All geek questions in one place

Java: using server-side encryption in Amazon S3 using the vfs s3 plugin

To copy a file in S3 I use vfs-s3-2.2.1.jar I found the S3FileObject class in the package com.intridea.io.vfs.provider.s3. In which I use the public void copyFrom(final FileObject file, final FileSelector selector) for the copy file. In this method, I found the following code:

 try { if (srcFile.getType().hasChildren()) { destFile.createFolder(); // do server side copy if both source and dest are in S3 and using same credentials } else if (srcFile instanceof S3FileObject) { S3FileObject s3SrcFile = (S3FileObject)srcFile; String srcBucketName = s3SrcFile.getBucket().getName(); String srcFileName = s3SrcFile.getS3Key(); String destBucketName = destFile.getBucket().getName(); String destFileName = destFile.getS3Key(); CopyObjectRequest copy = new CopyObjectRequest( srcBucketName, srcFileName, destBucketName, destFileName); if (srcFile.getType() == FileType.FILE && getServerSideEncryption()) { ObjectMetadata meta = s3SrcFile.getObjectMetadata(); meta.setSSEAlgorithm(AES_256_SERVER_SIDE_ENCRYPTION); copy.setNewObjectMetadata(meta); } getService().copyObject(copy); } else if (srcFile.getType().hasContent() && srcFile.getURL().getProtocol().equals("file")) { // do direct upload from file to avoid overhead of making a copy of the file try { File localFile = new File(srcFile.getURL().toURI()); destFile.upload(localFile); } catch (URISyntaxException e) { // couldn't convert URL to URI, but should still be able to do the slower way super.copyFrom(file, selector); } } else { super.copyFrom(file, selector); } } catch (IOException e) { throw new FileSystemException("vfs.provider/copy-file.error", new Object[]{srcFile, destFile}, e); } catch (AmazonClientException e) { throw new FileSystemException("vfs.provider/copy-file.error", new Object[]{srcFile, destFile}, e); } finally { destFile.close(); }

In the official link, he uses this method

 withSourceSSECustomerKey(sseKey) withDestinationSSECustomerKey(newSseKey);

In the copyFrom method for vfs-s3-2.2.1.jar S3FileObject I cannot find any method for installing SSECustomerKey How can I achieve the same. Thanks for looking here.

+5
source share
1 answer

I have not tested, but quickly look at lib / code - at https://github.com/abashev/vfs-s3/blob/branch-2.3.x/src/main/java/com/intridea/io/vfs/provider /s3/S3FileSystemConfigBuilder.java there is a method of installing the server side encryption

 /** * use server-side encryption. * * @param opts The FileSystemOptions. * @param serverSideEncryption true if server-side encryption should be used. */ public void setServerSideEncryption(FileSystemOptions opts, boolean serverSideEncryption) { setParam(opts, SERVER_SIDE_ENCRYPTION, serverSideEncryption); }

before you call copyFrom you can do

  S3FileSystemConfigBuilder.getInstance().setServerSideEncryption( S3FileSystemConfigBuilder.getInstance().getFileSystem().getFileSystemOptions(), true);
+3
source

Source: https://habr.com/ru/post/1244733/

More articles:


All Articles