class AWS::S3::EncryptedClient
Constants
- HEADER_IV
- HEADER_KEY
- HEADER_META
Attributes
private_encryption_key[R]
public_encryption_key[R]
Public Class Methods
new(options = {})
click to toggle source
Calls superclass method
# File lib/aws/s3/encrypted_client.rb, line 13 def initialize(options = {}) config = (options[:config] || AWS.config).with(options) @private_encryption_key = config.s3_private_key @public_encryption_key = config.s3_public_key raise "missing public and/or private key" unless private_encryption_key && public_encryption_key super end
Public Instance Methods
crypter()
click to toggle source
# File lib/aws/s3/encrypted_client.rb, line 68 def crypter @crypter ||= Crypter.new end
crypter=(crypter)
click to toggle source
# File lib/aws/s3/encrypted_client.rb, line 64 def crypter=(crypter) @crypter = crypter end
get_object(options = {})
click to toggle source
Calls superclass method
# File lib/aws/s3/encrypted_client.rb, line 38 def get_object(options = {}) response = super ekey = response.http_response.headers["#{HEADER_META}-#{HEADER_KEY}"] iv = response.http_response.headers["#{HEADER_META}-#{HEADER_IV}"] if ekey && iv ekey = Base64.decode64(URI.decode([ekey].compact.join)) iv = Base64.decode64(URI.decode([iv].compact.join)) edata = response.data begin key = @public_encryption_key.public_decrypt(ekey) rescue Exception => e raise Errors::DecryptionError.new(@public_encryption_key, ekey, e) end data = crypter.decrypt_data(edata, key, iv) Core::MetaUtils.extend_method(response, :data) { data } else raise Errors::UnencryptedData.new(response.http_request, response.http_response) end response end
put_object(options = {}) { |buffer| ... }
click to toggle source
Calls superclass method
# File lib/aws/s3/encrypted_client.rb, line 21 def put_object(options = {}) if block_given? buffer = StringIO.new yield buffer options[:data] = buffer.string end edata, key, iv = crypter.encrypt_data(options[:data]) key = @private_encryption_key.private_encrypt(key) options[:metadata] ||= {} options[:metadata][HEADER_KEY] = URI.encode(Base64.encode64(key)) options[:metadata][HEADER_IV] = URI.encode(Base64.encode64(iv)) options[:data] = edata super end