Path: blob/master/code_examples/java_examples/S3Examples/ServerSideEncryptionCopyObjectUsingHLwithSSEC.java
4084 views
// Copyright 2018 Amazon.com, Inc. or its affiliates. All Rights Reserved.1// SPDX-License-Identifier: MIT-0 (For details, see https://github.com/awsdocs/amazon-s3-developer-guide/blob/master/LICENSE-SAMPLECODE.)23import java.io.File;4import java.security.SecureRandom;56import javax.crypto.KeyGenerator;78import com.amazonaws.AmazonServiceException;9import com.amazonaws.SdkClientException;10import com.amazonaws.auth.profile.ProfileCredentialsProvider;11import com.amazonaws.services.s3.AmazonS3;12import com.amazonaws.services.s3.AmazonS3ClientBuilder;13import com.amazonaws.services.s3.model.CopyObjectRequest;14import com.amazonaws.services.s3.model.PutObjectRequest;15import com.amazonaws.services.s3.model.SSECustomerKey;16import com.amazonaws.services.s3.transfer.Copy;17import com.amazonaws.services.s3.transfer.TransferManager;18import com.amazonaws.services.s3.transfer.TransferManagerBuilder;19import com.amazonaws.services.s3.transfer.Upload;2021public class ServerSideEncryptionCopyObjectUsingHLwithSSEC {2223public static void main(String[] args) throws Exception {24String clientRegion = "*** Client region ***";25String bucketName = "*** Bucket name ***";26String fileToUpload = "*** File path ***";27String keyName = "*** New object key name ***";28String targetKeyName = "*** Key name for object copy ***";2930try {31AmazonS3 s3Client = AmazonS3ClientBuilder.standard()32.withRegion(clientRegion)33.withCredentials(new ProfileCredentialsProvider())34.build();35TransferManager tm = TransferManagerBuilder.standard()36.withS3Client(s3Client)37.build();3839// Create an object from a file.40PutObjectRequest putObjectRequest = new PutObjectRequest(bucketName, keyName, new File(fileToUpload));4142// Create an encryption key.43KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");44keyGenerator.init(256, new SecureRandom());45SSECustomerKey sseCustomerEncryptionKey = new SSECustomerKey(keyGenerator.generateKey());4647// Upload the object. TransferManager uploads asynchronously, so this call returns immediately.48putObjectRequest.setSSECustomerKey(sseCustomerEncryptionKey);49Upload upload = tm.upload(putObjectRequest);5051// Optionally, wait for the upload to finish before continuing.52upload.waitForCompletion();53System.out.println("Object created.");5455// Copy the object and store the copy using SSE-C with a new key.56CopyObjectRequest copyObjectRequest = new CopyObjectRequest(bucketName, keyName, bucketName, targetKeyName);57SSECustomerKey sseTargetObjectEncryptionKey = new SSECustomerKey(keyGenerator.generateKey());58copyObjectRequest.setSourceSSECustomerKey(sseCustomerEncryptionKey);59copyObjectRequest.setDestinationSSECustomerKey(sseTargetObjectEncryptionKey);6061// Copy the object. TransferManager copies asynchronously, so this call returns immediately.62Copy copy = tm.copy(copyObjectRequest);6364// Optionally, wait for the upload to finish before continuing.65copy.waitForCompletion();66System.out.println("Copy complete.");67}68catch(AmazonServiceException e) {69// The call was transmitted successfully, but Amazon S3 couldn't process70// it, so it returned an error response.71e.printStackTrace();72}73catch(SdkClientException e) {74// Amazon S3 couldn't be contacted for a response, or the client75// couldn't parse the response from Amazon S3.76e.printStackTrace();77}78}79}8081