aws-sdk-resources 2.11.0 → 2.11.631
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/lib/aws-sdk-resources/services/s3/bucket.rb +4 -0
- data/lib/aws-sdk-resources/services/s3/encryption/client.rb +24 -7
- data/lib/aws-sdk-resources/services/s3/encryption/decrypt_handler.rb +77 -26
- data/lib/aws-sdk-resources/services/s3/encryption/default_cipher_provider.rb +43 -5
- data/lib/aws-sdk-resources/services/s3/encryption/default_key_provider.rb +2 -0
- data/lib/aws-sdk-resources/services/s3/encryption/encrypt_handler.rb +13 -2
- data/lib/aws-sdk-resources/services/s3/encryption/errors.rb +2 -0
- data/lib/aws-sdk-resources/services/s3/encryption/io_auth_decrypter.rb +11 -3
- data/lib/aws-sdk-resources/services/s3/encryption/io_decrypter.rb +11 -3
- data/lib/aws-sdk-resources/services/s3/encryption/io_encrypter.rb +2 -0
- data/lib/aws-sdk-resources/services/s3/encryption/key_provider.rb +2 -0
- data/lib/aws-sdk-resources/services/s3/encryption/kms_cipher_provider.rb +36 -3
- data/lib/aws-sdk-resources/services/s3/encryption/materials.rb +8 -6
- data/lib/aws-sdk-resources/services/s3/encryption/utils.rb +25 -0
- data/lib/aws-sdk-resources/services/s3/encryption.rb +3 -0
- data/lib/aws-sdk-resources/services/s3/encryptionV2/client.rb +561 -0
- data/lib/aws-sdk-resources/services/s3/encryptionV2/decrypt_handler.rb +214 -0
- data/lib/aws-sdk-resources/services/s3/encryptionV2/default_cipher_provider.rb +170 -0
- data/lib/aws-sdk-resources/services/s3/encryptionV2/default_key_provider.rb +40 -0
- data/lib/aws-sdk-resources/services/s3/encryptionV2/encrypt_handler.rb +69 -0
- data/lib/aws-sdk-resources/services/s3/encryptionV2/errors.rb +37 -0
- data/lib/aws-sdk-resources/services/s3/encryptionV2/io_auth_decrypter.rb +58 -0
- data/lib/aws-sdk-resources/services/s3/encryptionV2/io_decrypter.rb +37 -0
- data/lib/aws-sdk-resources/services/s3/encryptionV2/io_encrypter.rb +73 -0
- data/lib/aws-sdk-resources/services/s3/encryptionV2/key_provider.rb +31 -0
- data/lib/aws-sdk-resources/services/s3/encryptionV2/kms_cipher_provider.rb +169 -0
- data/lib/aws-sdk-resources/services/s3/encryptionV2/materials.rb +60 -0
- data/lib/aws-sdk-resources/services/s3/encryptionV2/utils.rb +103 -0
- data/lib/aws-sdk-resources/services/s3/encryption_v2.rb +24 -0
- data/lib/aws-sdk-resources/services/s3/presigned_post.rb +4 -0
- data/lib/aws-sdk-resources/services/s3.rb +1 -0
- data/lib/aws-sdk-resources/services/sqs/queue_poller.rb +1 -1
- metadata +25 -8
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Aws
|
|
4
|
+
module S3
|
|
5
|
+
module EncryptionV2
|
|
6
|
+
|
|
7
|
+
# This module defines the interface required for a {Client#key_provider}.
|
|
8
|
+
# A key provider is any object that:
|
|
9
|
+
#
|
|
10
|
+
# * Responds to {#encryption_materials} with an {Materials} object.
|
|
11
|
+
#
|
|
12
|
+
# * Responds to {#key_for}, receiving a JSON document String,
|
|
13
|
+
# returning an encryption key. The returned encryption key
|
|
14
|
+
# must be one of:
|
|
15
|
+
#
|
|
16
|
+
# * `OpenSSL::PKey::RSA` - for asymmetric encryption
|
|
17
|
+
# * `String` - 32, 24, or 16 bytes long, for symmetric encryption
|
|
18
|
+
#
|
|
19
|
+
module KeyProvider
|
|
20
|
+
|
|
21
|
+
# @return [Materials]
|
|
22
|
+
def encryption_materials; end
|
|
23
|
+
|
|
24
|
+
# @param [String<JSON>] materials_description
|
|
25
|
+
# @return [OpenSSL::PKey::RSA, String] encryption_key
|
|
26
|
+
def key_for(materials_description); end
|
|
27
|
+
|
|
28
|
+
end
|
|
29
|
+
end
|
|
30
|
+
end
|
|
31
|
+
end
|
|
@@ -0,0 +1,169 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'base64'
|
|
4
|
+
|
|
5
|
+
module Aws
|
|
6
|
+
module S3
|
|
7
|
+
module EncryptionV2
|
|
8
|
+
# @api private
|
|
9
|
+
class KmsCipherProvider
|
|
10
|
+
|
|
11
|
+
def initialize(options = {})
|
|
12
|
+
@kms_key_id = validate_kms_key(options[:kms_key_id])
|
|
13
|
+
@kms_client = options[:kms_client]
|
|
14
|
+
@key_wrap_schema = validate_key_wrap(
|
|
15
|
+
options[:key_wrap_schema]
|
|
16
|
+
)
|
|
17
|
+
@content_encryption_schema = validate_cek(
|
|
18
|
+
options[:content_encryption_schema]
|
|
19
|
+
)
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
# @return [Array<Hash,Cipher>] Creates and returns a new encryption
|
|
23
|
+
# envelope and encryption cipher.
|
|
24
|
+
def encryption_cipher(options = {})
|
|
25
|
+
validate_key_for_encryption
|
|
26
|
+
encryption_context = build_encryption_context(@content_encryption_schema, options)
|
|
27
|
+
key_data = @kms_client.generate_data_key(
|
|
28
|
+
key_id: @kms_key_id,
|
|
29
|
+
encryption_context: encryption_context,
|
|
30
|
+
key_spec: 'AES_256'
|
|
31
|
+
)
|
|
32
|
+
cipher = Utils.aes_encryption_cipher(:GCM)
|
|
33
|
+
cipher.key = key_data.plaintext
|
|
34
|
+
envelope = {
|
|
35
|
+
'x-amz-key-v2' => encode64(key_data.ciphertext_blob),
|
|
36
|
+
'x-amz-iv' => encode64(cipher.iv = cipher.random_iv),
|
|
37
|
+
'x-amz-cek-alg' => @content_encryption_schema,
|
|
38
|
+
'x-amz-tag-len' => (AES_GCM_TAG_LEN_BYTES * 8).to_s,
|
|
39
|
+
'x-amz-wrap-alg' => @key_wrap_schema,
|
|
40
|
+
'x-amz-matdesc' => Json.dump(encryption_context)
|
|
41
|
+
}
|
|
42
|
+
cipher.auth_data = '' # auth_data must be set after key and iv
|
|
43
|
+
[envelope, cipher]
|
|
44
|
+
end
|
|
45
|
+
|
|
46
|
+
# @return [Cipher] Given an encryption envelope, returns a
|
|
47
|
+
# decryption cipher.
|
|
48
|
+
def decryption_cipher(envelope, options = {})
|
|
49
|
+
encryption_context = Json.load(envelope['x-amz-matdesc'])
|
|
50
|
+
cek_alg = envelope['x-amz-cek-alg']
|
|
51
|
+
|
|
52
|
+
case envelope['x-amz-wrap-alg']
|
|
53
|
+
when 'kms'
|
|
54
|
+
unless options[:security_profile] == :v2_and_legacy
|
|
55
|
+
raise Errors::LegacyDecryptionError
|
|
56
|
+
end
|
|
57
|
+
when 'kms+context'
|
|
58
|
+
if cek_alg != encryption_context['aws:x-amz-cek-alg']
|
|
59
|
+
raise Errors::CEKAlgMismatchError
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
if encryption_context != build_encryption_context(cek_alg, options)
|
|
63
|
+
raise Errors::DecryptionError, 'Value of encryption context from'\
|
|
64
|
+
' envelope does not match the provided encryption context'
|
|
65
|
+
end
|
|
66
|
+
when 'AES/GCM'
|
|
67
|
+
raise ArgumentError, 'Key mismatch - Client is configured' \
|
|
68
|
+
' with a KMS key and the x-amz-wrap-alg is AES/GCM.'
|
|
69
|
+
when 'RSA-OAEP-SHA1'
|
|
70
|
+
raise ArgumentError, 'Key mismatch - Client is configured' \
|
|
71
|
+
' with a KMS key and the x-amz-wrap-alg is RSA-OAEP-SHA1.'
|
|
72
|
+
else
|
|
73
|
+
raise ArgumentError, 'Unsupported wrap-alg: ' \
|
|
74
|
+
"#{envelope['x-amz-wrap-alg']}"
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
any_cmk_mode = false || options[:kms_allow_decrypt_with_any_cmk]
|
|
78
|
+
decrypt_options = {
|
|
79
|
+
ciphertext_blob: decode64(envelope['x-amz-key-v2']),
|
|
80
|
+
encryption_context: encryption_context
|
|
81
|
+
}
|
|
82
|
+
unless any_cmk_mode
|
|
83
|
+
decrypt_options[:key_id] = @kms_key_id
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
key = @kms_client.decrypt(decrypt_options).plaintext
|
|
87
|
+
iv = decode64(envelope['x-amz-iv'])
|
|
88
|
+
block_mode =
|
|
89
|
+
case cek_alg
|
|
90
|
+
when 'AES/CBC/PKCS5Padding'
|
|
91
|
+
:CBC
|
|
92
|
+
when 'AES/CBC/PKCS7Padding'
|
|
93
|
+
:CBC
|
|
94
|
+
when 'AES/GCM/NoPadding'
|
|
95
|
+
:GCM
|
|
96
|
+
else
|
|
97
|
+
type = envelope['x-amz-cek-alg'].inspect
|
|
98
|
+
msg = "unsupported content encrypting key (cek) format: #{type}"
|
|
99
|
+
raise Errors::DecryptionError, msg
|
|
100
|
+
end
|
|
101
|
+
Utils.aes_decryption_cipher(block_mode, key, iv)
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
private
|
|
105
|
+
|
|
106
|
+
def validate_key_wrap(key_wrap_schema)
|
|
107
|
+
case key_wrap_schema
|
|
108
|
+
when :kms_context then 'kms+context'
|
|
109
|
+
else
|
|
110
|
+
raise ArgumentError, "Unsupported key_wrap_schema: #{key_wrap_schema}"
|
|
111
|
+
end
|
|
112
|
+
end
|
|
113
|
+
|
|
114
|
+
def validate_cek(content_encryption_schema)
|
|
115
|
+
case content_encryption_schema
|
|
116
|
+
when :aes_gcm_no_padding
|
|
117
|
+
"AES/GCM/NoPadding"
|
|
118
|
+
else
|
|
119
|
+
raise ArgumentError, "Unsupported content_encryption_schema: #{content_encryption_schema}"
|
|
120
|
+
end
|
|
121
|
+
end
|
|
122
|
+
|
|
123
|
+
def validate_kms_key(kms_key_id)
|
|
124
|
+
if kms_key_id.nil? || kms_key_id.length.zero?
|
|
125
|
+
raise ArgumentError, 'KMS CMK ID was not specified. ' \
|
|
126
|
+
'Please specify a CMK ID, ' \
|
|
127
|
+
'or set kms_key_id: :kms_allow_decrypt_with_any_cmk to use ' \
|
|
128
|
+
'any valid CMK from the object.'
|
|
129
|
+
end
|
|
130
|
+
|
|
131
|
+
if kms_key_id.is_a?(Symbol) && kms_key_id != :kms_allow_decrypt_with_any_cmk
|
|
132
|
+
raise ArgumentError, 'kms_key_id must be a valid KMS CMK or be ' \
|
|
133
|
+
'set to :kms_allow_decrypt_with_any_cmk'
|
|
134
|
+
end
|
|
135
|
+
kms_key_id
|
|
136
|
+
end
|
|
137
|
+
|
|
138
|
+
def build_encryption_context(cek_alg, options = {})
|
|
139
|
+
kms_context = (options[:kms_encryption_context] || {})
|
|
140
|
+
.each_with_object({}) { |(k, v), h| h[k.to_s] = v }
|
|
141
|
+
if kms_context.include? 'aws:x-amz-cek-alg'
|
|
142
|
+
raise ArgumentError, 'Conflict in reserved KMS Encryption Context ' \
|
|
143
|
+
'key aws:x-amz-cek-alg. This value is reserved for the S3 ' \
|
|
144
|
+
'Encryption Client and cannot be set by the user.'
|
|
145
|
+
end
|
|
146
|
+
{
|
|
147
|
+
'aws:x-amz-cek-alg' => cek_alg
|
|
148
|
+
}.merge(kms_context)
|
|
149
|
+
end
|
|
150
|
+
|
|
151
|
+
def encode64(str)
|
|
152
|
+
Base64.encode64(str).split("\n") * ""
|
|
153
|
+
end
|
|
154
|
+
|
|
155
|
+
def decode64(str)
|
|
156
|
+
Base64.decode64(str)
|
|
157
|
+
end
|
|
158
|
+
|
|
159
|
+
def validate_key_for_encryption
|
|
160
|
+
if @kms_key_id == :kms_allow_decrypt_with_any_cmk
|
|
161
|
+
raise ArgumentError, 'Unable to encrypt/write objects with '\
|
|
162
|
+
'kms_key_id = :kms_allow_decrypt_with_any_cmk. Provide ' \
|
|
163
|
+
'a valid kms_key_id on client construction.'
|
|
164
|
+
end
|
|
165
|
+
end
|
|
166
|
+
end
|
|
167
|
+
end
|
|
168
|
+
end
|
|
169
|
+
end
|
|
@@ -0,0 +1,60 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'base64'
|
|
4
|
+
|
|
5
|
+
module Aws
|
|
6
|
+
module S3
|
|
7
|
+
module EncryptionV2
|
|
8
|
+
class Materials
|
|
9
|
+
|
|
10
|
+
# @option options [required, OpenSSL::PKey::RSA, String] :key
|
|
11
|
+
# The master key to use for encrypting/decrypting all objects.
|
|
12
|
+
#
|
|
13
|
+
# @option options [String<JSON>] :description ('{}')
|
|
14
|
+
# The encryption materials description. This is must be
|
|
15
|
+
# a JSON document string.
|
|
16
|
+
#
|
|
17
|
+
def initialize(options = {})
|
|
18
|
+
@key = validate_key(options[:key])
|
|
19
|
+
@description = validate_desc(options[:description])
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
# @return [OpenSSL::PKey::RSA, String]
|
|
23
|
+
attr_reader :key
|
|
24
|
+
|
|
25
|
+
# @return [String<JSON>]
|
|
26
|
+
attr_reader :description
|
|
27
|
+
|
|
28
|
+
private
|
|
29
|
+
|
|
30
|
+
def validate_key(key)
|
|
31
|
+
case key
|
|
32
|
+
when OpenSSL::PKey::RSA then key
|
|
33
|
+
when String
|
|
34
|
+
if [32, 24, 16].include?(key.bytesize)
|
|
35
|
+
key
|
|
36
|
+
else
|
|
37
|
+
msg = 'invalid key, symmetric key required to be 16, 24, or '\
|
|
38
|
+
'32 bytes in length, saw length ' + key.bytesize.to_s
|
|
39
|
+
raise ArgumentError, msg
|
|
40
|
+
end
|
|
41
|
+
else
|
|
42
|
+
msg = 'invalid encryption key, expected an OpenSSL::PKey::RSA key '\
|
|
43
|
+
'(for asymmetric encryption) or a String (for symmetric '\
|
|
44
|
+
'encryption).'
|
|
45
|
+
raise ArgumentError, msg
|
|
46
|
+
end
|
|
47
|
+
end
|
|
48
|
+
|
|
49
|
+
def validate_desc(description)
|
|
50
|
+
Json.load(description)
|
|
51
|
+
description
|
|
52
|
+
rescue Json::ParseError, EncodingError
|
|
53
|
+
msg = 'expected description to be a valid JSON document string'
|
|
54
|
+
raise ArgumentError, msg
|
|
55
|
+
end
|
|
56
|
+
|
|
57
|
+
end
|
|
58
|
+
end
|
|
59
|
+
end
|
|
60
|
+
end
|
|
@@ -0,0 +1,103 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
require 'openssl'
|
|
4
|
+
|
|
5
|
+
module Aws
|
|
6
|
+
module S3
|
|
7
|
+
module EncryptionV2
|
|
8
|
+
# @api private
|
|
9
|
+
module Utils
|
|
10
|
+
|
|
11
|
+
class << self
|
|
12
|
+
|
|
13
|
+
def encrypt_aes_gcm(key, data, auth_data)
|
|
14
|
+
cipher = aes_encryption_cipher(:GCM, key)
|
|
15
|
+
cipher.iv = (iv = cipher.random_iv)
|
|
16
|
+
cipher.auth_data = auth_data
|
|
17
|
+
|
|
18
|
+
iv + cipher.update(data) + cipher.final + cipher.auth_tag
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def encrypt_rsa(key, data, auth_data)
|
|
22
|
+
# Plaintext must be KeyLengthInBytes (1 Byte) + DataKey + AuthData
|
|
23
|
+
buf = [data.bytesize] + data.unpack('C*') + auth_data.unpack('C*')
|
|
24
|
+
key.public_encrypt(buf.pack('C*'), OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING)
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def decrypt(key, data)
|
|
28
|
+
begin
|
|
29
|
+
case key
|
|
30
|
+
when OpenSSL::PKey::RSA # asymmetric decryption
|
|
31
|
+
key.private_decrypt(data)
|
|
32
|
+
when String # symmetric Decryption
|
|
33
|
+
cipher = aes_cipher(:decrypt, :ECB, key, nil)
|
|
34
|
+
cipher.update(data) + cipher.final
|
|
35
|
+
end
|
|
36
|
+
rescue OpenSSL::Cipher::CipherError
|
|
37
|
+
msg = 'decryption failed, possible incorrect key'
|
|
38
|
+
raise Errors::DecryptionError, msg
|
|
39
|
+
end
|
|
40
|
+
end
|
|
41
|
+
|
|
42
|
+
def decrypt_aes_gcm(key, data, auth_data)
|
|
43
|
+
# data is iv (12B) + key + tag (16B)
|
|
44
|
+
buf = data.unpack('C*')
|
|
45
|
+
iv = buf[0,12].pack('C*') # iv will always be 12 bytes
|
|
46
|
+
tag = buf[-16, 16].pack('C*') # tag is 16 bytes
|
|
47
|
+
enc_key = buf[12, buf.size - (12+16)].pack('C*')
|
|
48
|
+
cipher = aes_cipher(:decrypt, :GCM, key, iv)
|
|
49
|
+
cipher.auth_tag = tag
|
|
50
|
+
cipher.auth_data = auth_data
|
|
51
|
+
cipher.update(enc_key) + cipher.final
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
# returns the decrypted data + auth_data
|
|
55
|
+
def decrypt_rsa(key, enc_data)
|
|
56
|
+
# Plaintext must be KeyLengthInBytes (1 Byte) + DataKey + AuthData
|
|
57
|
+
buf = key.private_decrypt(enc_data, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING).unpack('C*')
|
|
58
|
+
key_length = buf[0]
|
|
59
|
+
data = buf[1, key_length].pack('C*')
|
|
60
|
+
auth_data = buf[key_length+1, buf.length - key_length].pack('C*')
|
|
61
|
+
[data, auth_data]
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
# @param [String] block_mode "CBC" or "ECB"
|
|
65
|
+
# @param [OpenSSL::PKey::RSA, String, nil] key
|
|
66
|
+
# @param [String, nil] iv The initialization vector
|
|
67
|
+
def aes_encryption_cipher(block_mode, key = nil, iv = nil)
|
|
68
|
+
aes_cipher(:encrypt, block_mode, key, iv)
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
# @param [String] block_mode "CBC" or "ECB"
|
|
72
|
+
# @param [OpenSSL::PKey::RSA, String, nil] key
|
|
73
|
+
# @param [String, nil] iv The initialization vector
|
|
74
|
+
def aes_decryption_cipher(block_mode, key = nil, iv = nil)
|
|
75
|
+
aes_cipher(:decrypt, block_mode, key, iv)
|
|
76
|
+
end
|
|
77
|
+
|
|
78
|
+
# @param [String] mode "encrypt" or "decrypt"
|
|
79
|
+
# @param [String] block_mode "CBC" or "ECB"
|
|
80
|
+
# @param [OpenSSL::PKey::RSA, String, nil] key
|
|
81
|
+
# @param [String, nil] iv The initialization vector
|
|
82
|
+
def aes_cipher(mode, block_mode, key, iv)
|
|
83
|
+
cipher = key ?
|
|
84
|
+
OpenSSL::Cipher.new("aes-#{cipher_size(key)}-#{block_mode.downcase}") :
|
|
85
|
+
OpenSSL::Cipher.new("aes-256-#{block_mode.downcase}")
|
|
86
|
+
cipher.send(mode) # encrypt or decrypt
|
|
87
|
+
cipher.key = key if key
|
|
88
|
+
cipher.iv = iv if iv
|
|
89
|
+
cipher
|
|
90
|
+
end
|
|
91
|
+
|
|
92
|
+
# @param [String] key
|
|
93
|
+
# @return [Integer]
|
|
94
|
+
# @raise ArgumentError
|
|
95
|
+
def cipher_size(key)
|
|
96
|
+
key.bytesize * 8
|
|
97
|
+
end
|
|
98
|
+
|
|
99
|
+
end
|
|
100
|
+
end
|
|
101
|
+
end
|
|
102
|
+
end
|
|
103
|
+
end
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
module Aws
|
|
2
|
+
module S3
|
|
3
|
+
module EncryptionV2
|
|
4
|
+
|
|
5
|
+
AES_GCM_TAG_LEN_BYTES = 16
|
|
6
|
+
EC_USER_AGENT = 'S3CryptoV2'
|
|
7
|
+
|
|
8
|
+
autoload :Client, 'aws-sdk-resources/services/s3/encryptionV2/client'
|
|
9
|
+
autoload :DecryptHandler, 'aws-sdk-resources/services/s3/encryptionV2/decrypt_handler'
|
|
10
|
+
autoload :DefaultCipherProvider, 'aws-sdk-resources/services/s3/encryptionV2/default_cipher_provider'
|
|
11
|
+
autoload :DefaultKeyProvider, 'aws-sdk-resources/services/s3/encryptionV2/default_key_provider'
|
|
12
|
+
autoload :EncryptHandler, 'aws-sdk-resources/services/s3/encryptionV2/encrypt_handler'
|
|
13
|
+
autoload :Errors, 'aws-sdk-resources/services/s3/encryptionV2/errors'
|
|
14
|
+
autoload :IOEncrypter, 'aws-sdk-resources/services/s3/encryptionV2/io_encrypter'
|
|
15
|
+
autoload :IOAuthDecrypter, 'aws-sdk-resources/services/s3/encryptionV2/io_auth_decrypter'
|
|
16
|
+
autoload :IODecrypter, 'aws-sdk-resources/services/s3/encryptionV2/io_decrypter'
|
|
17
|
+
autoload :KeyProvider, 'aws-sdk-resources/services/s3/encryptionV2/key_provider'
|
|
18
|
+
autoload :KmsCipherProvider, 'aws-sdk-resources/services/s3/encryptionV2/kms_cipher_provider'
|
|
19
|
+
autoload :Materials, 'aws-sdk-resources/services/s3/encryptionV2/materials'
|
|
20
|
+
autoload :Utils, 'aws-sdk-resources/services/s3/encryptionV2/utils'
|
|
21
|
+
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
@@ -7,6 +7,7 @@ module Aws
|
|
|
7
7
|
require 'aws-sdk-resources/services/s3/multipart_upload'
|
|
8
8
|
|
|
9
9
|
autoload :Encryption, 'aws-sdk-resources/services/s3/encryption'
|
|
10
|
+
autoload :EncryptionV2, 'aws-sdk-resources/services/s3/encryption_v2'
|
|
10
11
|
autoload :FilePart, 'aws-sdk-resources/services/s3/file_part'
|
|
11
12
|
autoload :FileUploader, 'aws-sdk-resources/services/s3/file_uploader'
|
|
12
13
|
autoload :FileDownloader, 'aws-sdk-resources/services/s3/file_downloader'
|
|
@@ -253,7 +253,7 @@ module Aws
|
|
|
253
253
|
#
|
|
254
254
|
# @return [void]
|
|
255
255
|
def before_request(&block)
|
|
256
|
-
@default_config = @default_config.with(before_request:
|
|
256
|
+
@default_config = @default_config.with(before_request: block) if block_given?
|
|
257
257
|
end
|
|
258
258
|
|
|
259
259
|
# Polls the queue, yielded a message, or an array of messages.
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-resources
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.11.
|
|
4
|
+
version: 2.11.631
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2020-11-19 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|
|
@@ -16,16 +16,18 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 2.11.
|
|
19
|
+
version: 2.11.631
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 2.11.
|
|
27
|
-
description:
|
|
28
|
-
|
|
26
|
+
version: 2.11.631
|
|
27
|
+
description: AWS SDK For Ruby V2 has been marked as deprecated. Please upgrade to
|
|
28
|
+
AWS SDK For Ruby V3.Provides resource oriented interfaces and other higher-level
|
|
29
|
+
abstractions for many AWS services. This gem is part of the official AWS SDK for
|
|
30
|
+
Ruby.
|
|
29
31
|
email:
|
|
30
32
|
- trevrowe@amazon.com
|
|
31
33
|
executables: []
|
|
@@ -72,6 +74,20 @@ files:
|
|
|
72
74
|
- lib/aws-sdk-resources/services/s3/encryption/kms_cipher_provider.rb
|
|
73
75
|
- lib/aws-sdk-resources/services/s3/encryption/materials.rb
|
|
74
76
|
- lib/aws-sdk-resources/services/s3/encryption/utils.rb
|
|
77
|
+
- lib/aws-sdk-resources/services/s3/encryptionV2/client.rb
|
|
78
|
+
- lib/aws-sdk-resources/services/s3/encryptionV2/decrypt_handler.rb
|
|
79
|
+
- lib/aws-sdk-resources/services/s3/encryptionV2/default_cipher_provider.rb
|
|
80
|
+
- lib/aws-sdk-resources/services/s3/encryptionV2/default_key_provider.rb
|
|
81
|
+
- lib/aws-sdk-resources/services/s3/encryptionV2/encrypt_handler.rb
|
|
82
|
+
- lib/aws-sdk-resources/services/s3/encryptionV2/errors.rb
|
|
83
|
+
- lib/aws-sdk-resources/services/s3/encryptionV2/io_auth_decrypter.rb
|
|
84
|
+
- lib/aws-sdk-resources/services/s3/encryptionV2/io_decrypter.rb
|
|
85
|
+
- lib/aws-sdk-resources/services/s3/encryptionV2/io_encrypter.rb
|
|
86
|
+
- lib/aws-sdk-resources/services/s3/encryptionV2/key_provider.rb
|
|
87
|
+
- lib/aws-sdk-resources/services/s3/encryptionV2/kms_cipher_provider.rb
|
|
88
|
+
- lib/aws-sdk-resources/services/s3/encryptionV2/materials.rb
|
|
89
|
+
- lib/aws-sdk-resources/services/s3/encryptionV2/utils.rb
|
|
90
|
+
- lib/aws-sdk-resources/services/s3/encryption_v2.rb
|
|
75
91
|
- lib/aws-sdk-resources/services/s3/file_downloader.rb
|
|
76
92
|
- lib/aws-sdk-resources/services/s3/file_part.rb
|
|
77
93
|
- lib/aws-sdk-resources/services/s3/file_uploader.rb
|
|
@@ -92,7 +108,8 @@ homepage: http://github.com/aws/aws-sdk-ruby
|
|
|
92
108
|
licenses:
|
|
93
109
|
- Apache 2.0
|
|
94
110
|
metadata: {}
|
|
95
|
-
post_install_message:
|
|
111
|
+
post_install_message: AWS SDK For Ruby V2 has been marked as deprecated. Please upgrade
|
|
112
|
+
to AWS SDK For Ruby V3.
|
|
96
113
|
rdoc_options: []
|
|
97
114
|
require_paths:
|
|
98
115
|
- lib
|
|
@@ -108,7 +125,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
108
125
|
version: '0'
|
|
109
126
|
requirements: []
|
|
110
127
|
rubyforge_project:
|
|
111
|
-
rubygems_version: 2.
|
|
128
|
+
rubygems_version: 2.7.6.2
|
|
112
129
|
signing_key:
|
|
113
130
|
specification_version: 4
|
|
114
131
|
summary: AWS SDK for Ruby - Resources
|