@Override public PutObjectRequest decorate(PutObjectRequest request) { final ObjectMetadata objectMetadata = request.getMetadata() == null ? new ObjectMetadata() : request.getMetadata().clone(); objectMetadata.setSSEAlgorithm(ObjectMetadata.AES_256_SERVER_SIDE_ENCRYPTION); return request.withMetadata(objectMetadata); }
/** * Returns the size of the data in this request, otherwise -1 if the content * length is unknown. * * @param putObjectRequest * The request to check. * * @return The size of the data in this request, otherwise -1 if the size of * the data is unknown. */ public static long getContentLength(PutObjectRequest putObjectRequest) { File file = getRequestFile(putObjectRequest); if (file != null) return file.length(); if (putObjectRequest.getInputStream() != null) { if (putObjectRequest.getMetadata().getContentLength() > 0) { return putObjectRequest.getMetadata().getContentLength(); } } return -1; }
/** * Determines whether the client should use the {@link Headers#ETAG} header returned by S3 to * validate the integrity of the message client side. We skip the client side check if any of * the following conditions are true: * <ol> * <li>The system property {@value #DISABLE_PUT_OBJECT_MD5_VALIDATION_PROPERTY} is set</li> * <li>The request involves SSE-C or SSE-KMS</li> * </ol> * * @return True if client side validation should be skipped, false otherwise. */ public boolean skipClientSideValidationPerRequest(PutObjectRequest request) { if (isPutObjectMd5ValidationDisabledByProperty()) { return true; } return putRequestInvolvesSse(request) || metadataInvolvesSse(request.getMetadata()); }
/** * Updates put request to store the specified instruction object in S3. * * @param req * The put-instruction-file request for the instruction file to * be stored in S3. * @param cekMaterial * The instruction object to be stored in S3. * @return A put request to store the specified instruction object in S3. */ protected final PutObjectRequest updateInstructionPutRequest( PutObjectRequest req, ContentCryptoMaterial cekMaterial) { byte[] bytes = cekMaterial.toJsonString(cryptoConfig.getCryptoMode()) .getBytes(UTF8); ObjectMetadata metadata = req.getMetadata(); if (metadata == null) { metadata = new ObjectMetadata(); req.setMetadata(metadata); } // Set the content-length of the upload metadata.setContentLength(bytes.length); // Set the crypto instruction file header metadata.addUserMetadata(Headers.CRYPTO_INSTRUCTION_FILE, ""); // Update the instruction request req.setMetadata(metadata); req.setInputStream(new ByteArrayInputStream(bytes)); // the file attribute in the request is always null before calling this // routine return req; }
private PutObjectResult putObjectUsingMetadata(PutObjectRequest req) { ContentCryptoMaterial cekMaterial = createContentCryptoMaterial(req); // Wraps the object data with a cipher input stream final File fileOrig = req.getFile(); final InputStream isOrig = req.getInputStream(); PutObjectRequest wrappedReq = wrapWithCipher(req, cekMaterial); // Update the metadata req.setMetadata(updateMetadataWithContentCryptoMaterial( req.getMetadata(), req.getFile(), cekMaterial)); // Put the encrypted object into S3 try { return s3.putObject(wrappedReq); } finally { cleanupDataSource(req, fileOrig, isOrig, wrappedReq.getInputStream(), log); } }
.getMultipartUploadId() : null; if (putObjectRequest.getMetadata() == null) putObjectRequest.setMetadata(new ObjectMetadata()); ObjectMetadata metadata = putObjectRequest.getMetadata();
req = new EncryptedInitiateMultipartUploadRequest( origReq.getBucketName(), origReq.getKey()).withCannedACL( origReq.getCannedAcl()).withObjectMetadata(origReq.getMetadata()); ((EncryptedInitiateMultipartUploadRequest) req) .setMaterialsDescription(((EncryptedPutObjectRequest) origReq).getMaterialsDescription()); req = new InitiateMultipartUploadRequest(origReq.getBucketName(), origReq.getKey()) .withCannedACL(origReq.getCannedAcl()) .withObjectMetadata(origReq.getMetadata());
final String bucketName = putObjectRequest.getBucketName(); final String key = putObjectRequest.getKey(); ObjectMetadata metadata = putObjectRequest.getMetadata(); InputStream input = isOrig; if (metadata == null)
/** * Returns the size of the data in this request, otherwise -1 if the content * length is unknown. * * @param putObjectRequest The request to check. * @return The size of the data in this request, otherwise -1 if the size of * the data is unknown. */ public static long getContentLength(PutObjectRequest putObjectRequest) { File file = getRequestFile(putObjectRequest); if (file != null) return file.length(); if (putObjectRequest.getInputStream() != null) { if (putObjectRequest.getMetadata().getContentLength() > 0) { return putObjectRequest.getMetadata().getContentLength(); } } return -1; }
ObjectMetadata origReqMetadata = origReq.getMetadata(); if (origReqMetadata != null && origReqMetadata.getRawMetadataValue(SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY) != null &&
final ObjectMetadata om = putObjectRequest.getMetadata(); if (om != null && om.getSSEAlgorithm() != null) { return true;
/** * Creates a put request to store the specified instruction object in S3. * * @param request The put request for the original object to be stored in * S3. * @param instruction The instruction object to be stored in S3. * @return A put request to store the specified instruction object in S3. */ public static PutObjectRequest createInstructionPutRequest(PutObjectRequest request, EncryptionInstruction instruction) { Map<String, String> instructionJSON = convertInstructionToJSONObject(instruction); byte[] instructionBytes = JsonUtils.mapToString(instructionJSON).getBytes(StringUtils.UTF8); InputStream instructionInputStream = new ByteArrayInputStream(instructionBytes); ObjectMetadata metadata = request.getMetadata(); // Set the content-length of the upload metadata.setContentLength(instructionBytes.length); // Set the crypto instruction file header metadata.addUserMetadata(Headers.CRYPTO_INSTRUCTION_FILE, ""); // Update the instruction request request.setKey(request.getKey() + INSTRUCTION_SUFFIX); request.setMetadata(metadata); request.setInputStream(instructionInputStream); return request; }
/** * Updates put request to store the specified instruction object in S3. * * @param req * The put-instruction-file request for the instruction file to * be stored in S3. * @param cekMaterial * The instruction object to be stored in S3. * @return A put request to store the specified instruction object in S3. */ protected final PutObjectRequest updateInstructionPutRequest( PutObjectRequest req, ContentCryptoMaterial cekMaterial) { final byte[] bytes = cekMaterial.toJsonString(cryptoConfig.getCryptoMode()) .getBytes(UTF8); ObjectMetadata metadata = req.getMetadata(); if (metadata == null) { metadata = new ObjectMetadata(); req.setMetadata(metadata); } // Set the content-length of the upload metadata.setContentLength(bytes.length); // Set the crypto instruction file header metadata.addUserMetadata(Headers.CRYPTO_INSTRUCTION_FILE, ""); // Update the instruction request req.setMetadata(metadata); req.setInputStream(new ByteArrayInputStream(bytes)); // the file attribute in the request is always null before calling this // routine return req; }
private PutObjectResult putObjectUsingMetadata(PutObjectRequest req) { final ContentCryptoMaterial cekMaterial = createContentCryptoMaterial(req); // Wraps the object data with a cipher input stream final File fileOrig = req.getFile(); final InputStream isOrig = req.getInputStream(); final PutObjectRequest wrappedReq = wrapWithCipher(req, cekMaterial); // Update the metadata req.setMetadata(updateMetadataWithContentCryptoMaterial( req.getMetadata(), req.getFile(), cekMaterial)); // Put the encrypted object into S3 try { return s3.putObject(wrappedReq); } finally { cleanupDataSource(req, fileOrig, isOrig, wrappedReq.getInputStream(), log); } }
/** * Creates a multipart upload id for the upload request. * * @param putObjectRequest An PutObjectRequest object for the whole upload * @return A multipart upload id */ private String initiateMultipartUpload(PutObjectRequest putObjectRequest) { InitiateMultipartUploadRequest initiateMultipartUploadRequest = new InitiateMultipartUploadRequest( putObjectRequest.getBucketName(), putObjectRequest.getKey()) .withCannedACL(putObjectRequest.getCannedAcl()) .withObjectMetadata(putObjectRequest.getMetadata()) .withSSEAwsKeyManagementParams( putObjectRequest.getSSEAwsKeyManagementParams()); TransferUtility .appendMultipartTransferServiceUserAgentString(initiateMultipartUploadRequest); final String uploadId = s3.initiateMultipartUpload(initiateMultipartUploadRequest).getUploadId(); return uploadId; }
/** * Update the request's ObjectMetadata with the necessary information for * decrypting the object * * @param request Non-null PUT request encrypted using the given instruction * @param instruction Non-null instruction used to encrypt the data in this * PUT request. */ public static void updateMetadataWithEncryptionInstruction(PutObjectRequest request, EncryptionInstruction instruction) { byte[] keyBytesToStoreInMetadata = instruction.getEncryptedSymmetricKey(); Cipher symmetricCipher = instruction.getSymmetricCipher(); Map<String, String> materialsDescription = instruction.getMaterialsDescription(); ObjectMetadata metadata = request.getMetadata(); if (metadata == null) metadata = new ObjectMetadata(); if (request.getFile() != null) { Mimetypes mimetypes = Mimetypes.getInstance(); metadata.setContentType(mimetypes.getMimetype(request.getFile())); } updateMetadata(metadata, keyBytesToStoreInMetadata, symmetricCipher, materialsDescription); request.setMetadata(metadata); }
.getMultipartUploadId() : null; if (putObjectRequest.getMetadata() == null) { putObjectRequest.setMetadata(new ObjectMetadata()); final ObjectMetadata metadata = putObjectRequest.getMetadata();
EncryptionInstruction instruction) { ObjectMetadata metadata = request.getMetadata(); if (metadata == null) { metadata = new ObjectMetadata();
putObjectRequest.getBucketName(), putObjectRequest.getKey()).withCannedACL( putObjectRequest.getCannedAcl()).withObjectMetadata( putObjectRequest.getMetadata()); ((EncryptedInitiateMultipartUploadRequest) initiateMultipartUploadRequest) .setMaterialsDescription(((EncryptedPutObjectRequest) putObjectRequest) putObjectRequest.getBucketName(), putObjectRequest.getKey()) .withCannedACL(putObjectRequest.getCannedAcl()) .withObjectMetadata(putObjectRequest.getMetadata());
from.setStorageClass(StorageClass.Standard); assertSame(metadata, from.getMetadata()); assertSame(System.in, to.getInputStream()); assertNotSame(from.getMetadata(), to.getMetadata()); final ObjectMetadata toOMD = to.getMetadata(); assertEquals("um_v1", toOMD.getUserMetaDataOf("um_k1")); assertEquals("um_v2", toOMD.getUserMetaDataOf("um_k2"));