@api private
# File lib/aws-sdk-resources/services/s3/encryption/default_cipher_provider.rb, line 9 def initialize(options = {}) @key_provider = options[:key_provider] end
@return [Cipher] Given an encryption envelope, returns a
decryption cipher.
# File lib/aws-sdk-resources/services/s3/encryption/default_cipher_provider.rb, line 27 def decryption_cipher(envelope) master_key = @key_provider.key_for(envelope['x-amz-matdesc']) key = Utils.decrypt(master_key, decode64(envelope['x-amz-key'])) iv = decode64(envelope['x-amz-iv']) Utils.aes_decryption_cipher(:CBC, key, iv) end
@return [Array<Hash,Cipher>] Creates an returns a new encryption
envelope and encryption cipher.
# File lib/aws-sdk-resources/services/s3/encryption/default_cipher_provider.rb, line 15 def encryption_cipher cipher = Utils.aes_encryption_cipher(:CBC) envelope = { 'x-amz-key' => encode64(encrypt(envelope_key(cipher))), 'x-amz-iv' => encode64(envelope_iv(cipher)), 'x-amz-matdesc' => materials_description, } [envelope, cipher] end
# File lib/aws-sdk-resources/services/s3/encryption/default_cipher_provider.rb, line 56 def decode64(str) Base64.decode64(str) end
# File lib/aws-sdk-resources/services/s3/encryption/default_cipher_provider.rb, line 52 def encode64(str) Base64.encode64(str).split("\n") * "" end
# File lib/aws-sdk-resources/services/s3/encryption/default_cipher_provider.rb, line 44 def encrypt(data) Utils.encrypt(@key_provider.encryption_materials.key, data) end
# File lib/aws-sdk-resources/services/s3/encryption/default_cipher_provider.rb, line 40 def envelope_iv(cipher) cipher.iv = cipher.random_iv end
# File lib/aws-sdk-resources/services/s3/encryption/default_cipher_provider.rb, line 36 def envelope_key(cipher) cipher.key = cipher.random_key end
# File lib/aws-sdk-resources/services/s3/encryption/default_cipher_provider.rb, line 48 def materials_description @key_provider.encryption_materials.description end