/// <summary>
/// Sets the server side encryption method for the S3 Object to the value
/// specified.
/// </summary>
/// <param name="bucketName">The name of the bucket in which the key is stored</param>
/// <param name="key">The key of the S3 Object</param>
/// <param name="method">The server side encryption method</param>
/// <param name="s3Client">The Amazon S3 Client to use for S3 specific operations.</param>
public static void SetServerSideEncryption(string bucketName, string key, ServerSideEncryptionMethod method, AmazonS3 s3Client)
{
SetServerSideEncryption(bucketName, key, null, method, s3Client);
}
/// <summary>
/// Sets the server side encryption method for the S3 Object Version to the value
/// specified.
/// </summary>
/// <param name="s3ObjectVer">The S3 Object Version</param>
/// <param name="method">The server side encryption method</param>
/// <param name="s3Client">The Amazon S3 Client to use for S3 specific operations.</param>
public static void SetServerSideEncryption(S3ObjectVersion s3ObjectVer, ServerSideEncryptionMethod method, AmazonS3 s3Client)
{
SetServerSideEncryption(s3ObjectVer.BucketName, s3ObjectVer.Key, s3ObjectVer.VersionId, method, s3Client);
}
public GetPreSignedUrlRequest WithServerSideEncryptionMethod(ServerSideEncryptionMethod encryption)
{
this.ServerSideEncryptionMethod = encryption;
return this;
}
/// <summary>
/// Sets the server side encryption method for the S3 Object to the value
/// specified.
/// </summary>
/// <param name="s3Object">The S3 Object</param>
/// <param name="method">The server side encryption method</param>
/// <param name="s3Client">The Amazon S3 Client to use for S3 specific operations.</param>
public static void SetServerSideEncryption(S3Object s3Object, ServerSideEncryptionMethod method, AmazonS3 s3Client)
{
SetServerSideEncryption(s3Object.BucketName, s3Object.Key, method, s3Client);
}
public override IDataStore Configure(IDictionary <string, string> props)
{
_accessKeyId = props["acesskey"];
_secretAccessKeyId = props["secretaccesskey"];
_bucket = props["bucket"];
if (props.ContainsKey("recycleDir"))
{
_recycleDir = props["recycleDir"];
}
if (props.ContainsKey("region") && !string.IsNullOrEmpty(props["region"]))
{
_region = props["region"];
}
if (props.ContainsKey("serviceurl") && !string.IsNullOrEmpty(props["serviceurl"]))
{
_serviceurl = props["serviceurl"];
}
if (props.ContainsKey("forcepathstyle"))
{
bool fps;
if (bool.TryParse(props["forcepathstyle"], out fps))
{
_forcepathstyle = fps;
}
}
if (props.ContainsKey("usehttp"))
{
bool uh;
if (bool.TryParse(props["usehttp"], out uh))
{
_useHttp = uh;
}
}
if (props.ContainsKey("sse") && !string.IsNullOrEmpty(props["sse"]))
{
switch (props["sse"].ToLower())
{
case "none":
_sse = ServerSideEncryptionMethod.None;
break;
case "aes256":
_sse = ServerSideEncryptionMethod.AES256;
break;
case "awskms":
_sse = ServerSideEncryptionMethod.AWSKMS;
break;
default:
_sse = ServerSideEncryptionMethod.None;
break;
}
}
_bucketRoot = props.ContainsKey("cname") && Uri.IsWellFormedUriString(props["cname"], UriKind.Absolute)
? new Uri(props["cname"], UriKind.Absolute)
: new Uri(String.Format("http://s3.{1}.amazonaws.com/{0}/", _bucket, _region), UriKind.Absolute);
_bucketSSlRoot = props.ContainsKey("cnamessl") &&
Uri.IsWellFormedUriString(props["cnamessl"], UriKind.Absolute)
? new Uri(props["cnamessl"], UriKind.Absolute)
: new Uri(String.Format("https://s3.{1}.amazonaws.com/{0}/", _bucket, _region), UriKind.Absolute);
if (props.ContainsKey("lower"))
{
bool.TryParse(props["lower"], out _lowerCasing);
}
if (props.ContainsKey("cloudfront"))
{
bool.TryParse(props["cloudfront"], out _revalidateCloudFront);
}
if (props.ContainsKey("distribution"))
{
_distributionId = props["distribution"];
}
if (props.ContainsKey("subdir"))
{
_subDir = props["subdir"];
}
return(this);
}
/// <summary>
/// Sets the ServerSideEncryptionMethod property for this request.
/// Specifies the encryption used on the server to
/// store the content.
/// </summary>
/// <param name="encryption">
/// The value of the ServerSideEncryptionMethod to set.
/// </param>
/// <returns>
/// The response with the ServerSideEncryptionMethod set.
/// </returns>
public InitiateMultipartUploadRequest WithServerSideEncryptionMethod(ServerSideEncryptionMethod encryption)
{
this.ServerSideEncryptionMethod = encryption;
return this;
}
/// <summary>
/// Sets the ServerSideEncryptionMethod property for this request.
/// Specifies the encryption used on the server to
/// store the content.
/// </summary>
/// <param name="encryption">
/// The value of the ServerSideEncryptionMethod to set.
/// </param>
/// <returns>
/// The response with the ServerSideEncryptionMethod set.
/// </returns>
public InitiateMultipartUploadRequest WithServerSideEncryptionMethod(ServerSideEncryptionMethod encryption)
{
this.ServerSideEncryptionMethod = encryption;
return(this);
}
public PutObjectRequest WithServerSideEncryptionMethod(ServerSideEncryptionMethod encryption)
{
this.ServerSideEncryptionMethod = encryption;
return this;
}
/// <summary>
/// Sets the server side encryption method for the S3 Object's Version to the value
/// specified.
/// </summary>
/// <param name="bucketName">The name of the bucket in which the key is stored</param>
/// <param name="key">The key of the S3 Object</param>
/// <param name="version">The version of the S3 Object</param>
/// <param name="method">The server side encryption method</param>
/// <param name="s3Client">The Amazon S3 Client to use for S3 specific operations.</param>
/// <seealso cref="T:Amazon.S3.Model.S3StorageClass"/>
public static void SetServerSideEncryption(string bucketName, string key, string version, ServerSideEncryptionMethod method, AmazonS3 s3Client)
{
if (null == s3Client)
{
throw new ArgumentNullException("s3Client", "Please specify an S3 Client to make service requests.");
}
// Get the existing ACL of the object
GetACLRequest getACLRequest = new GetACLRequest();
getACLRequest.BucketName = bucketName;
getACLRequest.Key = key;
if (version != null)
getACLRequest.VersionId = version;
GetACLResponse getACLResponse = s3Client.GetACL(getACLRequest);
ListObjectsResponse listObjectResponse = s3Client.ListObjects(new ListObjectsRequest()
.WithBucketName(bucketName)
.WithPrefix(key)
.WithMaxKeys(1));
if (listObjectResponse.S3Objects.Count != 1)
{
throw new ArgumentNullException("No object exists with this bucket name and key.");
}
// Set the storage class on the object
CopyObjectRequest copyRequest = new CopyObjectRequest();
copyRequest.SourceBucket = copyRequest.DestinationBucket = bucketName;
copyRequest.SourceKey = copyRequest.DestinationKey = key;
copyRequest.StorageClass = listObjectResponse.S3Objects[0].StorageClass == "STANDARD" ? S3StorageClass.Standard : S3StorageClass.ReducedRedundancy;
if (version != null)
copyRequest.SourceVersionId = version;
copyRequest.ServerSideEncryptionMethod = method;
// The copyRequest's Metadata directive is COPY by default
CopyObjectResponse copyResponse = s3Client.CopyObject(copyRequest);
// Set the object's original ACL back onto it because a COPY
// operation resets the ACL on the destination object.
SetACLRequest setACLRequest = new SetACLRequest();
setACLRequest.BucketName = bucketName;
setACLRequest.Key = key;
if (version != null)
setACLRequest.VersionId = copyResponse.VersionId;
setACLRequest.ACL = getACLResponse.AccessControlList;
s3Client.SetACL(setACLRequest);
}
/// <summary>
/// Sets the ServerSideEncryptionMethod property for this request.
/// Specifies the encryption used on the server to
/// store the content.
/// </summary>
/// <param name="serverSideEncryption">
/// The value of the ServerSideEncryptionMethod to set.
/// </param>
/// <returns>
/// The response with the ServerSideEncryptionMethod set.
/// </returns>
public CopyPartRequest WithServerSideEncryptionMethod(ServerSideEncryptionMethod serverSideEncryption)
{
this.serverSideEncryption = serverSideEncryption;
return(this);
}
/// <summary>
/// Sets the ServerSideEncryptionMethod property for this request.
/// Specifies the encryption used on the server to
/// store the content.
/// Default is None.
/// </summary>
/// <param name="encryption">
/// The value of the ServerSideEncryptionMethod to set.
/// </param>
/// <returns>
/// The response with the ServerSideEncryptionMethod set.
/// </returns>
public TransferUtilityUploadRequest WithServerSideEncryptionMethod(ServerSideEncryptionMethod encryption)
{
this.ServerSideEncryptionMethod = encryption;
return(this);
}
///// <summary>
///// Sets the server side encryption method for the S3 Object Version to the value
///// specified.
///// </summary>
///// <param name="s3ObjectVer">The S3 Object Version</param>
///// <param name="method">The server side encryption method</param>
///// <param name="s3Client">The Amazon S3 Client to use for S3 specific operations.</param>
//public static void SetServerSideEncryption(S3ObjectVersion s3ObjectVer, ServerSideEncryptionMethod method, IAmazonS3 s3Client)
//{
// SetServerSideEncryption(s3ObjectVer.BucketName, s3ObjectVer.Key, s3ObjectVer.VersionId, method, s3Client);
//}
/// <summary>
/// Sets the server side encryption method for the S3 Object's Version to the value
/// specified.
/// </summary>
/// <param name="bucketName">The name of the bucket in which the key is stored</param>
/// <param name="key">The key of the S3 Object</param>
/// <param name="version">The version of the S3 Object</param>
/// <param name="method">The server side encryption method</param>
/// <param name="s3Client">The Amazon S3 Client to use for S3 specific operations.</param>
public static void SetServerSideEncryption(IAmazonS3 s3Client, string bucketName, string key, string version, ServerSideEncryptionMethod method)
{
CopyObjectRequest copyRequest;
PutACLRequest putACLRequest;
SetupForObjectModification(s3Client, bucketName, key, version, out copyRequest, out putACLRequest);
copyRequest.ServerSideEncryptionMethod = method;
CopyObjectResponse copyResponse = s3Client.CopyObject(copyRequest);
if (!string.IsNullOrEmpty(copyResponse.SourceVersionId))
{
putACLRequest.VersionId = copyResponse.SourceVersionId;
}
s3Client.PutACL(putACLRequest);
}
///// <summary>
///// Sets the server side encryption method for the S3 Object to the value
///// specified.
///// </summary>
///// <param name="s3Object">The S3 Object</param>
///// <param name="method">The server side encryption method</param>
///// <param name="s3Client">The Amazon S3 Client to use for S3 specific operations.</param>
//public static void SetServerSideEncryption(S3Object s3Object, ServerSideEncryptionMethod method, IAmazonS3 s3Client)
//{
// SetServerSideEncryption(s3Object.BucketName, s3Object.Key, method, s3Client);
//}
/// <summary>
/// Sets the server side encryption method for the S3 Object to the value
/// specified.
/// </summary>
/// <param name="bucketName">The name of the bucket in which the key is stored</param>
/// <param name="key">The key of the S3 Object</param>
/// <param name="method">The server side encryption method</param>
/// <param name="s3Client">The Amazon S3 Client to use for S3 specific operations.</param>
public static void SetServerSideEncryption(IAmazonS3 s3Client, string bucketName, string key, ServerSideEncryptionMethod method)
{
SetServerSideEncryption(s3Client, bucketName, key, null, method);
}
/// <summary>
/// Sets the server side encryption method for the S3 Object's Version to the value
/// specified.
/// </summary>
/// <param name="bucketName">The name of the bucket in which the key is stored</param>
/// <param name="key">The key of the S3 Object</param>
/// <param name="version">The version of the S3 Object</param>
/// <param name="method">The server side encryption method</param>
/// <param name="s3Client">The Amazon S3 Client to use for S3 specific operations.</param>
public static void SetServerSideEncryption(string bucketName, string key, string version, ServerSideEncryptionMethod method, AmazonS3 s3Client)
{
CopyObjectRequest copyRequest;
SetACLRequest setACLRequest;
SetupForObjectModification(bucketName, key, version, s3Client, out copyRequest, out setACLRequest);
copyRequest.ServerSideEncryptionMethod = method;
CopyObjectResponse copyResponse = s3Client.CopyObject(copyRequest);
if (!string.IsNullOrEmpty(copyResponse.VersionId))
setACLRequest.VersionId = copyResponse.VersionId;
s3Client.SetACL(setACLRequest);
}
/// <summary>
/// Sets the ServerSideEncryptionMethod property for this request.
/// Specifies the encryption used on the server to
/// store the content.
/// Default is None.
/// </summary>
/// <param name="encryption">
/// The value of the ServerSideEncryptionMethod to set.
/// </param>
/// <returns>
/// The response with the ServerSideEncryptionMethod set.
/// </returns>
public CopyObjectRequest WithServerSideEncryptionMethod(ServerSideEncryptionMethod encryption)
{
this.ServerSideEncryptionMethod = encryption;
return(this);
}
/// <summary>
/// Sets the ServerSideEncryptionMethod property for this request.
/// Specifies the encryption used on the server to
/// store the content.
/// Default is None.
/// </summary>
/// <param name="encryption">
/// The value of the ServerSideEncryptionMethod to set.
/// </param>
/// <returns>
/// The response with the ServerSideEncryptionMethod set.
/// </returns>
public TransferUtilityUploadDirectoryRequest WithServerSideEncryptionMethod(ServerSideEncryptionMethod encryption)
{
this.ServerSideEncryptionMethod = encryption;
return this;
}
/// <summary>
/// Specifies the encryption used on the server to store the content.
/// </summary>
/// <remarks>
/// <para>
/// Default is None.
/// </para>
/// <para>
/// If specifying encryption (not None), the corresponding request must include header
/// "x-amz-server-side-encryption" with the value of the encryption.
/// </para>
/// </remarks>
/// <param name="encryption">The value of the ServerSideEncryptionMethod to set.</param>
/// <returns>The response with the ServerSideEncryptionMethod set.</returns>
public GetPreSignedUrlRequest WithServerSideEncryptionMethod(ServerSideEncryptionMethod encryption)
{
this.ServerSideEncryptionMethod = encryption;
return(this);
}
/// <summary>
/// <para>
/// Specifies the encryption to be used on the server for the new object.
/// </para>
/// <para>
/// Default: None
/// </para>
/// </summary>
/// <param name="serverSideEncryption">ServerSideEncryptionMethod for the new object</param>
/// <returns>The response with the ServerSideEncryptionMethod set.</returns>
public CopyPartRequest WithServerSideEncryptionMethod(ServerSideEncryptionMethod serverSideEncryption)
{
this.serverSideEncryption = serverSideEncryption;
return this;
}
#pragma warning disable S3242 // JObject is more descriptive than 'more general' IDictionary
private static (string ControlValue, byte[] ToEncrypt, string Protector, string ApplicationName, S3XmlRepositoryConfig S3Config, KmsXmlEncryptorConfig KmsConfig) ToOldConfig(JObject config)
#pragma warning restore S3242
{
var controlValue = config[ConfigType].Value <string>();
var protectData = Convert.FromBase64String(config[DataToProtect].Value <string>());
var protectorValue = config[ProtectorKey].Value <string>();
var old = new S3XmlRepositoryConfig(config[nameof(S3XmlRepositoryConfig.Bucket)].Value <string>());
if (config.TryGetValue(nameof(S3XmlRepositoryConfig.KeyPrefix), out JToken keyprefix))
{
old.KeyPrefix = keyprefix.Value <string>();
}
if (config.TryGetValue(nameof(S3XmlRepositoryConfig.MaxS3QueryConcurrency), out JToken concurrency))
{
old.MaxS3QueryConcurrency = concurrency.Value <int>();
}
if (config.TryGetValue(nameof(S3XmlRepositoryConfig.StorageClass), out JToken storageClass))
{
old.StorageClass = S3StorageClass.FindValue(storageClass.Value <string>());
}
if (config.TryGetValue(nameof(S3XmlRepositoryConfig.ServerSideEncryptionMethod), out JToken serverSideEncryptionMethod))
{
old.ServerSideEncryptionMethod = ServerSideEncryptionMethod.FindValue(serverSideEncryptionMethod.Value <string>());
}
if (config.TryGetValue(nameof(S3XmlRepositoryConfig.ServerSideEncryptionCustomerMethod), out JToken serverSideEncryptionCustomerMethod))
{
old.ServerSideEncryptionCustomerMethod = ServerSideEncryptionCustomerMethod.FindValue(serverSideEncryptionCustomerMethod.Value <string>());
}
if (config.TryGetValue(nameof(S3XmlRepositoryConfig.ServerSideEncryptionCustomerProvidedKey), out JToken serverSideEncryptionCustomerProvidedKey))
{
old.ServerSideEncryptionCustomerProvidedKey = serverSideEncryptionCustomerProvidedKey.Value <string>();
}
if (config.TryGetValue(nameof(S3XmlRepositoryConfig.ServerSideEncryptionCustomerProvidedKeyMd5), out JToken serverSideEncryptionCustomerProvidedKeyMd5))
{
old.ServerSideEncryptionCustomerProvidedKeyMd5 = serverSideEncryptionCustomerProvidedKeyMd5.Value <string>();
}
if (config.TryGetValue(nameof(S3XmlRepositoryConfig.ServerSideEncryptionKeyManagementServiceKeyId), out JToken serverSideEncryptionKeyManagementServiceKeyId))
{
old.ServerSideEncryptionKeyManagementServiceKeyId = serverSideEncryptionKeyManagementServiceKeyId.Value <string>();
}
if (config.TryGetValue(nameof(S3XmlRepositoryConfig.ClientSideCompression), out JToken clientSideCompression))
{
old.ClientSideCompression = clientSideCompression.Value <bool>();
}
string applicationName = null;
if (config.TryGetValue(ApplicationNameKey, out JToken appName))
{
applicationName = appName.Value <string>();
}
string kmsApplicationName = null;
if (config.TryGetValue(KmsApplicationNameKey, out JToken kmsAppName))
{
kmsApplicationName = kmsAppName.Value <string>();
}
string keyIdentifier = null;
if (config.TryGetValue(nameof(KmsXmlEncryptorConfig.KeyId), out JToken keyId))
{
keyIdentifier = keyId.Value <string>();
}
KmsXmlEncryptorConfig kmsConfig = null;
if (!string.IsNullOrEmpty(kmsApplicationName) && !string.IsNullOrEmpty(keyIdentifier))
{
kmsConfig = new KmsXmlEncryptorConfig(kmsApplicationName, keyIdentifier);
}
return(controlValue, protectData, protectorValue, applicationName, old, kmsConfig);
}
