def main():
content = BytesIO(b'Hello again')
minio = Minio(STORAGE_ENDPOINT,
access_key=AWSAccessKeyId,
secret_key=AWSSecretKey)
# Create an SSE-C object with a 32 byte customer_key
key = b'32byteslongsecretkeymustprovided'
ssec = SseCustomerKey(key)
# Put object with SSE_C object passed as a param
minio.put_object(STORAGE_BUCKET,
'test_crypt.txt',
content,
content.getbuffer().nbytes,
sse=ssec)
# Copy encrypted object on Server-Side from Source to Destination
obj = minio.copy_object(STORAGE_BUCKET,
'test_crypt_copy.txt',
STORAGE_BUCKET + '/test_crypt.txt',
source_sse=ssec,
sse=ssec)
# Get decrypted object with SSE_C object passed in as param
obj = minio.get_object(STORAGE_BUCKET, 'test_crypt_copy.txt', sse=ssec)
print(obj.read())
def main():
minio = Minio(STORAGE_ENDPOINT,
access_key=AWSAccessKeyId,
secret_key=AWSSecretKey)
content = BytesIO(b'Some Data to be stored')
key_id = 'YOUR-KMS-KEY'
context = {'Key1': 'Value1', 'Key2': 'Value2'}
# Create an SSE-KMS object with a Valid KMS key_id and context
sse_kms_obj = SSE_KMS(key_id, context)
# Put object with special headers from SSE_C object which encrypt object in S3 with provided key
minio.put_object(STORAGE_BUCKET,
'test_crypt.txt',
content,
content.getbuffer().nbytes,
sse=sse_kms_obj)
# Get decrypted object with same headers
obj = minio.get_object(STORAGE_BUCKET, 'test_crypt.txt')
print(obj.read())
def main():
content = BytesIO(b'Hello again')
key = b'32byteslongsecretkeymustprovided'
encryption_key = base64.b64encode(key).decode()
encryption_key_md5 = base64.b64encode(hashlib.md5(key).digest()).decode()
minio = Minio(STORAGE_ENDPOINT, access_key=AWSAccessKeyId, secret_key=AWSSecretKey)
# Put object with special headers which encrypt object in S3 with provided key
minio.put_object(STORAGE_BUCKET, 'test_crypt.txt', content, content.getbuffer().nbytes,
metadata={
'x-amz-server-side-encryption-customer-algorithm': 'AES256',
'x-amz-server-side-encryption-customer-key': encryption_key,
'x-amz-server-side-encryption-customer-key-MD5': encryption_key_md5
})
# Get decrypted object with same headers
obj = minio.get_object(STORAGE_BUCKET, 'test_crypt1.txt', request_headers={
'x-amz-server-side-encryption-customer-algorithm': 'AES256',
'x-amz-server-side-encryption-customer-key': encryption_key,
'x-amz-server-side-encryption-customer-key-MD5': encryption_key_md5
})
print(obj.read())
def main():
minio = Minio(STORAGE_ENDPOINT, access_key=AWSAccessKeyId, secret_key=AWSSecretKey)
content = BytesIO(b'Hello again')
#Create an SSE_S3 object
sse_s3_obj = SSE_S3()
# Put object with from SSE_S3 object which encrypt object in S3 with provided key
minio.put_object(STORAGE_BUCKET, 'test_crypt.txt', content, content.getbuffer().nbytes, sse=sse_s3_obj)
# Get decrypted object with same headers
obj = minio.get_object(STORAGE_BUCKET, 'test_crypt.txt')
print(obj.read())
def main():
minio = Minio(STORAGE_ENDPOINT, access_key=AWSAccessKeyId, secret_key=AWSSecretKey)
content = BytesIO(b'Hello again')
#Create an SSE_S3 object
sse_s3_obj = SSE_S3()
# Put object with from SSE_S3 object which encrypt object in S3 with provided key
minio.put_object(STORAGE_BUCKET, 'test_crypt.txt', content, content.getbuffer().nbytes, sse=sse_s3_obj)
# Get decrypted object with same headers
obj = minio.get_object(STORAGE_BUCKET, 'test_crypt.txt')
print(obj.read())
def main():
minio = Minio(STORAGE_ENDPOINT, access_key=AWSAccessKeyId, secret_key=AWSSecretKey)
content = BytesIO(b'Some Data to be stored')
key_id = 'YOUR-KMS-KEY'
context = {'Key1':'Value1', 'Key2':'Value2'}
# Create an SSE-KMS object with a Valid KMS key_id and context
sse_kms_obj = SSE_KMS(key_id, context)
# Put object with special headers from SSE_C object which encrypt object in S3 with provided key
minio.put_object(STORAGE_BUCKET, 'test_crypt.txt', content, content.getbuffer().nbytes, sse=sse_kms_obj)
# Get decrypted object with same headers
obj = minio.get_object(STORAGE_BUCKET, 'test_crypt.txt')
print(obj.read())
def main():
content = BytesIO(b'Hello again')
minio = Minio(STORAGE_ENDPOINT, access_key=AWSAccessKeyId, secret_key=AWSSecretKey)
# Create an SSE-C object with a 32 byte customer_key
key = b'32byteslongsecretkeymustprovided'
sse_customer_key = SSE_C(key)
# Put object with SSE_C object passed as a param
minio.put_object(STORAGE_BUCKET, 'test_crypt.txt', content, content.getbuffer().nbytes, sse=sse_customer_key)
# Create a a copy_SSE-C object to copy an object from source to destination object on the Server-Side
copy_sse_customer_key = copy_SSE_C(key)
#Copy encrypted object on Server-Side from Source to Destination
obj = minio.copy_object(STORAGE_BUCKET, 'test_crypt_copy.txt', STORAGE_BUCKET+'/test_crypt.txt',
source_sse=copy_sse_customer_key, sse=sse_customer_key)
# Get decrypted object with SSE_C object passed in as param
obj = minio.get_object(STORAGE_BUCKET, 'test_crypt_copy.txt', sse=sse_customer_key)
print(obj.read())
def main():
content = BytesIO(b'Hello again')
key = b'32byteslongsecretkeymustprovided'
encryption_key = base64.b64encode(key).decode()
encryption_key_md5 = base64.b64encode(hashlib.md5(key).digest()).decode()
minio = Minio(STORAGE_ENDPOINT,
access_key=AWSAccessKeyId,
secret_key=AWSSecretKey)
# Put object with special headers which encrypt object in S3 with provided
# key
minio.put_object(STORAGE_BUCKET,
'test_crypt.txt',
content,
content.getbuffer().nbytes,
metadata={
'x-amz-server-side-encryption-customer-algorithm':
'AES256',
'x-amz-server-side-encryption-customer-key':
encryption_key,
'x-amz-server-side-encryption-customer-key-MD5':
encryption_key_md5
})
# Get decrypted object with same headers
obj = minio.get_object(
STORAGE_BUCKET,
'test_crypt1.txt',
request_headers={
'x-amz-server-side-encryption-customer-algorithm': 'AES256',
'x-amz-server-side-encryption-customer-key': encryption_key,
'x-amz-server-side-encryption-customer-key-MD5': encryption_key_md5
})
print(obj.read())