static async Task <GetObjectResponse> MyPutObjectAsync(EncryptionMaterials materials, string bucketName, string keyName)
{
// CryptoStorageMode.ObjectMetadata is required for KMS EncryptionMaterials
var config = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.ObjectMetadata
};
AmazonS3EncryptionClient s3Client = new AmazonS3EncryptionClient(config, materials);
// encrypt and put object
var putRequest = new PutObjectRequest
{
BucketName = bucketName,
Key = keyName,
ContentBody = "object content"
};
await s3Client.PutObjectAsync(putRequest);
// get object and decrypt
var getRequest = new GetObjectRequest
{
BucketName = bucketName,
Key = keyName
};
GetObjectResponse response = await s3Client.GetObjectAsync(getRequest);
return(response);
}
public EncryptionTests()
{
using (var kmsClient = new AmazonKeyManagementServiceClient())
{
var response = CallAsyncTask(
kmsClient.CreateKeyAsync(new CreateKeyRequest
{
Description = "Key for .NET integration tests.",
Origin = OriginType.AWS_KMS,
KeyUsage = KeyUsageType.ENCRYPT_DECRYPT
}));
kmsKeyID = response.KeyMetadata.KeyId;
}
var encryptionMaterials = new EncryptionMaterials(RSA.Create());
var kmsEncryptionMaterials = new EncryptionMaterials(kmsKeyID);
AmazonS3CryptoConfiguration config = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.InstructionFile
};
s3EncryptionClientMetadataMode = new AmazonS3EncryptionClient(encryptionMaterials);
s3EncryptionClientFileMode = new AmazonS3EncryptionClient(config, encryptionMaterials);
s3EncryptionClientMetadataModeKMS = new AmazonS3EncryptionClient(kmsEncryptionMaterials);
s3EncryptionClientFileModeKMS = new AmazonS3EncryptionClient(config, kmsEncryptionMaterials);
using (StreamWriter writer = File.CreateText(filePath))
{
writer.Write(sampleContent);
}
bucketName = CallAsyncTask(UtilityMethods.CreateBucketAsync(s3EncryptionClientFileMode, GetType().Name));
}
public void Initialize()
{
kmsClient = new AmazonKeyManagementServiceClient(RegionEndpoint.USEast1);
s3Client = new AmazonS3Client(RegionEndpoint.USEast1);
// Create a bucket to store objects related to this test.
bucketName = GetOrCreateBucket(s3Client);
// Create a KMS key, and an S3 object with the KMSKeyID.
kmsKeyID = GetOrCreateKMSKey(s3Client, kmsClient, bucketName);
// Create an S3 object with a symmetric key used for testing.
symmetricAlgorithm = GetOrCreateSymmetricAlgorithm(s3Client, bucketName);
var encryptionMaterials = new EncryptionMaterials(symmetricAlgorithm);
var kmsEncryptionMaterials = new EncryptionMaterials(kmsKeyID);
AmazonS3CryptoConfiguration config = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.InstructionFile
};
s3EncryptionClientMetadataMode = new AmazonS3EncryptionClient(encryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataMode);
s3EncryptionClientFileMode = new AmazonS3EncryptionClient(config, encryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileMode);
s3EncryptionClientMetadataModeKMS = new AmazonS3EncryptionClient(kmsEncryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeKMS);
s3EncryptionClientFileModeKMS = new AmazonS3EncryptionClient(config, kmsEncryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeKMS);
}
public EncryptionTestsV1NInteropV2(KmsKeyIdProvider kmsKeyIdProvider) : base(kmsKeyIdProvider)
{
kmsKeyID = _kmsKeyIdProvider.GetKmsIdAsync().GetAwaiter().GetResult();
var rsa = RSA.Create();
var aes = Aes.Create();
var asymmetricEncryptionMaterialsV1N = new EncryptionMaterials(rsa);
var symmetricEncryptionMaterialsV1N = new EncryptionMaterials(aes);
var kmsEncryptionMaterialsV1N = new EncryptionMaterials(kmsKeyID);
var configV1N = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.InstructionFile
};
var asymmetricEncryptionMaterialsV2 = new EncryptionMaterialsV2(rsa, AsymmetricAlgorithmType.RsaOaepSha1);
var symmetricEncryptionMaterialsV2 = new EncryptionMaterialsV2(aes, SymmetricAlgorithmType.AesGcm);
var kmsEncryptionMaterialsV2 = new EncryptionMaterialsV2(kmsKeyID, KmsType.KmsContext, new Dictionary <string, string>());
metadataConfigV2 = new AmazonS3CryptoConfigurationV2(SecurityProfile.V2AndLegacy)
{
StorageMode = CryptoStorageMode.ObjectMetadata,
};
fileConfigV2 = new AmazonS3CryptoConfigurationV2(SecurityProfile.V2AndLegacy)
{
StorageMode = CryptoStorageMode.InstructionFile,
};
#pragma warning disable 0618
s3EncryptionClientMetadataModeAsymmetricWrapV1N = new AmazonS3EncryptionClient(asymmetricEncryptionMaterialsV1N);
s3EncryptionClientFileModeAsymmetricWrapV1N = new AmazonS3EncryptionClient(configV1N, asymmetricEncryptionMaterialsV1N);
s3EncryptionClientMetadataModeSymmetricWrapV1N = new AmazonS3EncryptionClient(symmetricEncryptionMaterialsV1N);
s3EncryptionClientFileModeSymmetricWrapV1N = new AmazonS3EncryptionClient(configV1N, symmetricEncryptionMaterialsV1N);
s3EncryptionClientMetadataModeKMSV1N = new AmazonS3EncryptionClient(kmsEncryptionMaterialsV1N);
s3EncryptionClientFileModeKMSV1N = new AmazonS3EncryptionClient(configV1N, kmsEncryptionMaterialsV1N);
#pragma warning restore 0618
s3EncryptionClientMetadataModeAsymmetricWrapV2 = new AmazonS3EncryptionClientV2(metadataConfigV2, asymmetricEncryptionMaterialsV2);
s3EncryptionClientFileModeAsymmetricWrapV2 = new AmazonS3EncryptionClientV2(fileConfigV2, asymmetricEncryptionMaterialsV2);
s3EncryptionClientMetadataModeSymmetricWrapV2 = new AmazonS3EncryptionClientV2(metadataConfigV2, symmetricEncryptionMaterialsV2);
s3EncryptionClientFileModeSymmetricWrapV2 = new AmazonS3EncryptionClientV2(fileConfigV2, symmetricEncryptionMaterialsV2);
s3EncryptionClientMetadataModeKMSV2 = new AmazonS3EncryptionClientV2(metadataConfigV2, kmsEncryptionMaterialsV2);
s3EncryptionClientFileModeKMSV2 = new AmazonS3EncryptionClientV2(fileConfigV2, kmsEncryptionMaterialsV2);
using (var writer = File.CreateText(filePath))
{
writer.Write(SampleContent);
}
bucketName = EncryptionTestsUtils.CallAsyncTask(UtilityMethods.CreateBucketAsync(s3EncryptionClientFileModeAsymmetricWrapV1N));
}
public static void Main(string[] args)
{
string kmsKeyID = null;
using (var kmsClient = new AmazonKeyManagementServiceClient())
{
var response = kmsClient.CreateKey(new CreateKeyRequest());
kmsKeyID = response.KeyMetadata.KeyId;
var keyMetadata = response.KeyMetadata; // An object that contains information about the CMK created by this operation.
var bucketName = "<s3bucket>";
var objectKey = "key";
var kmsEncryptionMaterials = new EncryptionMaterials(kmsKeyID);
// CryptoStorageMode.ObjectMetadata is required for KMS EncryptionMaterials
var config = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.ObjectMetadata
};
using (var s3Client = new AmazonS3EncryptionClient(config, kmsEncryptionMaterials))
{
// encrypt and put object
var putRequest = new PutObjectRequest
{
BucketName = bucketName,
Key = objectKey,
ContentBody = "object content"
};
s3Client.PutObject(putRequest);
// get object and decrypt
var getRequest = new GetObjectRequest
{
BucketName = bucketName,
Key = objectKey
};
using (var getResponse = s3Client.GetObject(getRequest))
using (var stream = getResponse.ResponseStream)
using (var reader = new StreamReader(stream))
{
Console.WriteLine(reader.ReadToEnd());
}
}
}
Console.WriteLine("Press any key to continue...");
Console.ReadKey();
}
#pragma warning restore 0618
public EncryptionTestsV1InteropV1N(KmsKeyIdProvider kmsKeyIdProvider) : base(kmsKeyIdProvider)
{
kmsKeyID = _kmsKeyIdProvider.GetKmsIdAsync().GetAwaiter().GetResult();
var rsa = RSA.Create();
var aes = Aes.Create();
var asymmetricEncryptionMaterialsV1 = new Amazon.S3.Encryption.EncryptionMaterials(rsa);
var asymmetricEncryptionMaterialsV1N = new EncryptionMaterials(rsa);
var symmetricEncryptionMaterialsV1 = new Amazon.S3.Encryption.EncryptionMaterials(aes);
var symmetricEncryptionMaterialsV1N = new EncryptionMaterials(aes);
var kmsEncryptionMaterialsV1 = new Amazon.S3.Encryption.EncryptionMaterials(kmsKeyID);
var kmsEncryptionMaterialsV1N = new EncryptionMaterials(kmsKeyID);
var configV1 = new Amazon.S3.Encryption.AmazonS3CryptoConfiguration()
{
StorageMode = Amazon.S3.Encryption.CryptoStorageMode.InstructionFile
};
var configV1N = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.InstructionFile
};
s3EncryptionClientMetadataModeAsymmetricWrapV1 = new Amazon.S3.Encryption.AmazonS3EncryptionClient(asymmetricEncryptionMaterialsV1);
s3EncryptionClientFileModeAsymmetricWrapV1 = new Amazon.S3.Encryption.AmazonS3EncryptionClient(configV1, asymmetricEncryptionMaterialsV1);
s3EncryptionClientMetadataModeSymmetricWrapV1 = new Amazon.S3.Encryption.AmazonS3EncryptionClient(symmetricEncryptionMaterialsV1);
s3EncryptionClientFileModeSymmetricWrapV1 = new Amazon.S3.Encryption.AmazonS3EncryptionClient(configV1, symmetricEncryptionMaterialsV1);
s3EncryptionClientMetadataModeKMSV1 = new Amazon.S3.Encryption.AmazonS3EncryptionClient(kmsEncryptionMaterialsV1);
s3EncryptionClientFileModeKMSV1 = new Amazon.S3.Encryption.AmazonS3EncryptionClient(configV1, kmsEncryptionMaterialsV1);
#pragma warning disable 0618
s3EncryptionClientMetadataModeAsymmetricWrapV1N = new AmazonS3EncryptionClient(asymmetricEncryptionMaterialsV1N);
s3EncryptionClientFileModeAsymmetricWrapV1N = new AmazonS3EncryptionClient(configV1N, asymmetricEncryptionMaterialsV1N);
s3EncryptionClientMetadataModeSymmetricWrapV1N = new AmazonS3EncryptionClient(symmetricEncryptionMaterialsV1N);
s3EncryptionClientFileModeSymmetricWrapV1N = new AmazonS3EncryptionClient(configV1N, symmetricEncryptionMaterialsV1N);
s3EncryptionClientMetadataModeKMSV1N = new AmazonS3EncryptionClient(kmsEncryptionMaterialsV1N);
s3EncryptionClientFileModeKMSV1N = new AmazonS3EncryptionClient(configV1N, kmsEncryptionMaterialsV1N);
#pragma warning restore 0618
using (var writer = File.CreateText(filePath))
{
writer.Write(SampleContent);
}
bucketName = EncryptionTestsUtils.CallAsyncTask(UtilityMethods.CreateBucketAsync(s3EncryptionClientFileModeAsymmetricWrapV1));
}
public static void Initialize(TestContext a)
{
EncryptionMaterials encryptionMaterials = new EncryptionMaterials(generateAsymmetricProvider());
s3EncryptionClientMetadataMode = new AmazonS3EncryptionClient(encryptionMaterials);
AmazonS3CryptoConfiguration config = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.InstructionFile
};
s3EncryptionClientFileMode = new AmazonS3EncryptionClient(config, encryptionMaterials);
using (StreamWriter writer = File.CreateText(fileName))
{
writer.Write(sampleContent);
}
bucketName = S3TestUtils.CreateBucket(s3EncryptionClientFileMode);
}
public EncryptionTests()
{
s3EncryptionClientMetadataMode = new AmazonS3EncryptionClient(encryptionMaterials);
AmazonS3CryptoConfiguration config = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.InstructionFile
};
s3EncryptionClientFileMode = new AmazonS3EncryptionClient(config, encryptionMaterials);
filePath = Path.Combine(Path.GetTempPath(), "EncryptionPutObjectFile.txt");
using (StreamWriter writer = File.CreateText(filePath))
{
writer.Write(sampleContent);
}
_filesToDelete.Add(filePath);
bucketName = UtilityMethods.CreateBucketAsync(s3EncryptionClientFileMode, "EncryptionTests").Result;
}
public static void Initialize(TestContext a)
{
using (var kmsClient = new AmazonKeyManagementServiceClient())
{
var response = kmsClient.CreateKey(new CreateKeyRequest
{
Description = "Key for .NET integration tests.",
Origin = OriginType.AWS_KMS,
KeyUsage = KeyUsageType.ENCRYPT_DECRYPT
});
kmsKeyID = response.KeyMetadata.KeyId;
}
var encryptionMaterials = new EncryptionMaterials(RSA.Create());
var kmsEncryptionMaterials = new EncryptionMaterials(kmsKeyID);
AmazonS3CryptoConfiguration config = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.InstructionFile
};
s3EncryptionClientMetadataMode = new AmazonS3EncryptionClient(encryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataMode);
s3EncryptionClientFileMode = new AmazonS3EncryptionClient(config, encryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileMode);
s3EncryptionClientMetadataModeKMS = new AmazonS3EncryptionClient(kmsEncryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeKMS);
s3EncryptionClientFileModeKMS = new AmazonS3EncryptionClient(config, kmsEncryptionMaterials);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeKMS);
using (StreamWriter writer = File.CreateText(filePath))
{
writer.Write(sampleContent);
}
bucketName = S3TestUtils.CreateBucket(s3EncryptionClientFileMode);
}
public async Task <bool> WriteValue(string key, string value)
{
using (var kmsClient = new AmazonKeyManagementServiceClient())
{
var response = await kmsClient.CreateKeyAsync(new CreateKeyRequest());
string kmsKeyID = response.KeyMetadata.KeyId;
var keyMetadata = response.KeyMetadata;
var bucketName = "<your S3 bucket name>";
var objectKey = key;
var kmsEncryptionMaterials = new EncryptionMaterials(kmsKeyID);
var config = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.ObjectMetadata
};
using (var s3Client = new AmazonS3EncryptionClient(config, kmsEncryptionMaterials))
{
var putRequest = new PutObjectRequest
{
BucketName = bucketName,
Key = objectKey,
ContentBody = value
};
var obj = await s3Client.PutObjectAsync(putRequest);
if (obj.HttpStatusCode == HttpStatusCode.OK)
{
return(true);
}
}
}
return(false);
}
public async Task <string> ReadValue(string key)
{
using (var kmsClient = new AmazonKeyManagementServiceClient())
{
string kmsKeyID = null;
var response = await kmsClient.CreateKeyAsync(new CreateKeyRequest());
kmsKeyID = response.KeyMetadata.KeyId;
var keyMetadata = response.KeyMetadata;
var bucketName = "<your S3 bucket name>";
var objectKey = key;
var kmsEncryptionMaterials = new EncryptionMaterials(key);
var config = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.ObjectMetadata
};
using (var s3Client = new AmazonS3EncryptionClient(config, kmsEncryptionMaterials))
{
var getRequest = new GetObjectRequest
{
BucketName = bucketName,
Key = objectKey
};
using (var getResponse = await s3Client.GetObjectAsync(getRequest))
using (var stream = getResponse.ResponseStream)
using (var reader = new StreamReader(stream))
{
return(reader.ReadToEnd());
}
}
}
}
///<inheritdoc/>
public AmazonS3EncryptionClient(string awsAccessKeyId, string awsSecretAccessKey, string awsSessionToken, RegionEndpoint region, EncryptionMaterials materials)
: base(awsAccessKeyId, awsSecretAccessKey, awsSessionToken, region, materials)
{
S3CryptoConfig = new AmazonS3CryptoConfiguration();
}
///<inheritdoc/>
public AmazonS3EncryptionClient(string awsAccessKeyId, string awsSecretAccessKey, AmazonS3CryptoConfiguration config, EncryptionMaterials materials)
: base(awsAccessKeyId, awsSecretAccessKey, config, materials)
{
}
///<inheritdoc/>
public AmazonS3EncryptionClient(AWSCredentials credentials, AmazonS3CryptoConfiguration config, EncryptionMaterials materials)
: base(credentials, config, materials)
{
}
///<inheritdoc/>
public AmazonS3EncryptionClient(AWSCredentials credentials, RegionEndpoint region, EncryptionMaterials materials)
: base(credentials, region, materials)
{
S3CryptoConfig = new AmazonS3CryptoConfiguration();
}
///<inheritdoc/>
public AmazonS3EncryptionClient(AmazonS3CryptoConfiguration config, EncryptionMaterials materials)
: base(config, materials)
{
}
///<inheritdoc/>
public AmazonS3EncryptionClient(RegionEndpoint region, EncryptionMaterials materials)
: base(region, materials)
{
S3CryptoConfig = new AmazonS3CryptoConfiguration();
}
private AmazonS3EncryptionClient GetS3EncryptionClient(EncryptionMaterials materials, AmazonS3CryptoConfiguration cryptoConfig)
{
return(new AmazonS3EncryptionClient(GetAwsCredentials(), cryptoConfig, materials));
}
#pragma warning restore 0618
public EncryptionTestsV1InteropV1N() : base(KmsKeyIdProvider.Instance)
{
filePath = Path.Combine(Path.GetTempPath(), $"EncryptionPutObjectFile-{Guid.NewGuid()}.txt");
kmsKeyID = _kmsKeyIdProvider.GetKmsId();
var rsa = RSA.Create();
var aes = Aes.Create();
var asymmetricEncryptionMaterialsV1 = new Amazon.S3.Encryption.EncryptionMaterials(rsa);
var asymmetricEncryptionMaterialsV1N = new EncryptionMaterials(rsa);
var symmetricEncryptionMaterialsV1 = new Amazon.S3.Encryption.EncryptionMaterials(aes);
var symmetricEncryptionMaterialsV1N = new EncryptionMaterials(aes);
var kmsEncryptionMaterialsV1 = new Amazon.S3.Encryption.EncryptionMaterials(kmsKeyID);
var kmsEncryptionMaterialsV1N = new EncryptionMaterials(kmsKeyID);
var configV1 = new Amazon.S3.Encryption.AmazonS3CryptoConfiguration()
{
StorageMode = Amazon.S3.Encryption.CryptoStorageMode.InstructionFile
};
var configV1N = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.InstructionFile
};
s3EncryptionClientMetadataModeAsymmetricWrapV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(asymmetricEncryptionMaterialsV1);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeAsymmetricWrapV1);
s3EncryptionClientFileModeAsymmetricWrapV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(configV1, asymmetricEncryptionMaterialsV1);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeAsymmetricWrapV1);
s3EncryptionClientMetadataModeSymmetricWrapV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(symmetricEncryptionMaterialsV1);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeSymmetricWrapV1);
s3EncryptionClientFileModeSymmetricWrapV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(configV1, symmetricEncryptionMaterialsV1);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeSymmetricWrapV1);
s3EncryptionClientMetadataModeKMSV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(kmsEncryptionMaterialsV1);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeKMSV1);
s3EncryptionClientFileModeKMSV1 =
new Amazon.S3.Encryption.AmazonS3EncryptionClient(configV1, kmsEncryptionMaterialsV1);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeKMSV1);
s3EncryptionClientMetadataModeAsymmetricWrapV1N =
new AmazonS3EncryptionClient(asymmetricEncryptionMaterialsV1N);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeAsymmetricWrapV1N);
s3EncryptionClientFileModeAsymmetricWrapV1N =
new AmazonS3EncryptionClient(configV1N, asymmetricEncryptionMaterialsV1N);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeAsymmetricWrapV1N);
s3EncryptionClientMetadataModeSymmetricWrapV1N =
new AmazonS3EncryptionClient(symmetricEncryptionMaterialsV1N);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeSymmetricWrapV1N);
s3EncryptionClientFileModeSymmetricWrapV1N =
new AmazonS3EncryptionClient(configV1N, symmetricEncryptionMaterialsV1N);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeSymmetricWrapV1N);
s3EncryptionClientMetadataModeKMSV1N = new AmazonS3EncryptionClient(kmsEncryptionMaterialsV1N);
RetryUtilities.ForceConfigureClient(s3EncryptionClientMetadataModeKMSV1N);
s3EncryptionClientFileModeKMSV1N = new AmazonS3EncryptionClient(configV1N, kmsEncryptionMaterialsV1N);
RetryUtilities.ForceConfigureClient(s3EncryptionClientFileModeKMSV1N);
using (var writer = File.CreateText(filePath))
{
writer.Write(SampleContent);
}
bucketName = S3TestUtils.CreateBucketWithWait(s3EncryptionClientFileModeAsymmetricWrapV1);
}
public EncryptionTestsV1NInteropV2() : base(KmsKeyIdProvider.Instance)
{
kmsKeyID = _kmsKeyIdProvider.GetKmsId();
var rsa = RSA.Create();
var aes = Aes.Create();
var asymmetricEncryptionMaterialsV1N = new EncryptionMaterials(rsa);
var symmetricEncryptionMaterialsV1N = new EncryptionMaterials(aes);
var kmsEncryptionMaterialsV1N = new EncryptionMaterials(kmsKeyID);
var configV1N = new AmazonS3CryptoConfiguration()
{
StorageMode = CryptoStorageMode.InstructionFile
};
var asymmetricEncryptionMaterialsV2 = new EncryptionMaterialsV2(rsa, AsymmetricAlgorithmType.RsaOaepSha1);
var symmetricEncryptionMaterialsV2 = new EncryptionMaterialsV2(aes, SymmetricAlgorithmType.AesGcm);
var kmsEncryptionMaterialsV2 =
new EncryptionMaterialsV2(kmsKeyID, KmsType.KmsContext, new Dictionary <string, string>());
fileConfigV2 = new AmazonS3CryptoConfigurationV2(SecurityProfile.V2AndLegacy)
{
StorageMode = CryptoStorageMode.InstructionFile,
};
metadataConfigV2 = new AmazonS3CryptoConfigurationV2(SecurityProfile.V2AndLegacy)
{
StorageMode = CryptoStorageMode.ObjectMetadata,
};
s3EncryptionClientMetadataModeAsymmetricWrapV1N =
new AmazonS3EncryptionClient(asymmetricEncryptionMaterialsV1N);
s3EncryptionClientFileModeAsymmetricWrapV1N =
new AmazonS3EncryptionClient(configV1N, asymmetricEncryptionMaterialsV1N);
s3EncryptionClientMetadataModeSymmetricWrapV1N =
new AmazonS3EncryptionClient(symmetricEncryptionMaterialsV1N);
s3EncryptionClientFileModeSymmetricWrapV1N =
new AmazonS3EncryptionClient(configV1N, symmetricEncryptionMaterialsV1N);
s3EncryptionClientMetadataModeKMSV1N = new AmazonS3EncryptionClient(kmsEncryptionMaterialsV1N);
s3EncryptionClientFileModeKMSV1N = new AmazonS3EncryptionClient(configV1N, kmsEncryptionMaterialsV1N);
s3EncryptionClientMetadataModeAsymmetricWrapV2 =
new AmazonS3EncryptionClientV2(metadataConfigV2, asymmetricEncryptionMaterialsV2);
s3EncryptionClientFileModeAsymmetricWrapV2 =
new AmazonS3EncryptionClientV2(fileConfigV2, asymmetricEncryptionMaterialsV2);
s3EncryptionClientMetadataModeSymmetricWrapV2 =
new AmazonS3EncryptionClientV2(metadataConfigV2, symmetricEncryptionMaterialsV2);
s3EncryptionClientFileModeSymmetricWrapV2 =
new AmazonS3EncryptionClientV2(fileConfigV2, symmetricEncryptionMaterialsV2);
s3EncryptionClientMetadataModeKMSV2 =
new AmazonS3EncryptionClientV2(metadataConfigV2, kmsEncryptionMaterialsV2);
s3EncryptionClientFileModeKMSV2 = new AmazonS3EncryptionClientV2(fileConfigV2, kmsEncryptionMaterialsV2);
using (var writer = File.CreateText(filePath))
{
writer.Write(SampleContent);
}
bucketName = S3TestUtils.CreateBucketWithWait(s3EncryptionClientFileModeAsymmetricWrapV1N);
}
///<inheritdoc/>
public AmazonS3EncryptionClient(EncryptionMaterials materials) : base(materials)
{
S3CryptoConfig = new AmazonS3CryptoConfiguration();
}
