com.amazonaws.services.s3.internal.crypto

Class S3CryptoModuleBase<T extends MultipartUploadContext>

java.lang.Object

com.amazonaws.services.s3.internal.crypto.S3CryptoModule<T>

com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase<T>

public abstract class S3CryptoModuleBase<T extends MultipartUploadContext>
extends S3CryptoModule<T>

Common implementation for different S3 cryptographic modules.

Field Summary

Fields

Modifier and Type	Field and Description
protected com.amazonaws.services.s3.internal.crypto.ContentCryptoScheme	contentCryptoScheme
protected CryptoConfiguration	cryptoConfig
protected com.amazonaws.services.s3.internal.crypto.S3CryptoScheme	cryptoScheme
protected static int	DEFAULT_BUFFER_SIZE
protected EncryptionMaterialsProvider	kekMaterialsProvider
protected org.apache.commons.logging.Log	log
protected java.util.Map<java.lang.String,T>	multipartUploadContexts Map of data about in progress encrypted multipart uploads.
protected S3Direct	s3

Constructor Summary

Constructors

Modifier	Constructor and Description
protected	S3CryptoModuleBase(S3Direct s3, AWSCredentialsProvider credentialsProvider, EncryptionMaterialsProvider kekMaterialsProvider, ClientConfiguration clientConfig, CryptoConfiguration cryptoConfig, com.amazonaws.services.s3.internal.crypto.S3CryptoScheme cryptoScheme)

Method Summary

Methods

Modifier and Type	Method and Description
void	abortMultipartUploadSecurely(AbortMultipartUploadRequest req)
protected abstract long	ciphertextLength(long plaintextLength) Returns the length of the ciphertext computed from the length of the plaintext.
protected com.amazonaws.services.s3.internal.crypto.ContentCryptoMaterial	createContentCryptoMaterial(AmazonWebServiceRequest req)
protected PutObjectRequest	createInstructionPutRequest(java.lang.String bucketName, java.lang.String key, com.amazonaws.services.s3.internal.crypto.ContentCryptoMaterial cekMaterial)
protected javax.crypto.SecretKey	generateCEK(EncryptionMaterials kekMaterials, java.security.Provider providerIn)
com.amazonaws.services.s3.internal.crypto.S3CryptoScheme	getS3CryptoScheme()
protected long	plaintextLength(PutObjectRequest request, ObjectMetadata metadata) Returns the plaintext length from the request and metadata; or -1 if unknown.
protected com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.SecuredCEK	secureCEK(javax.crypto.SecretKey toBeEncrypted, EncryptionMaterials materials, java.security.Provider cryptoProvider)
protected PutObjectRequest	upateInstructionPutRequest(PutObjectRequest request, com.amazonaws.services.s3.internal.crypto.ContentCryptoMaterial cekMaterial) Updates put request to store the specified instruction object in S3.
protected ObjectMetadata	updateMetadataWithContentCryptoMaterial(ObjectMetadata metadata, java.io.File file, com.amazonaws.services.s3.internal.crypto.ContentCryptoMaterial instruction)
protected PutObjectRequest	wrapWithCipher(PutObjectRequest request, com.amazonaws.services.s3.internal.crypto.ContentCryptoMaterial cekMaterial) Returns a request that has the content as input stream wrapped with a cipher, and configured with some meta data and user metadata.

Methods inherited from class com.amazonaws.services.s3.internal.crypto.S3CryptoModule

completeMultipartUploadSecurely, copyPartSecurely, getObjectSecurely, getObjectSecurely, initiateMultipartUploadSecurely, putObjectSecurely, uploadPartSecurely

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_BUFFER_SIZE

protected static final int DEFAULT_BUFFER_SIZE

See Also:

Constant Field Values

kekMaterialsProvider

protected final EncryptionMaterialsProvider kekMaterialsProvider

cryptoConfig

protected final CryptoConfiguration cryptoConfig

log

protected final org.apache.commons.logging.Log log

cryptoScheme

protected final com.amazonaws.services.s3.internal.crypto.S3CryptoScheme cryptoScheme

contentCryptoScheme

protected final com.amazonaws.services.s3.internal.crypto.ContentCryptoScheme contentCryptoScheme

multipartUploadContexts

protected final java.util.Map<java.lang.String,T extends MultipartUploadContext> multipartUploadContexts

Map of data about in progress encrypted multipart uploads.

s3

protected final S3Direct s3

Constructor Detail

S3CryptoModuleBase

protected S3CryptoModuleBase(S3Direct s3,
                  AWSCredentialsProvider credentialsProvider,
                  EncryptionMaterialsProvider kekMaterialsProvider,
                  ClientConfiguration clientConfig,
                  CryptoConfiguration cryptoConfig,
                  com.amazonaws.services.s3.internal.crypto.S3CryptoScheme cryptoScheme)

Method Detail

ciphertextLength

protected abstract long ciphertextLength(long plaintextLength)

Returns the length of the ciphertext computed from the length of the plaintext.

Parameters:

plaintextLength - a non-negative number

Returns:

a non-negative number

abortMultipartUploadSecurely

public final void abortMultipartUploadSecurely(AbortMultipartUploadRequest req)

Specified by:

abortMultipartUploadSecurely in class S3CryptoModule<T extends MultipartUploadContext>

updateMetadataWithContentCryptoMaterial

protected final ObjectMetadata updateMetadataWithContentCryptoMaterial(ObjectMetadata metadata,
                                                     java.io.File file,
                                                     com.amazonaws.services.s3.internal.crypto.ContentCryptoMaterial instruction)

createContentCryptoMaterial

protected final com.amazonaws.services.s3.internal.crypto.ContentCryptoMaterial createContentCryptoMaterial(AmazonWebServiceRequest req)

generateCEK

protected final javax.crypto.SecretKey generateCEK(EncryptionMaterials kekMaterials,
                                 java.security.Provider providerIn)

secureCEK

protected final com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.SecuredCEK secureCEK(javax.crypto.SecretKey toBeEncrypted,
                                                                                EncryptionMaterials materials,
                                                                                java.security.Provider cryptoProvider)

wrapWithCipher

protected final PutObjectRequest wrapWithCipher(PutObjectRequest request,
                              com.amazonaws.services.s3.internal.crypto.ContentCryptoMaterial cekMaterial)

Returns a request that has the content as input stream wrapped with a cipher, and configured with some meta data and user metadata.

plaintextLength

protected final long plaintextLength(PutObjectRequest request,
                   ObjectMetadata metadata)

Returns the plaintext length from the request and metadata; or -1 if unknown.

getS3CryptoScheme

public final com.amazonaws.services.s3.internal.crypto.S3CryptoScheme getS3CryptoScheme()

upateInstructionPutRequest

protected final PutObjectRequest upateInstructionPutRequest(PutObjectRequest request,
                                          com.amazonaws.services.s3.internal.crypto.ContentCryptoMaterial cekMaterial)

Updates put request to store the specified instruction object in S3.

Parameters:

request - The put request for the original object to be stored in S3.

cekMaterial - The instruction object to be stored in S3.

Returns:

A put request to store the specified instruction object in S3.

createInstructionPutRequest

protected final PutObjectRequest createInstructionPutRequest(java.lang.String bucketName,
                                           java.lang.String key,
                                           com.amazonaws.services.s3.internal.crypto.ContentCryptoMaterial cekMaterial)