Class: AWS::S3::EncryptedClient
- Inherits:
-
Client
- Object
- Client
- AWS::S3::EncryptedClient
- Defined in:
- lib/aws/s3/encrypted_client.rb
Constant Summary collapse
- HEADER_META =
"x-amz-meta"
- HEADER_KEY =
"x-amz-key"
- HEADER_IV =
"x-amz-iv"
Instance Attribute Summary collapse
-
#private_encryption_key ⇒ Object
readonly
Returns the value of attribute private_encryption_key.
-
#public_encryption_key ⇒ Object
readonly
Returns the value of attribute public_encryption_key.
Instance Method Summary collapse
- #crypter ⇒ Object
- #crypter=(crypter) ⇒ Object
- #get_object(options = {}) ⇒ Object
-
#initialize(options = {}) ⇒ EncryptedClient
constructor
A new instance of EncryptedClient.
- #put_object(options = {}) ⇒ Object
Constructor Details
#initialize(options = {}) ⇒ EncryptedClient
Returns a new instance of EncryptedClient.
13 14 15 16 17 18 19 |
# File 'lib/aws/s3/encrypted_client.rb', line 13 def initialize( = {}) config = ([:config] || AWS.config).with() @private_encryption_key = config.s3_private_key @public_encryption_key = config.s3_public_key raise "missing public and/or private key" unless private_encryption_key && public_encryption_key super end |
Instance Attribute Details
#private_encryption_key ⇒ Object (readonly)
Returns the value of attribute private_encryption_key.
6 7 8 |
# File 'lib/aws/s3/encrypted_client.rb', line 6 def private_encryption_key @private_encryption_key end |
#public_encryption_key ⇒ Object (readonly)
Returns the value of attribute public_encryption_key.
7 8 9 |
# File 'lib/aws/s3/encrypted_client.rb', line 7 def public_encryption_key @public_encryption_key end |
Instance Method Details
#crypter ⇒ Object
68 69 70 |
# File 'lib/aws/s3/encrypted_client.rb', line 68 def crypter @crypter ||= Crypter.new end |
#crypter=(crypter) ⇒ Object
64 65 66 |
# File 'lib/aws/s3/encrypted_client.rb', line 64 def crypter=(crypter) @crypter = crypter end |
#get_object(options = {}) ⇒ Object
38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 |
# File 'lib/aws/s3/encrypted_client.rb', line 38 def get_object( = {}) response = super ekey = response.http_response.headers["#{HEADER_META}-#{HEADER_KEY}"] iv = response.http_response.headers["#{HEADER_META}-#{HEADER_IV}"] if ekey && iv ekey = Base64.decode64(URI.decode([ekey].compact.join)) iv = Base64.decode64(URI.decode([iv].compact.join)) edata = response.data begin key = @public_encryption_key.public_decrypt(ekey) rescue Exception => e raise Errors::DecryptionError.new(@public_encryption_key, ekey, e) end data = crypter.decrypt_data(edata, key, iv) Core::MetaUtils.extend_method(response, :data) { data } else raise Errors::UnencryptedData.new(response.http_request, response.http_response) end response end |
#put_object(options = {}) ⇒ Object
21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
# File 'lib/aws/s3/encrypted_client.rb', line 21 def put_object( = {}) if block_given? buffer = StringIO.new yield buffer [:data] = buffer.string end edata, key, iv = crypter.encrypt_data([:data]) key = @private_encryption_key.private_encrypt(key) [:metadata] ||= {} [:metadata][HEADER_KEY] = URI.encode(Base64.encode64(key)) [:metadata][HEADER_IV] = URI.encode(Base64.encode64(iv)) [:data] = edata super end |