无法通过AWS SDK与Minio服务器解密加密文件

时间:2017-09-26 16:02:00

标签: c# encryption amazon-s3 aws-sdk minio

我用:

  • minio服务器来存储文件
  • nginx作为反向代理,可以使用https与minio服务器
  • .NET AWSSDK.S3通过nginx与Minio服务器通信

由于服务器端加密不适用于minio服务器,我尝试使用AWS的客户端加密帮助。但是解密文件不适用于minio服务器。

当我在AWS服务器帐户中使用相同的代码时,加密/解密效果很好。

在minio服务器中创建文件时,文件似乎丢失了元数据。

当我尝试获取文件时,我有一个例外:

  

类型' Amazon.Runtime.AmazonServiceException'未处理的例外情况。发生在AWSSDK.Core.dll中   附加信息:无法解密对象文件的数据流-27e52c5f-05d1-4296 -

这是我的代码

    static void Main()
    {
        string filePath = @"c:/tempPrivateKey.txt";
        string privateKey = File.ReadAllText(filePath);
        RSA rsaAlgorithm = RSA.Create();
        rsaAlgorithm.FromXmlString(privateKey);
        EncryptionMaterials encryptionMaterials = new EncryptionMaterials(rsaAlgorithm);
        var credentials = new BasicAWSCredentials(AccessKey, SecretKey);

        AmazonS3CryptoConfiguration cryptoConfig = new AmazonS3CryptoConfiguration
        {
            RegionEndpoint = RegionEndpoint.EUWest1,
            StorageMode = CryptoStorageMode.ObjectMetadata,
            ServiceURL = EndPointNginx,
            UseHttp = false,
            ForcePathStyle = true
        };

        _amazonS3Client = new AmazonS3EncryptionClient(credentials, cryptoConfig, encryptionMaterials);

        string bucketName = "bucket-" + Guid.NewGuid();

        string fileStreamKey = "file-stream-" + Guid.NewGuid();

        Stream fileStream = CreateRandomFileOnStream();

        CreateBucket(bucketName);

        AddFileToBucket(fileStreamKey, fileStream, bucketName);

        Stream fileStreamToRead = GetFile(fileStreamKey, bucketName);

        using (var reader = new StreamReader(fileStreamToRead))
        {
            Console.Out.WriteLine(reader.ReadToEnd());
        }

        DeleteFile(fileStreamKey, bucketName);

        DeleteBucket(bucketName);

        Console.ReadKey();
    }

    private static void AddFileToBucket(string fileKey, Stream fileStream, string bucketName)
    {
        Console.Out.WriteLine();
        Console.Out.WriteLine($"adding file {fileKey} to bucket {bucketName}.");

        var objectToPut = new PutObjectRequest
        {
            BucketName = bucketName,
            Key = fileKey,
            InputStream = fileStream
        };

        _amazonS3Client.PutObject(objectToPut);

        if (fileStream.CanRead)
            fileStream.Dispose();
        Console.Out.WriteLine("file added");
    }

    private static Stream GetFile(string fileKey, string bucketName)
    {
        // This line throw an exception.
        GetObjectResponse response = _amazonS3Client.GetObject(new GetObjectRequest { BucketName = bucketName, Key = fileKey });
        return response.ResponseStream;
    }

最糟糕的是,我会手动加密/解密文件,但我想确定是否有解决此问题的方法。

0 个答案:

没有答案
相关问题
最新问题