服务端加密(SSE-C)

SSE-C即Server Side Encryption with Custom key,由服务端提供对象的加密功能,用户只需要在执行操作的时候带上加密密钥,由服务端来执行加密和解密操作。

生成加密密钥

服务端使用AES256加密算法,加密密钥由客户端提供,使用32位加密密钥

function RandomString(e) {
    e = e || 32;
    let t = "ABCDEFGHJKMNPQRSTWXYZabcdefhijkmnprstwxyz2345678";
    let a = t.length;
    let n = "";
    for (let i = 0; i < e; i++)
        n += t.charAt(Math.floor(Math.random() * a));
    return n
}

// this.customKey = RandomString(32);

上传文件

putObject: function (file) {
	console.log("putObject")
	let key = "ExampleEnc.txt"
	let params = {
		Bucket: this.bucket,
		Key: key,
		Body: file,
		SSECustomerAlgorithm: "AES256",
		SSECustomerKey: this.customKey,
	};

	this.s3Client.putObject(params, function (err, data) {
		if (err) {
			console.log("Error", err);
		} else {
			console.log("Success", data);
		}
	});
},

下载文件

getObject: function () {
	console.log("getObject")
	let key = "ExampleEnc.txt"
	let params = {
		Bucket: this.bucket,
		Key: key,
		SSECustomerAlgorithm: "AES256",
		SSECustomerKey: this.customKey,
	};
	this.s3Client.getObject(params, function (err, data) {
		if (err) {
			console.log("Error", err);
		} else {
			console.log("Success: ", data.Body.toString());
		}
	});
},