterials)
Example 2 with KMSEncryptionMaterialsProvider
use of com.qcloud.cos.internal.crypto.KMSEncryptionMaterialsProvider in project cos-java-sdk-v5 by tencentyun.
the class KMSEncryptionClientDemo method createCosClient.
static COSClient createCosClient(String region) {
// 初始化用户身份信息(secretId, secretKey)
COSCredentials cred = new BasicCOSCredentials("AKIDxxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy");
// 设置bucket的区域, COS地域的简称请参照 https://www.qcloud.com/document/product/436/6224
ClientConfig clientConfig = new ClientConfig(new Region(region));
// 为防止请求头部被篡改导致的数据无法解密,强烈建议只使用 https 协议发起请求
clientConfig.setHttpProtocol(HttpProtocol.https);
// 初始化 KMS 加密材料
KMSEncryptionMaterials encryptionMaterials = new KMSEncryptionMaterials(cmk);
// 使用AES/CTR模式,并将加密信息存储在文件元信息中.
// 如果想要此次加密的对象被 COS 其他的 SDK 解密下载,则必须选择 AesCtrEncryption 模式
CryptoConfiguration cryptoConf = new CryptoConfiguration(CryptoMode.AesCtrEncryption).withStorageMode(CryptoStorageMode.ObjectMetadata);
// // 如果 kms 服务的 region 与 cos 的 region 不一致,则在加密信息里指定 kms 服务的 region
// cryptoConf.setKmsRegion(kmsRegion);
// // 如果需要可以为 KMS 服务的 cmk 设置对应的描述信息。
// encryptionMaterials.addDescription("kms-region", "guangzhou");
// 生成加密客户端EncryptionClient, COSEncryptionClient是COSClient的子类, 所有COSClient支持的接口他都支持。
// EncryptionClient覆盖了COSClient上传下载逻辑,操作内部会执行加密操作,其他操作执行逻辑和COSClient一致
COSEncryptionClient cosEncryptionClient = new COSEncryptionClient(new COSStaticCredentialsProvider(cred), new KMSEncryptionMaterialsProvider(encryptionMaterials), clientConfig, cryptoConf);
return cosEncryptionClient;
}
Also used :
COSStaticCredentialsProvider(com.qcloud.cos.auth.COSStaticCredentialsProvider)
COSCredentials(com.qcloud.cos.auth.COSCredentials)
BasicCOSCredentials(com.qcloud.cos.auth.BasicCOSCredentials)
BasicCOSCredentials(com.qcloud.cos.auth.BasicCOSCredentials)
KMSEncryptionMaterialsProvider(com.qcloud.cos.internal.crypto.KMSEncryptionMaterialsProvider)
CryptoConfiguration(com.qcloud.cos.internal.crypto.CryptoConfiguration)
Region(com.qcloud.cos.region.Region)
ClientConfig(com.qcloud.cos.ClientConfig)
KMSEncryptionMaterials(com.qcloud.cos.internal.crypto.KMSEncryptionMaterials)
COSEncryptionClient(com.qcloud.cos.COSEncryptionClient)
Aggregations
BasicCOSCredentials (com.qcloud.cos.auth.BasicCOSCredentials)2
COSCredentials (com.qcloud.cos.auth.COSCredentials)2
COSStaticCredentialsProvider (com.qcloud.cos.auth.COSStaticCredentialsProvider)2
KMSEncryptionMaterials (com.qcloud.cos.internal.crypto.KMSEncryptionMaterials)2
KMSEncryptionMaterialsProvider (com.qcloud.cos.internal.crypto.KMSEncryptionMaterialsProvider)2
Region (com.qcloud.cos.region.Region)2
COSEncryptionClient (com.qcloud.cos.COSEncryptionClient)1
ClientConfig (com.qcloud.cos.ClientConfig)1
UserSpecifiedEndpointBuilder (com.qcloud.cos.endpoint.UserSpecifiedEndpointBuilder)1
CryptoConfiguration (com.qcloud.cos.internal.crypto.CryptoConfiguration)1
EncryptionMaterialsProvider (com.qcloud.cos.internal.crypto.EncryptionMaterialsProvider)1
StaticEncryptionMaterialsProvider (com.qcloud.cos.internal.crypto.StaticEncryptionMaterialsProvider)1
