private static long getObjectSize(Path path, ObjectMetadata metadata) throws IOException { Map<String, String> userMetadata = metadata.getUserMetadata(); String length = userMetadata.get(UNENCRYPTED_CONTENT_LENGTH); if (userMetadata.containsKey(SERVER_SIDE_ENCRYPTION) && length == null) { throw new IOException(format("%s header is not set on an encrypted object: %s", UNENCRYPTED_CONTENT_LENGTH, path)); } return (length != null) ? Long.parseLong(length) : metadata.getContentLength(); }
/** * Returns true if this S3 object has the encryption information stored * as user meta data; false otherwise. */ final boolean hasEncryptionInfo() { ObjectMetadata metadata = s3obj.getObjectMetadata(); Map<String, String> userMeta = metadata.getUserMetadata(); return userMeta != null && userMeta.containsKey(Headers.CRYPTO_IV) && (userMeta.containsKey(Headers.CRYPTO_KEY_V2) || userMeta.containsKey(Headers.CRYPTO_KEY)); }
private void populateMetadataWithEncryptionParams(ObjectMetadata source, ObjectMetadata destination) { Map<String, String> userMetadataSource = source.getUserMetadata(); Map<String, String> userMetadataDestination = destination.getUserMetadata(); String[] headersToCopy = { Headers.CRYPTO_CEK_ALGORITHM, Headers.CRYPTO_IV, Headers.CRYPTO_KEY, Headers.CRYPTO_KEY_V2, Headers.CRYPTO_KEYWRAP_ALGORITHM, Headers.CRYPTO_TAG_LENGTH, Headers.MATERIALS_DESCRIPTION, Headers.UNENCRYPTED_CONTENT_LENGTH, Headers.UNENCRYPTED_CONTENT_MD5 }; if (userMetadataSource != null) { if(userMetadataDestination == null){ userMetadataDestination= new HashMap<String,String>(); destination.setUserMetadata(userMetadataDestination); } String headerValue; for(String header : headersToCopy){ headerValue = userMetadataSource.get(header); if(headerValue != null){ userMetadataDestination.put(header, headerValue); } } } }
/** * Returns the original crypto scheme used for encryption, which may * differ from the crypto scheme used for decryption during, for example, * a range-get operation. * * @param instructionFile * the instruction file of the s3 object; or null if there is * none. */ ContentCryptoScheme encryptionSchemeOf(Map<String,String> instructionFile) { if (instructionFile != null) { String cekAlgo = instructionFile.get(Headers.CRYPTO_CEK_ALGORITHM); return ContentCryptoScheme.fromCEKAlgo(cekAlgo); } ObjectMetadata meta = s3obj.getObjectMetadata(); Map<String, String> userMeta = meta.getUserMetadata(); String cekAlgo = userMeta.get(Headers.CRYPTO_CEK_ALGORITHM); return ContentCryptoScheme.fromCEKAlgo(cekAlgo); } }
Map<String, String> userMetadata = metadata.getUserMetadata(); if (userMetadata != null) { for (Entry<String, String> entry : userMetadata.entrySet()) {
AWSKMS kms) { Map<String, String> userMeta = metadata.getUserMetadata(); String b64key = userMeta.get(Headers.CRYPTO_KEY_V2); if (b64key == null) {
attributes.put("s3.expirationTimeRuleId", metadata.getExpirationTimeRuleId()); if (metadata.getUserMetadata() != null) { attributes.putAll(metadata.getUserMetadata());
/** * Retrieves the String value of the given header from the metadata. Returns * null if the field is not found in the metadata. */ private static String getStringFromMetadata(String headerName, ObjectMetadata metadata) { Map<String, String> userMetadata = metadata.getUserMetadata(); if (userMetadata == null || !userMetadata.containsKey(headerName)) { return null; } else { return userMetadata.get(headerName); } }
/** * Returns true if this S3 object is an instruction file; false otherwise. */ final boolean isInstructionFile() { final ObjectMetadata metadata = s3obj.getObjectMetadata(); final Map<String, String> userMeta = metadata.getUserMetadata(); return userMeta != null && userMeta.containsKey(Headers.CRYPTO_INSTRUCTION_FILE); }
/** * Returns true if this S3 object has the encryption information stored as * user meta data; false otherwise. */ final boolean hasEncryptionInfo() { final ObjectMetadata metadata = s3obj.getObjectMetadata(); final Map<String, String> userMeta = metadata.getUserMetadata(); return userMeta != null && userMeta.containsKey(Headers.CRYPTO_IV) && (userMeta.containsKey(Headers.CRYPTO_KEY_V2) || userMeta.containsKey(Headers.CRYPTO_KEY)); }
/** * Returns true if the specified S3Object contains encryption info in its * metadata, false otherwise. * * @param retrievedObject An S3Object * @return True if the specified S3Object contains encryption info in its * metadata, false otherwise. */ public static boolean isEncryptionInfoInMetadata(S3Object retrievedObject) { Map<String, String> metadata = retrievedObject.getObjectMetadata().getUserMetadata(); return metadata != null && metadata.containsKey(Headers.CRYPTO_IV) && metadata.containsKey(Headers.CRYPTO_KEY); }
/** * Retrieves the byte[] value of either the crypto key or crypto IV. If * these fields are not found in the metadata, returns null. Note: The bytes * are transported in Base64-encoding, so they are decoded before they are * returned. */ private static byte[] getCryptoBytesFromMetadata(String headerName, ObjectMetadata metadata) { Map<String, String> userMetadata = metadata.getUserMetadata(); if (userMetadata == null || !userMetadata.containsKey(headerName)) { return null; } else { // Convert Base64 bytes to binary data. return Base64.decode(userMetadata.get(headerName)); } }
private void populateMetadataWithEncryptionParams(ObjectMetadata source, ObjectMetadata destination) { Map<String, String> userMetadataSource = source.getUserMetadata(); Map<String, String> userMetadataDestination = destination.getUserMetadata(); String[] headersToCopy = { Headers.CRYPTO_CEK_ALGORITHM, Headers.CRYPTO_IV, Headers.CRYPTO_KEY, Headers.CRYPTO_KEY_V2, Headers.CRYPTO_KEYWRAP_ALGORITHM, Headers.CRYPTO_TAG_LENGTH, Headers.MATERIALS_DESCRIPTION, Headers.UNENCRYPTED_CONTENT_LENGTH, Headers.UNENCRYPTED_CONTENT_MD5 }; if (userMetadataSource != null) { if (userMetadataDestination == null) { userMetadataDestination = new HashMap<String, String>(); destination.setUserMetadata(userMetadataDestination); } String headerValue; for (String header : headersToCopy) { headerValue = userMetadataSource.get(header); if (headerValue != null) { userMetadataDestination.put(header, headerValue); } } } } }
/** * Returns true if the specified S3Object is an instruction file containing * encryption info, false otherwise. * * @param instructionFile An S3Object that may potentially be an instruction * file * @return True if the specified S3Object is an instruction file containing * encryption info, false otherwise. */ public static boolean isEncryptionInfoInInstructionFile(S3Object instructionFile) { if (instructionFile == null) { return false; } Map<String, String> metadata = instructionFile.getObjectMetadata().getUserMetadata(); if (metadata == null) { return false; } return metadata.containsKey(Headers.CRYPTO_INSTRUCTION_FILE); }
/** * Returns the original crypto scheme used for encryption, which may differ * from the crypto scheme used for decryption during, for example, a * range-get operation. * * @param instructionFile the instruction file of the s3 object; or null if * there is none. */ ContentCryptoScheme encryptionSchemeOf(Map<String, String> instructionFile) { if (instructionFile != null) { final String cekAlgo = instructionFile.get(Headers.CRYPTO_CEK_ALGORITHM); return ContentCryptoScheme.fromCEKAlgo(cekAlgo); } final ObjectMetadata meta = s3obj.getObjectMetadata(); final Map<String, String> userMeta = meta.getUserMetadata(); final String cekAlgo = userMeta.get(Headers.CRYPTO_CEK_ALGORITHM); return ContentCryptoScheme.fromCEKAlgo(cekAlgo); } }
final Map<String, String> userMetadata = metadata.getUserMetadata(); if (userMetadata != null) { for (final Entry<String, String> entry : userMetadata.entrySet()) {
final ContentValues values = new ContentValues(); values.put(TransferTable.COLUMN_USER_METADATA, JsonUtils.mapToString(metadata.getUserMetadata())); values.put(TransferTable.COLUMN_HEADER_CONTENT_TYPE, metadata.getContentType()); values.put(TransferTable.COLUMN_HEADER_CONTENT_ENCODING, metadata.getContentEncoding());
@Override public SingularityS3LogMetadata call() throws Exception { Optional<Long> maybeStartTime = Optional.absent(); Optional<Long> maybeEndTime = Optional.absent(); if (!search.isExcludeMetadata()) { GetObjectMetadataRequest metadataRequest = new GetObjectMetadataRequest(s3Object.getBucketName(), s3Object.getKey()); Map<String, String> objectMetadata = s3Client.getObjectMetadata(metadataRequest).getUserMetadata(); maybeStartTime = getMetadataAsLong(objectMetadata, SingularityS3Log.LOG_START_S3_ATTR); maybeEndTime = getMetadataAsLong(objectMetadata, SingularityS3Log.LOG_END_S3_ATTR); } if (search.isListOnly()) { return new SingularityS3LogMetadata(s3Object.getKey(), s3Object.getLastModified().getTime(), s3Object.getSize(), maybeStartTime, maybeEndTime); } else { GeneratePresignedUrlRequest getUrlRequest = new GeneratePresignedUrlRequest(s3Object.getBucketName(), s3Object.getKey()) .withMethod(HttpMethod.GET) .withExpiration(expireAt); String getUrl = s3Client.generatePresignedUrl(getUrlRequest).toString(); ResponseHeaderOverrides downloadHeaders = new ResponseHeaderOverrides(); downloadHeaders.setContentDisposition(CONTENT_DISPOSITION_DOWNLOAD_HEADER); downloadHeaders.setContentEncoding(CONTENT_ENCODING_DOWNLOAD_HEADER); GeneratePresignedUrlRequest downloadUrlRequest = new GeneratePresignedUrlRequest(s3Object.getBucketName(), s3Object.getKey()) .withMethod(HttpMethod.GET) .withExpiration(expireAt) .withResponseHeaders(downloadHeaders); String downloadUrl = s3Client.generatePresignedUrl(downloadUrlRequest).toString(); return new SingularityS3Log(getUrl, s3Object.getKey(), s3Object.getLastModified().getTime(), s3Object.getSize(), downloadUrl, maybeStartTime, maybeEndTime); } }
assertEquals("SSECustomerAlgorithm", from.getSSECustomerAlgorithm()); assertEquals("sseCustKeyMd5", from.getSSECustomerKeyMd5()); assertTrue(2 == from.getUserMetadata().size()); assertEquals("versionid", from.getVersionId()); assertEquals(from.getStorageClass(), StorageClass.ReducedRedundancy.toString()); assertEquals("sseCustKeyMd5", to.getSSECustomerKeyMd5()); assertEquals(from.getUserMetadata(), to.getUserMetadata()); assertNotSame(from.getUserMetadata(), to.getUserMetadata());
@Test public void cloneEmpty() { ObjectMetadata from = new ObjectMetadata(); for (int i = 0; i < 2; i++) { assertNull(from.getCacheControl()); assertNull(from.getContentDisposition()); assertNull(from.getContentEncoding()); assertTrue(0 == from.getContentLength()); assertNull(from.getContentMD5()); assertNull(from.getContentType()); assertNull(from.getETag()); assertNull(from.getExpirationTime()); assertNull(from.getExpirationTimeRuleId()); assertNull(from.getHttpExpiresDate()); assertTrue(0 == from.getInstanceLength()); assertNull(from.getLastModified()); assertNull(from.getOngoingRestore()); assertTrue(from.getRawMetadata().size() == 0); assertNull(from.getRestoreExpirationTime()); assertNull(from.getSSEAlgorithm()); assertNull(from.getSSECustomerAlgorithm()); assertNull(from.getSSECustomerKeyMd5()); assertTrue(0 == from.getUserMetadata().size()); assertNull(from.getVersionId()); assertNull(from.getStorageClass()); // Clone an empty instance from = from.clone(); } }