Example usage for com.amazonaws.services.s3 AmazonS3EncryptionClient setRegion

List of usage examples for com.amazonaws.services.s3 AmazonS3EncryptionClient setRegion

  1. HOME
  2. Java
  3. com.amazonaws
  4. com.amazonaws.services.s3.*
  5. AmazonS3EncryptionClient
  6. setRegion

Introduction

In this page you can find the example usage for com.amazonaws.services.s3 AmazonS3EncryptionClient setRegion.

Prototype

@Override
@Deprecated
public synchronized void setRegion(com.amazonaws.regions.Region region)

Source Link

Usage

From source file:S3ClientSideEncryptionWithSymmetricMasterKey.java

License:Apache License

public static void main(String[] args) throws Exception {
    SecretKey mySymmetricKey = loadSymmetricAESKey(masterKeyDir, "AES");

    EncryptionMaterials encryptionMaterials = new EncryptionMaterials(mySymmetricKey);

    AWSCredentials credentials = new BasicAWSCredentials("Q3AM3UQ867SPQQA43P2F",
            "zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG");
    AmazonS3EncryptionClient encryptionClient = new AmazonS3EncryptionClient(credentials,
            new StaticEncryptionMaterialsProvider(encryptionMaterials));
    Region usEast1 = Region.getRegion(Regions.US_EAST_1);
    encryptionClient.setRegion(usEast1);
    encryptionClient.setEndpoint("https://play.minio.io:9000");

    final S3ClientOptions clientOptions = S3ClientOptions.builder().setPathStyleAccess(true).build();
    encryptionClient.setS3ClientOptions(clientOptions);

    // Create the bucket
    encryptionClient.createBucket(bucketName);

    // Upload object using the encryption client.
    byte[] plaintext = "Hello World, S3 Client-side Encryption Using Asymmetric Master Key!".getBytes();
    System.out.println("plaintext's length: " + plaintext.length);
    encryptionClient.putObject(new PutObjectRequest(bucketName, objectKey, new ByteArrayInputStream(plaintext),
            new ObjectMetadata()));

    // Download the object.
    S3Object downloadedObject = encryptionClient.getObject(bucketName, objectKey);
    byte[] decrypted = IOUtils.toByteArray(downloadedObject.getObjectContent());

    // Verify same data.
    Assert.assertTrue(Arrays.equals(plaintext, decrypted));
    //deleteBucketAndAllContents(encryptionClient);
}

From source file:S3ClientSideEncryptionAsymmetricMasterKey.java

License:Apache License

public static void main(String[] args) throws Exception {

    // 1. Load keys from files
    byte[] bytes = FileUtils.readFileToByteArray(new File(keyDir + "/private.key"));
    KeyFactory kf = KeyFactory.getInstance("RSA");
    PKCS8EncodedKeySpec ks = new PKCS8EncodedKeySpec(bytes);
    PrivateKey pk = kf.generatePrivate(ks);

    bytes = FileUtils.readFileToByteArray(new File(keyDir + "/public.key"));
    PublicKey publicKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bytes));

    KeyPair loadedKeyPair = new KeyPair(publicKey, pk);

    // 2. Construct an instance of AmazonS3EncryptionClient.
    EncryptionMaterials encryptionMaterials = new EncryptionMaterials(loadedKeyPair);
    AWSCredentials credentials = new BasicAWSCredentials("Q3AM3UQ867SPQQA43P2F",
            "zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG");
    AmazonS3EncryptionClient encryptionClient = new AmazonS3EncryptionClient(credentials,
            new StaticEncryptionMaterialsProvider(encryptionMaterials));
    Region usEast1 = Region.getRegion(Regions.US_EAST_1);
    encryptionClient.setRegion(usEast1);
    encryptionClient.setEndpoint("https://play.minio.io:9000");

    final S3ClientOptions clientOptions = S3ClientOptions.builder().setPathStyleAccess(true).build();
    encryptionClient.setS3ClientOptions(clientOptions);

    // Create the bucket
    encryptionClient.createBucket(bucketName);
    // 3. Upload the object.
    byte[] plaintext = "Hello World, S3 Client-side Encryption Using Asymmetric Master Key!".getBytes();
    System.out.println("plaintext's length: " + plaintext.length);
    encryptionClient.putObject(new PutObjectRequest(bucketName, objectKey, new ByteArrayInputStream(plaintext),
            new ObjectMetadata()));

    // 4. Download the object.
    S3Object downloadedObject = encryptionClient.getObject(bucketName, objectKey);
    byte[] decrypted = IOUtils.toByteArray(downloadedObject.getObjectContent());
    Assert.assertTrue(Arrays.equals(plaintext, decrypted));
    System.out.println("decrypted length: " + decrypted.length);
    //deleteBucketAndAllContents(encryptionClient);
}

From source file:org.apache.nifi.processors.aws.s3.encryption.ClientSideCMKEncryptionStrategy.java

License:Apache License

/**
 * Create an encryption client./*ww w.  j  a  v  a  2 s .c o m*/
 *
 * @param credentialsProvider AWS credentials provider.
 * @param clientConfiguration Client configuration
 * @param region AWS region
 * @param keyIdOrMaterial client master key, always base64 encoded
 * @return AWS S3 client
 */
@Override
public AmazonS3Client createEncryptionClient(AWSCredentialsProvider credentialsProvider,
        ClientConfiguration clientConfiguration, String region, String keyIdOrMaterial)
        throws SecurityException {
    if (!validateKey(keyIdOrMaterial).isValid()) {
        throw new SecurityException("Invalid client key; ensure key material is base64 encoded.");
    }

    byte[] keyMaterial = Base64.decodeBase64(keyIdOrMaterial);
    SecretKeySpec symmetricKey = new SecretKeySpec(keyMaterial, "AES");
    StaticEncryptionMaterialsProvider encryptionMaterialsProvider = new StaticEncryptionMaterialsProvider(
            new EncryptionMaterials(symmetricKey));
    boolean haveRegion = StringUtils.isNotBlank(region);
    CryptoConfiguration cryptoConfig = new CryptoConfiguration();
    Region awsRegion = null;

    if (haveRegion) {
        awsRegion = Region.getRegion(Regions.fromName(region));
        cryptoConfig.setAwsKmsRegion(awsRegion);
    }

    AmazonS3EncryptionClient client = new AmazonS3EncryptionClient(credentialsProvider,
            encryptionMaterialsProvider, cryptoConfig);
    if (haveRegion && awsRegion != null) {
        client.setRegion(awsRegion);
    }

    return client;
}

From source file:org.apache.nifi.processors.aws.s3.encryption.ClientSideKMSEncryptionStrategy.java

License:Apache License

/**
 * Create an encryption client.//  ww  w  . j  ava 2  s .co m
 *
 * @param credentialsProvider AWS credentials provider.
 * @param clientConfiguration Client configuration
 * @param region AWS region
 * @param keyIdOrMaterial KMS key id
 * @return AWS S3 client
 */
@Override
public AmazonS3Client createEncryptionClient(AWSCredentialsProvider credentialsProvider,
        ClientConfiguration clientConfiguration, String region, String keyIdOrMaterial) {
    KMSEncryptionMaterialsProvider materialProvider = new KMSEncryptionMaterialsProvider(keyIdOrMaterial);
    boolean haveRegion = StringUtils.isNotBlank(region);
    Region awsRegion = null;

    CryptoConfiguration cryptoConfig = new CryptoConfiguration();
    if (haveRegion) {
        awsRegion = Region.getRegion(Regions.fromName(region));
        cryptoConfig.setAwsKmsRegion(awsRegion);
    }

    AmazonS3EncryptionClient client = new AmazonS3EncryptionClient(credentialsProvider, materialProvider,
            cryptoConfig);
    if (haveRegion) {
        client.setRegion(awsRegion);
    }

    return client;
}