forked from TrueCloudLab/restic
Update vendored library github.com/minio/minio-go
This commit is contained in:
Alexander Neumann
parent
7e6fff324c
commit
31e156c666
44 changed files with 1612 additions and 1583 deletions
43
vendor/github.com/minio/minio-go/examples/s3/putobject-getobject-sse.go
generated
vendored
43
vendor/github.com/minio/minio-go/examples/s3/putobject-getobject-sse.go
generated
vendored
|
|
@ -21,11 +21,11 @@ package main
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/md5"
|
||||
"encoding/base64"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
|
||||
"github.com/minio/minio-go/pkg/encrypt"
|
||||
|
||||
minio "github.com/minio/minio-go"
|
||||
)
|
||||
|
||||
|
|
@ -40,38 +40,19 @@ func main() {
|
|||
log.Fatalln(err)
|
||||
}
|
||||
|
||||
content := bytes.NewReader([]byte("Hello again"))
|
||||
key := []byte("32byteslongsecretkeymustprovided")
|
||||
h := md5.New()
|
||||
h.Write(key)
|
||||
encryptionKey := base64.StdEncoding.EncodeToString(key)
|
||||
encryptionKeyMD5 := base64.StdEncoding.EncodeToString(h.Sum(nil))
|
||||
bucketName := "my-bucket"
|
||||
objectName := "my-encrypted-object"
|
||||
object := []byte("Hello again")
|
||||
|
||||
// Amazon S3 does not store the encryption key you provide.
|
||||
// Instead S3 stores a randomly salted HMAC value of the
|
||||
// encryption key in order to validate future requests.
|
||||
// The salted HMAC value cannot be used to derive the value
|
||||
// of the encryption key or to decrypt the contents of the
|
||||
// encrypted object. That means, if you lose the encryption
|
||||
// key, you lose the object.
|
||||
var metadata = map[string]string{
|
||||
"x-amz-server-side-encryption-customer-algorithm": "AES256",
|
||||
"x-amz-server-side-encryption-customer-key": encryptionKey,
|
||||
"x-amz-server-side-encryption-customer-key-MD5": encryptionKeyMD5,
|
||||
}
|
||||
|
||||
// minioClient.TraceOn(os.Stderr) // Enable to debug.
|
||||
_, err = minioClient.PutObject("mybucket", "my-encrypted-object.txt", content, 11, minio.PutObjectOptions{UserMetadata: metadata})
|
||||
encryption := encrypt.DefaultPBKDF([]byte("my secret password"), []byte(bucketName+objectName))
|
||||
_, err = minioClient.PutObject(bucketName, objectName, bytes.NewReader(object), int64(len(object)), minio.PutObjectOptions{
|
||||
ServerSideEncryption: encryption,
|
||||
})
|
||||
if err != nil {
|
||||
log.Fatalln(err)
|
||||
}
|
||||
|
||||
opts := minio.GetObjectOptions{}
|
||||
for k, v := range metadata {
|
||||
opts.Set(k, v)
|
||||
}
|
||||
coreClient := minio.Core{minioClient}
|
||||
reader, _, err := coreClient.GetObject("mybucket", "my-encrypted-object.txt", opts)
|
||||
reader, err := minioClient.GetObject(bucketName, objectName, minio.GetObjectOptions{ServerSideEncryption: encryption})
|
||||
if err != nil {
|
||||
log.Fatalln(err)
|
||||
}
|
||||
|
|
@ -81,7 +62,7 @@ func main() {
|
|||
if err != nil {
|
||||
log.Fatalln(err)
|
||||
}
|
||||
if !bytes.Equal(decBytes, []byte("Hello again")) {
|
||||
log.Fatalln("Expected \"Hello, world\", got %s", string(decBytes))
|
||||
if !bytes.Equal(decBytes, object) {
|
||||
log.Fatalln("Expected %s, got %s", string(object), string(decBytes))
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue