yas3fs
yas3fs copied to clipboard
Add support for S3 customer managed encryption keys
Support should be added for customer provided S3 encryption keys
http://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html
think we go this w/ pull #29 or #45
Not done, that was AWS managed keys, this is customer managed
moved crypto_header logic into base Yas3fs class (on ewah/master).
crypto_headers = {}$
if self.aws_managed_encryption:$
crypto_headers = { 'x-amz-server-side-encryption' : 'AES256' }$
$
self.default_write_headers = copy.copy(self.default_headers)$
self.default_write_headers.update(crypto_headers)$
prepping for sse-c-key option.
something like
crypto_headers = {}
if self.aws_managed_encryption:
crypto_headers = { 'x-amz-server-side-encryption' : 'AES256' }
elif self.client_managed_encryption_key:
crypto_headers = {
'x-amz-copy-source-server-side-encryption-customer-algorithm' : 'AES256',
'x-amz-copy-source-server-side-encryption-customer-key': self.client_managed_encryption_key,
'x-amz-copy-source-server-side-encryption-customer-key-MD5' : md5(self.client_managed_encryption_key)
}
self.default_read_headers = copy.copy(self.default_headers)$
self.default_read_headers.update(crypto_headers)$
self.default_write_headers = copy.copy(self.default_headers)$
self.default_write_headers.update(crypto_headers)$
then replacing all the default_headers w/ default_read_headers when necessary.