Skip to content

Commit

Permalink
Add server side encryption support
Browse files Browse the repository at this point in the history
Fixes #251
  • Loading branch information
poornas committed Jan 3, 2019
1 parent 700926c commit d5934ed
Show file tree
Hide file tree
Showing 12 changed files with 811 additions and 72 deletions.
58 changes: 39 additions & 19 deletions Docs/API.md
Original file line number Diff line number Diff line change
Expand Up @@ -611,9 +611,9 @@ catch (MinioException e)
## 3. Object operations

<a name="getObject"></a>
### GetObjectAsync(string bucketName, string objectName, Action<Stream> callback)
### GetObjectAsync(string bucketName, string objectName, Action<Stream> callback, ServerSideEncryption sse)

`Task GetObjectAsync(string bucketName, string objectName, Action<Stream> callback, CancellationToken cancellationToken = default(CancellationToken))`
`Task GetObjectAsync(string bucketName, string objectName, Action<Stream> callback, ServerSideEncryption sse = null, CancellationToken cancellationToken = default(CancellationToken))`

Downloads an object as a stream.

Expand All @@ -626,6 +626,7 @@ __Parameters__
| ``bucketName`` | _string_ | Name of the bucket |
| ``objectName`` | _string_ | Object name in the bucket |
| ``callback`` | _Action<Stream>_ | Call back to process stream |
| ``sse`` | _ServerSideEncryption_ | Server-side encryption option | Optional parameter. Defaults to null |
| ``cancellationToken``| _System.Threading.CancellationToken_ | Optional parameter. Defaults to default(CancellationToken) |


Expand Down Expand Up @@ -663,9 +664,9 @@ try
```

<a name="getObject"></a>
### GetObjectAsync(string bucketName, string objectName, long offset,long length, Action<Stream> callback)
### GetObjectAsync(string bucketName, string objectName, long offset,long length, Action<Stream> callback, ServerSideEncryption sse)

`Task GetObjectAsync(string bucketName, string objectName, long offset, long length, Action<Stream> callback, CancellationToken cancellationToken = default(CancellationToken))`
`Task GetObjectAsync(string bucketName, string objectName, long offset, long length, Action<Stream> callback, ServerSideEncryption sse = null, CancellationToken cancellationToken = default(CancellationToken))`

Downloads the specified range bytes of an object as a stream.Both offset and length are required.

Expand All @@ -680,6 +681,7 @@ __Parameters__
| ``offset``| _long_ | Offset of the object from where stream will start |
| ``length``| _long_| Length of the object to read in from the stream |
| ``callback`` | _Action<Stream>_ | Call back to process stream |
| ``sse`` | _ServerSideEncryption_ | Server-side encryption option | Optional parameter. Defaults to null |
| ``cancellationToken``| _System.Threading.CancellationToken_ | Optional parameter. Defaults to default(CancellationToken) |


Expand Down Expand Up @@ -717,9 +719,9 @@ try
```

<a name="getObject"></a>
### GetObjectAsync(String bucketName, String objectName, String fileName)
### GetObjectAsync(String bucketName, String objectName, String fileName, ServerSideEncryption sse)

`Task GetObjectAsync(string bucketName, string objectName, string fileName, CancellationToken cancellationToken = default(CancellationToken))`
`Task GetObjectAsync(string bucketName, string objectName, string fileName, ServerSideEncryption sse = null, CancellationToken cancellationToken = default(CancellationToken))`

Downloads and saves the object as a file in the local filesystem.

Expand All @@ -732,6 +734,7 @@ __Parameters__
| ``bucketName`` | _String_ | Name of the bucket |
| ``objectName`` | _String_ | Object name in the bucket |
| ``fileName`` | _String_ | File name |
| ``sse`` | _ServerSideEncryption_ | Server-side encryption option | Optional parameter. Defaults to null |
| ``cancellationToken``| _System.Threading.CancellationToken_ | Optional parameter. Defaults to default(CancellationToken) |


Expand Down Expand Up @@ -763,9 +766,9 @@ catch (MinioException e)
}
```
<a name="putObject"></a>
### PutObjectAsync(string bucketName, string objectName, Stream data, long size, string contentType)
### PutObjectAsync(string bucketName, string objectName, Stream data, long size, string contentType,ServerSideEncryption sse)

` Task PutObjectAsync(string bucketName, string objectName, Stream data, long size, string contentType,Dictionary<string,string> metaData=null, CancellationToken cancellationToken = default(CancellationToken))`
` Task PutObjectAsync(string bucketName, string objectName, Stream data, long size, string contentType,Dictionary<string,string> metaData=null,ServerSideEncryption sse = null,CancellationToken cancellationToken = default(CancellationToken))`


Uploads contents from a stream to objectName.
Expand All @@ -782,6 +785,7 @@ __Parameters__
| ``size`` | _long_ | size of stream |
| ``contentType`` | _string_ | Content type of the file. Defaults to "application/octet-stream" |
| ``metaData`` | _Dictionary<string,string>_ | Dictionary of metadata headers. Defaults to null. |
| ``sse`` | _ServerSideEncryption_ | Server-side encryption option | Optional parameter. Defaults to null |

| ``cancellationToken``| _System.Threading.CancellationToken_ | Optional parameter. Defaults to default(CancellationToken) |

Expand All @@ -807,12 +811,16 @@ try
{
byte[] bs = File.ReadAllBytes(fileName);
System.IO.MemoryStream filestream = new System.IO.MemoryStream(bs);

// Specify SSE-C encryption options
Aes aesEncryption = Aes.Create();
aesEncryption.KeySize = 256;
aesEncryption.GenerateKey();
var ssec = new SSEC(aesEncryption.Key);
await minio.PutObjectAsync("mybucket",
"island.jpg",
filestream,
filestream.Length,
"application/octet-stream");
"application/octet-stream",ssec);
Console.Out.WriteLine("island.jpg is uploaded successfully");
}
catch(MinioException e)
Expand All @@ -822,9 +830,9 @@ catch(MinioException e)
```

<a name="putObject"></a>
### PutObjectAsync(string bucketName, string objectName, string filePath, string contentType=null)
### PutObjectAsync(string bucketName, string objectName, string filePath, string contentType=null,ServerSideEncryption sse)

` Task PutObjectAsync(string bucketName, string objectName, string filePath, string contentType=null,Dictionary<string,string> metaData=null, CancellationToken cancellationToken = default(CancellationToken))`
` Task PutObjectAsync(string bucketName, string objectName, string filePath, string contentType=null,Dictionary<string,string> metaData=null, ServerSideEncryption sse=null,CancellationToken cancellationToken = default(CancellationToken))`


Uploads contents from a file to objectName.
Expand All @@ -840,6 +848,7 @@ __Parameters__
| ``fileName`` | _string_ | File to upload |
| ``contentType`` | _string_ | Content type of the file. Defaults to " |
| ``metadata`` | _Dictionary<string,string>_ | Dictionary of meta data headers and their values.Defaults to null.|
| ``sse`` | _ServerSideEncryption_ | Server-side encryption option | Optional parameter. Defaults to null |

| ``cancellationToken``| _System.Threading.CancellationToken_ | Optional parameter. Defaults to default(CancellationToken) |

Expand Down Expand Up @@ -870,9 +879,9 @@ catch(MinioException e)
}
```
<a name="statObject"></a>
### StatObjectAsync(string bucketName, string objectName)
### StatObjectAsync(string bucketName, string objectName,ServerSideEncryption sse)

`Task<ObjectStat> StatObjectAsync(string bucketName, string objectName, CancellationToken cancellationToken = default(CancellationToken))`
`Task<ObjectStat> StatObjectAsync(string bucketName, string objectName,ServerSideEncryption sse = null, CancellationToken cancellationToken = default(CancellationToken))`

Gets metadata of an object.

Expand All @@ -884,6 +893,7 @@ __Parameters__
|:--- |:--- |:--- |
| ``bucketName`` | _string_ | Name of the bucket |
| ``objectName`` | _string_ | Object name in the bucket |
| ``sse`` | _ServerSideEncryption_ | Server-side encryption option | Optional parameter. Defaults to null |
| ``cancellationToken``| _System.Threading.CancellationToken_ | Optional parameter. Defaults to default(CancellationToken) |


Expand Down Expand Up @@ -913,9 +923,9 @@ catch(MinioException e)
```

<a name="copyObject"></a>
### CopyObjectAsync(string bucketName, string objectName, string destBucketName, string destObjectName = null, CopyConditions copyConditions = null,Dictionary<string, string> metadata = null)
### CopyObjectAsync(string bucketName, string objectName, string destBucketName, string destObjectName = null, CopyConditions copyConditions = null,Dictionary<string, string> metadata = null, ServerSideEncryption sseSrc = null, ServerSideEncryption sseDest = null)

*`Task<CopyObjectResult> CopyObjectAsync(string bucketName, string objectName, string destBucketName, string destObjectName = null, CopyConditions copyConditions = null, Dictionary<string, string> metadata = null,CancellationToken cancellationToken = default(CancellationToken))`*
*`Task<CopyObjectResult> CopyObjectAsync(string bucketName, string objectName, string destBucketName, string destObjectName = null, CopyConditions copyConditions = null, Dictionary<string, string> metadata = null,ServerSideEncryption sseSrc = null, ServerSideEncryption sseDest = null,CancellationToken cancellationToken = default(CancellationToken))`*

Copies content from objectName to destObjectName.

Expand All @@ -931,6 +941,8 @@ __Parameters__
| ``destObjectName`` | _string_ | Destination object name to be created, if not provided defaults to source object name|
| ``copyConditions`` | _CopyConditions_ | Map of conditions useful for applying restrictions on copy operation|
| ``metadata`` | _Dictionary<string,string>_ | Dictionary of meta data headers and their values on the destination side.Defaults to null.|
| ``sseSrc`` | _ServerSideEncryption_ | Server-side encryption option for source object | Optional parameter. Defaults to null |
| ``sseDest`` | _ServerSideEncryption_ | Server-side encryption option for destination object| Optional parameter. Defaults to null |
| ``cancellationToken``| _System.Threading.CancellationToken_ | Optional parameter. Defaults to default(CancellationToken) |


Expand All @@ -945,15 +957,23 @@ __Parameters__
__Example__


This API performs a server side copy operation from a given source object to destination object.
This API performs a Server-side copy operation from a given source object to destination object.

```cs
try
{
CopyConditions copyConditions = new CopyConditions();
copyConditions.setMatchETagNone("TestETag");

await minioClient.CopyObjectAsync("mybucket", "island.jpg", "mydestbucket", "processed.png", copyConditions);
ServerSideEncryption sseSrc,sseDst;
// Uncomment to specify source and destination Server-side encryption options
/*
Aes aesEncryption = Aes.Create();
aesEncryption.KeySize = 256;
aesEncryption.GenerateKey();
sseSrc = new SSEC(aesEncryption.Key);
sseDst = new SSES3();
*/
await minioClient.CopyObjectAsync("mybucket", "island.jpg", "mydestbucket", "processed.png", copyConditions,sseSrc:sseSrc, sseDest:sseDst);
Console.Out.WriteLine("island.jpg is uploaded successfully");
}
catch(MinioException e)
Expand Down
10 changes: 8 additions & 2 deletions Minio.Examples/Cases/CopyObject.cs
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@
using System;
using System.Threading.Tasks;

using Minio.DataModel;

namespace Minio.Examples.Cases
{
class CopyObject
Expand All @@ -26,7 +28,9 @@ public async static Task Run(Minio.MinioClient minio,
string fromBucketName="from-bucket-name",
string fromObjectName="from-object-name",
string destBucketName="dest-bucket",
string destObjectName="to-object-name")
string destObjectName="to-object-name",
ServerSideEncryption sseSrc = null,
ServerSideEncryption sseDest = null)
{
try
{
Expand All @@ -36,7 +40,9 @@ await minio.CopyObjectAsync(fromBucketName,
fromObjectName,
destBucketName,
destObjectName,
copyConditions:null);
copyConditions:null,
sseSrc: sseSrc,
sseDest: sseDest);
Console.Out.WriteLine("Copied object {0} from bucket {1} to bucket {2}", fromObjectName, fromBucketName, destBucketName);
Console.Out.WriteLine();
}
Expand Down
7 changes: 5 additions & 2 deletions Minio.Examples/Cases/FGetObject.cs
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,8 @@
using System.IO;
using System.Threading.Tasks;

using Minio.DataModel;

namespace Minio.Examples.Cases
{
class FGetObject
Expand All @@ -26,13 +28,14 @@ class FGetObject
public async static Task Run(Minio.MinioClient minio,
string bucketName = "my-bucket-name",
string objectName = "my-object-name",
string fileName="local-filename")
string fileName="local-filename",
ServerSideEncryption sse = null)
{
try
{
Console.Out.WriteLine("Running example for API: GetObjectAsync");
File.Delete(fileName);
await minio.GetObjectAsync(bucketName, objectName, fileName);
await minio.GetObjectAsync(bucketName, objectName, fileName, sse: sse);
Console.WriteLine("Downloaded the file " + fileName + " from bucket " + bucketName);
Console.Out.WriteLine();
}
Expand Down
10 changes: 7 additions & 3 deletions Minio.Examples/Cases/PutObject.cs
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,9 @@
using System;
using System.IO;
using System.Threading.Tasks;
using Minio.DataModel;

using System.Security.Cryptography;

namespace Minio.Examples.Cases
{
Expand All @@ -28,7 +31,8 @@ class PutObject
public async static Task Run(Minio.MinioClient minio,
string bucketName = "my-bucket-name",
string objectName = "my-object-name",
string fileName="location-of-file")
string fileName="location-of-file",
ServerSideEncryption sse = null)
{
try
{
Expand All @@ -43,12 +47,12 @@ public async static Task Run(Minio.MinioClient minio,
{
Console.Out.WriteLine("Running example for API: PutObjectAsync with Stream and MultiPartUpload");
}

await minio.PutObjectAsync(bucketName,
objectName,
filestream,
filestream.Length,
"application/octet-stream");
"application/octet-stream",
sse:sse);
}


Expand Down
31 changes: 28 additions & 3 deletions Minio.Examples/Program.cs
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,9 @@
using Minio.DataModel;
using Minio.Exceptions;

using System.Net;
using System.Security.Cryptography;

namespace Minio.Examples
{
public class Program
Expand Down Expand Up @@ -73,7 +76,8 @@ public static void Main(string[] args)
secretKey = "zuf+tfteSlswRu7BJ86wekitnifILbZam1KYY3TG";
enableHTTPS = true;
}

ServicePointManager.ServerCertificateValidationCallback +=
(sender, certificate, chain, sslPolicyErrors) => true;
// WithSSL() enables SSL support in Minio client
MinioClient minioClient = null;
if (enableHTTPS)
Expand Down Expand Up @@ -101,7 +105,6 @@ public static void Main(string[] args)
// Set HTTP Tracing On
// minioClient.SetTraceOn();


// Set HTTP Tracing Off
// minioClient.SetTraceOff();
// Check if bucket exists
Expand Down Expand Up @@ -146,6 +149,27 @@ public static void Main(string[] args)
// Automatic Multipart Upload with object more than 5Mb
Cases.PutObject.Run(minioClient, bucketName, objectName, bigFileName).Wait();

// Specify SSE-C encryption options
Aes aesEncryption = Aes.Create();
aesEncryption.KeySize = 256;
aesEncryption.GenerateKey();
var ssec = new SSEC(aesEncryption.Key);
// Specify SSE-C source side encryption for Copy operations
var sseCpy = new SSECopy(aesEncryption.Key);

// Uncommment to specify SSE-S3 encryption option
// var sses3 = new SSES3();

// Uncommment to specify SSE-KMS encryption option
// var sseKms = new SSEKMS("kms-key",new Dictionary<string,string>{{ "kms-context", "somevalue"}});

// Upload encrypted object
Cases.PutObject.Run(minioClient, bucketName, objectName, smallFileName,sse:ssec).Wait();
// Copy SSE-C encrypted object to unencrypted object
Cases.CopyObject.Run(minioClient, bucketName, objectName, destBucketName, objectName,sseSrc:sseCpy,sseDest:ssec).Wait();
// Download SSE-C encrypted object
Cases.FGetObject.Run(minioClient, destBucketName, objectName, bigFileName,sse:ssec).Wait();

// List the incomplete uploads
Cases.ListIncompleteUploads.Run(minioClient, bucketName);

Expand Down Expand Up @@ -190,12 +214,13 @@ public static void Main(string[] args)
// Remove the buckets
Cases.RemoveBucket.Run(minioClient, bucketName).Wait();
Cases.RemoveBucket.Run(minioClient, destBucketName).Wait();

// Remove the binary files created for test
File.Delete(smallFileName);
File.Delete(bigFileName);

Console.ReadLine();

}
catch (MinioException ex)
{
Expand Down
Loading

0 comments on commit d5934ed

Please sign in to comment.