public void ServerSideEncryptionBYOKTransferUtility()
{
var bucketName = S3TestUtils.CreateBucket(Client);
try
{
Aes aesEncryption = Aes.Create();
aesEncryption.KeySize = 256;
aesEncryption.GenerateKey();
string base64Key = Convert.ToBase64String(aesEncryption.Key);
TransferUtility utility = new TransferUtility(Client);
var uploadRequest = new TransferUtilityUploadRequest
{
BucketName = bucketName,
Key = key,
ServerSideEncryptionCustomerMethod = ServerSideEncryptionCustomerMethod.AES256,
ServerSideEncryptionCustomerProvidedKey = base64Key
};
uploadRequest.InputStream = new MemoryStream(UTF8Encoding.UTF8.GetBytes("Encrypted Content"));
utility.Upload(uploadRequest);
GetObjectMetadataRequest getObjectMetadataRequest = new GetObjectMetadataRequest
{
BucketName = bucketName,
Key = key,
ServerSideEncryptionCustomerMethod = ServerSideEncryptionCustomerMethod.AES256,
ServerSideEncryptionCustomerProvidedKey = base64Key
};
GetObjectMetadataResponse getObjectMetadataResponse = Client.GetObjectMetadata(getObjectMetadataRequest);
Assert.AreEqual(ServerSideEncryptionCustomerMethod.AES256, getObjectMetadataResponse.ServerSideEncryptionCustomerMethod);
var openRequest = new TransferUtilityOpenStreamRequest
{
BucketName = bucketName,
Key = key,
ServerSideEncryptionCustomerMethod = ServerSideEncryptionCustomerMethod.AES256,
ServerSideEncryptionCustomerProvidedKey = base64Key
};
using (var stream = new StreamReader(utility.OpenStream(openRequest)))
{
var content = stream.ReadToEnd();
Assert.AreEqual(content, "Encrypted Content");
}
}
finally
{
AmazonS3Util.DeleteS3BucketWithObjects(Client, bucketName);
}
}