• Home
• com.ionoscloud.s3
• ionos-cloud-sdk-s3
• 0.0.1-DEV
• source code
• ServerSideEncryptionCustomerKey.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.ionoscloud.s3.ServerSideEncryptionCustomerKey Maven / Gradle / Ivy

package com.ionoscloud.s3;

import com.google.common.io.BaseEncoding;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import javax.crypto.SecretKey;
import javax.security.auth.DestroyFailedException;

/** Customer-key type of Server-side encryption. */
public class ServerSideEncryptionCustomerKey extends ServerSideEncryption {
  private boolean isDestroyed = false;
  private final SecretKey secretKey;
  private final Map headers;
  private final Map copySourceHeaders;

  public ServerSideEncryptionCustomerKey(SecretKey key)
      throws InvalidKeyException, NoSuchAlgorithmException {
    if (key == null || !key.getAlgorithm().equals("AES") || key.getEncoded().length != 32) {
      throw new IllegalArgumentException("Secret key must be 256 bit AES key");
    }

    if (key.isDestroyed()) {
      throw new IllegalArgumentException("Secret key already destroyed");
    }

    this.secretKey = key;

    byte[] keyBytes = key.getEncoded();
    MessageDigest md5 = MessageDigest.getInstance("MD5");
    md5.update(keyBytes);
    String customerKey = BaseEncoding.base64().encode(keyBytes);
    String customerKeyMd5 = BaseEncoding.base64().encode(md5.digest());

    Map map = new HashMap<>();
    map.put("X-Amz-Server-Side-Encryption-Customer-Algorithm", "AES256");
    map.put("X-Amz-Server-Side-Encryption-Customer-Key", customerKey);
    map.put("X-Amz-Server-Side-Encryption-Customer-Key-Md5", customerKeyMd5);
    this.headers = Collections.unmodifiableMap(map);

    map = new HashMap<>();
    map.put("X-Amz-Copy-Source-Server-Side-Encryption-Customer-Algorithm", "AES256");
    map.put("X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key", customerKey);
    map.put("X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key-Md5", customerKeyMd5);
    this.copySourceHeaders = Collections.unmodifiableMap(map);
  }

  @Override
  public final Map headers() {
    if (isDestroyed) {
      throw new IllegalStateException("Secret key was destroyed");
    }

    return headers;
  }

  @Override
  public final Map copySourceHeaders() {
    if (isDestroyed) {
      throw new IllegalStateException("Secret key was destroyed");
    }

    return copySourceHeaders;
  }

  public final void destroy() throws DestroyFailedException {
    secretKey.destroy();
    isDestroyed = true;
  }

  @Override
  public String toString() {
    return "SSE-C";
  }
}