aws-sdk-s3 1.75.0 → 1.79.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aws-sdk-s3.rb +2 -2
- data/lib/aws-sdk-s3/bucket.rb +2 -2
- data/lib/aws-sdk-s3/client.rb +145 -119
- data/lib/aws-sdk-s3/encryption.rb +2 -0
- data/lib/aws-sdk-s3/encryption/client.rb +11 -0
- data/lib/aws-sdk-s3/encryption/decrypt_handler.rb +64 -29
- data/lib/aws-sdk-s3/encryption/default_cipher_provider.rb +41 -5
- data/lib/aws-sdk-s3/encryption/encrypt_handler.rb +5 -5
- data/lib/aws-sdk-s3/encryption/io_decrypter.rb +7 -6
- data/lib/aws-sdk-s3/encryption/kms_cipher_provider.rb +32 -3
- data/lib/aws-sdk-s3/encryption/utils.rb +23 -0
- data/lib/aws-sdk-s3/encryptionV2/client.rb +201 -23
- data/lib/aws-sdk-s3/encryptionV2/decrypt_handler.rb +40 -12
- data/lib/aws-sdk-s3/encryptionV2/default_cipher_provider.rb +77 -10
- data/lib/aws-sdk-s3/encryptionV2/default_key_provider.rb +2 -0
- data/lib/aws-sdk-s3/encryptionV2/encrypt_handler.rb +7 -4
- data/lib/aws-sdk-s3/encryptionV2/errors.rb +24 -0
- data/lib/aws-sdk-s3/encryptionV2/io_auth_decrypter.rb +2 -0
- data/lib/aws-sdk-s3/encryptionV2/io_decrypter.rb +2 -0
- data/lib/aws-sdk-s3/encryptionV2/io_encrypter.rb +2 -0
- data/lib/aws-sdk-s3/encryptionV2/key_provider.rb +2 -0
- data/lib/aws-sdk-s3/encryptionV2/kms_cipher_provider.rb +90 -20
- data/lib/aws-sdk-s3/encryptionV2/materials.rb +2 -0
- data/lib/aws-sdk-s3/encryptionV2/utils.rb +2 -15
- data/lib/aws-sdk-s3/encryption_v2.rb +4 -1
- data/lib/aws-sdk-s3/multipart_upload_part.rb +1 -1
- data/lib/aws-sdk-s3/object.rb +1 -1
- data/lib/aws-sdk-s3/object_summary.rb +19 -3
- data/lib/aws-sdk-s3/presigned_post.rb +1 -0
- data/lib/aws-sdk-s3/presigner.rb +2 -2
- data/lib/aws-sdk-s3/resource.rb +1 -1
- data/lib/aws-sdk-s3/types.rb +25 -8
- metadata +4 -4
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
require 'openssl'
|
2
4
|
|
3
5
|
module Aws
|
@@ -6,24 +8,9 @@ module Aws
|
|
6
8
|
# @api private
|
7
9
|
module Utils
|
8
10
|
|
9
|
-
UNSAFE_MSG = "unsafe encryption, data is longer than key length"
|
10
|
-
|
11
11
|
class << self
|
12
12
|
|
13
|
-
def encrypt(key, data)
|
14
|
-
case key
|
15
|
-
when OpenSSL::PKey::RSA # asymmetric encryption
|
16
|
-
warn(UNSAFE_MSG) if key.public_key.n.num_bits < cipher_size(data)
|
17
|
-
key.public_encrypt(data)
|
18
|
-
when String # symmetric encryption
|
19
|
-
warn(UNSAFE_MSG) if cipher_size(key) < cipher_size(data)
|
20
|
-
cipher = aes_encryption_cipher(:ECB, key)
|
21
|
-
cipher.update(data) + cipher.final
|
22
|
-
end
|
23
|
-
end
|
24
|
-
|
25
13
|
def encrypt_aes_gcm(key, data, auth_data)
|
26
|
-
warn(UNSAFE_MSG) if cipher_size(key) < cipher_size(data)
|
27
14
|
cipher = aes_encryption_cipher(:GCM, key)
|
28
15
|
cipher.iv = (iv = cipher.random_iv)
|
29
16
|
cipher.auth_data = auth_data
|
@@ -302,7 +302,7 @@ module Aws::S3
|
|
302
302
|
# request_payer: "requester", # accepts requester
|
303
303
|
# })
|
304
304
|
# @param [Hash] options ({})
|
305
|
-
# @option options [String,
|
305
|
+
# @option options [String, StringIO, File] :body
|
306
306
|
# Object data.
|
307
307
|
# @option options [Integer] :content_length
|
308
308
|
# Size of the body in bytes. This parameter is useful when the size of
|
data/lib/aws-sdk-s3/object.rb
CHANGED
@@ -983,7 +983,7 @@ module Aws::S3
|
|
983
983
|
#
|
984
984
|
#
|
985
985
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
|
986
|
-
# @option options [String,
|
986
|
+
# @option options [String, StringIO, File] :body
|
987
987
|
# Object data.
|
988
988
|
# @option options [String] :cache_control
|
989
989
|
# Can be used to specify caching behavior along the request/reply chain.
|
@@ -48,8 +48,24 @@ module Aws::S3
|
|
48
48
|
data[:last_modified]
|
49
49
|
end
|
50
50
|
|
51
|
-
# The entity tag is
|
52
|
-
#
|
51
|
+
# The entity tag is a hash of the object. The ETag reflects changes only
|
52
|
+
# to the contents of an object, not its metadata. The ETag may or may
|
53
|
+
# not be an MD5 digest of the object data. Whether or not it is depends
|
54
|
+
# on how the object was created and how it is encrypted as described
|
55
|
+
# below:
|
56
|
+
#
|
57
|
+
# * Objects created by the PUT Object, POST Object, or Copy operation,
|
58
|
+
# or through the AWS Management Console, and are encrypted by SSE-S3
|
59
|
+
# or plaintext, have ETags that are an MD5 digest of their object
|
60
|
+
# data.
|
61
|
+
#
|
62
|
+
# * Objects created by the PUT Object, POST Object, or Copy operation,
|
63
|
+
# or through the AWS Management Console, and are encrypted by SSE-C or
|
64
|
+
# SSE-KMS, have ETags that are not an MD5 digest of their object data.
|
65
|
+
#
|
66
|
+
# * If an object is created by either the Multipart Upload or Part Copy
|
67
|
+
# operation, the ETag is not an MD5 digest, regardless of the method
|
68
|
+
# of encryption.
|
53
69
|
# @return [String]
|
54
70
|
def etag
|
55
71
|
data[:etag]
|
@@ -733,7 +749,7 @@ module Aws::S3
|
|
733
749
|
#
|
734
750
|
#
|
735
751
|
# [1]: https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL
|
736
|
-
# @option options [String,
|
752
|
+
# @option options [String, StringIO, File] :body
|
737
753
|
# Object data.
|
738
754
|
# @option options [String] :cache_control
|
739
755
|
# Can be used to specify caching behavior along the request/reply chain.
|
@@ -237,6 +237,7 @@ module Aws
|
|
237
237
|
@bucket_region = bucket_region
|
238
238
|
@bucket_name = bucket_name
|
239
239
|
@accelerate = !!options.delete(:use_accelerate_endpoint)
|
240
|
+
options.delete(:url) if @accelerate # resource methods pass url
|
240
241
|
@url = options.delete(:url) || bucket_url
|
241
242
|
@fields = {}
|
242
243
|
@key_set = false
|
data/lib/aws-sdk-s3/presigner.rb
CHANGED
@@ -41,7 +41,7 @@ module Aws
|
|
41
41
|
# signer = Aws::S3::Presigner.new
|
42
42
|
# url = signer.presigned_url(:get_object, bucket: "bucket", key: "key")
|
43
43
|
#
|
44
|
-
# @param [Symbol]
|
44
|
+
# @param [Symbol] method Symbolized method name of the operation you want
|
45
45
|
# to presign.
|
46
46
|
#
|
47
47
|
# @option params [Integer] :expires_in (900) The number of seconds
|
@@ -89,7 +89,7 @@ module Aws
|
|
89
89
|
# :get_object, bucket: "bucket", key: "key"
|
90
90
|
# )
|
91
91
|
#
|
92
|
-
# @param [Symbol]
|
92
|
+
# @param [Symbol] method Symbolized method name of the operation you want
|
93
93
|
# to presign.
|
94
94
|
#
|
95
95
|
# @option params [Integer] :expires_in (900) The number of seconds
|
data/lib/aws-sdk-s3/resource.rb
CHANGED
@@ -41,7 +41,7 @@ module Aws::S3
|
|
41
41
|
# acl: "private", # accepts private, public-read, public-read-write, authenticated-read
|
42
42
|
# bucket: "BucketName", # required
|
43
43
|
# create_bucket_configuration: {
|
44
|
-
# location_constraint: "
|
44
|
+
# location_constraint: "af-south-1", # accepts af-south-1, ap-east-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, cn-north-1, cn-northwest-1, EU, eu-central-1, eu-north-1, eu-south-1, eu-west-1, eu-west-2, eu-west-3, me-south-1, sa-east-1, us-east-2, us-gov-east-1, us-gov-west-1, us-west-1, us-west-2
|
45
45
|
# },
|
46
46
|
# grant_full_control: "GrantFullControl",
|
47
47
|
# grant_read: "GrantRead",
|
data/lib/aws-sdk-s3/types.rb
CHANGED
@@ -1517,7 +1517,7 @@ module Aws::S3
|
|
1517
1517
|
# data as a hash:
|
1518
1518
|
#
|
1519
1519
|
# {
|
1520
|
-
# location_constraint: "
|
1520
|
+
# location_constraint: "af-south-1", # accepts af-south-1, ap-east-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, cn-north-1, cn-northwest-1, EU, eu-central-1, eu-north-1, eu-south-1, eu-west-1, eu-west-2, eu-west-3, me-south-1, sa-east-1, us-east-2, us-gov-east-1, us-gov-west-1, us-west-1, us-west-2
|
1521
1521
|
# }
|
1522
1522
|
#
|
1523
1523
|
# @!attribute [rw] location_constraint
|
@@ -1555,7 +1555,7 @@ module Aws::S3
|
|
1555
1555
|
# acl: "private", # accepts private, public-read, public-read-write, authenticated-read
|
1556
1556
|
# bucket: "BucketName", # required
|
1557
1557
|
# create_bucket_configuration: {
|
1558
|
-
# location_constraint: "
|
1558
|
+
# location_constraint: "af-south-1", # accepts af-south-1, ap-east-1, ap-northeast-1, ap-northeast-2, ap-northeast-3, ap-south-1, ap-southeast-1, ap-southeast-2, ca-central-1, cn-north-1, cn-northwest-1, EU, eu-central-1, eu-north-1, eu-south-1, eu-west-1, eu-west-2, eu-west-3, me-south-1, sa-east-1, us-east-2, us-gov-east-1, us-gov-west-1, us-west-1, us-west-2
|
1559
1559
|
# },
|
1560
1560
|
# grant_full_control: "GrantFullControl",
|
1561
1561
|
# grant_read: "GrantRead",
|
@@ -2457,7 +2457,7 @@ module Aws::S3
|
|
2457
2457
|
# @return [String]
|
2458
2458
|
#
|
2459
2459
|
# @!attribute [rw] key
|
2460
|
-
# Name of the
|
2460
|
+
# Name of the object key.
|
2461
2461
|
# @return [String]
|
2462
2462
|
#
|
2463
2463
|
# @!attribute [rw] version_id
|
@@ -7042,7 +7042,7 @@ module Aws::S3
|
|
7042
7042
|
# in the subsequent request to get next set of objects. Amazon S3
|
7043
7043
|
# lists objects in alphabetical order Note: This element is returned
|
7044
7044
|
# only if you have delimiter request parameter specified. If response
|
7045
|
-
# does not include the
|
7045
|
+
# does not include the NextMarker and it is truncated, you can use the
|
7046
7046
|
# value of the last Key in the response as the marker in the
|
7047
7047
|
# subsequent request to get the next set of object keys.
|
7048
7048
|
# @return [String]
|
@@ -8140,8 +8140,25 @@ module Aws::S3
|
|
8140
8140
|
# @return [Time]
|
8141
8141
|
#
|
8142
8142
|
# @!attribute [rw] etag
|
8143
|
-
# The entity tag is
|
8144
|
-
#
|
8143
|
+
# The entity tag is a hash of the object. The ETag reflects changes
|
8144
|
+
# only to the contents of an object, not its metadata. The ETag may or
|
8145
|
+
# may not be an MD5 digest of the object data. Whether or not it is
|
8146
|
+
# depends on how the object was created and how it is encrypted as
|
8147
|
+
# described below:
|
8148
|
+
#
|
8149
|
+
# * Objects created by the PUT Object, POST Object, or Copy operation,
|
8150
|
+
# or through the AWS Management Console, and are encrypted by SSE-S3
|
8151
|
+
# or plaintext, have ETags that are an MD5 digest of their object
|
8152
|
+
# data.
|
8153
|
+
#
|
8154
|
+
# * Objects created by the PUT Object, POST Object, or Copy operation,
|
8155
|
+
# or through the AWS Management Console, and are encrypted by SSE-C
|
8156
|
+
# or SSE-KMS, have ETags that are not an MD5 digest of their object
|
8157
|
+
# data.
|
8158
|
+
#
|
8159
|
+
# * If an object is created by either the Multipart Upload or Part
|
8160
|
+
# Copy operation, the ETag is not an MD5 digest, regardless of the
|
8161
|
+
# method of encryption.
|
8145
8162
|
# @return [String]
|
8146
8163
|
#
|
8147
8164
|
# @!attribute [rw] size
|
@@ -10553,7 +10570,7 @@ module Aws::S3
|
|
10553
10570
|
# @return [String]
|
10554
10571
|
#
|
10555
10572
|
# @!attribute [rw] key
|
10556
|
-
# Name of the
|
10573
|
+
# Name of the object key.
|
10557
10574
|
# @return [String]
|
10558
10575
|
#
|
10559
10576
|
# @!attribute [rw] version_id
|
@@ -12453,7 +12470,7 @@ module Aws::S3
|
|
12453
12470
|
# }
|
12454
12471
|
#
|
12455
12472
|
# @!attribute [rw] key
|
12456
|
-
# Name of the
|
12473
|
+
# Name of the object key.
|
12457
12474
|
# @return [String]
|
12458
12475
|
#
|
12459
12476
|
# @!attribute [rw] value
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-s3
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.79.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-08-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-kms
|
@@ -47,7 +47,7 @@ dependencies:
|
|
47
47
|
version: '3'
|
48
48
|
- - ">="
|
49
49
|
- !ruby/object:Gem::Version
|
50
|
-
version: 3.104.
|
50
|
+
version: 3.104.3
|
51
51
|
type: :runtime
|
52
52
|
prerelease: false
|
53
53
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -57,7 +57,7 @@ dependencies:
|
|
57
57
|
version: '3'
|
58
58
|
- - ">="
|
59
59
|
- !ruby/object:Gem::Version
|
60
|
-
version: 3.104.
|
60
|
+
version: 3.104.3
|
61
61
|
description: Official AWS Ruby gem for Amazon Simple Storage Service (Amazon S3).
|
62
62
|
This gem is part of the AWS SDK for Ruby.
|
63
63
|
email:
|