tommy
/
cos-go-sdk-v5
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
337 Commits
1 Branch
15 Tags
719 KiB
Tree: 179621e96b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '179621e96b'
${ noResults }
cos-go-sdk-v5/example/crypto/crypto_sample.go

316 lines
10 KiB
Raw Normal View History

add ces-kms
4 years ago
cse-kms done
4 years ago
add ces-kms
4 years ago
update crypto demo
4 years ago
add ces-kms
4 years ago
update crypto demo
4 years ago
add ces-kms
4 years ago
update crypto demo
4 years ago
add ces-kms
4 years ago
update crypto demo
4 years ago
add ces-kms
4 years ago
update crypto demo
4 years ago
add ces-kms
4 years ago
update crypto demo
4 years ago
add ces-kms
4 years ago
cse-kms done
4 years ago
add ces-kms
4 years ago
update crypto demo
4 years ago
add ces-kms
4 years ago
update crypto demo
4 years ago
add ces-kms
4 years ago
cse-kms done
4 years ago
add ces-kms
4 years ago
update crypto sample
4 years ago
add ces-kms
4 years ago
  1. package main
  3. import (
  4. "bytes"
  5. "context"
  6. "crypto/md5"
  7. "crypto/rand"
  8. "fmt"
  9. "io"
  10. "io/ioutil"
  11. math_rand "math/rand"
  12. "net/http"
  13. "net/url"
  14. "os"
  15. "time"
  17. "github.com/tencentyun/cos-go-sdk-v5"
  18. "github.com/tencentyun/cos-go-sdk-v5/crypto"
  19. "github.com/tencentyun/cos-go-sdk-v5/debug"
  20. )
  22. func log_status(err error) {
  23. if err == nil {
  24. return
  25. }
  26. if cos.IsNotFoundError(err) {
  27. // WARN
  28. fmt.Println("WARN: Resource is not existed")
  29. } else if e, ok := cos.IsCOSError(err); ok {
  30. fmt.Printf("ERROR: Code: %v\n", e.Code)
  31. fmt.Printf("ERROR: Message: %v\n", e.Message)
  32. fmt.Printf("ERROR: Resource: %v\n", e.Resource)
  33. fmt.Printf("ERROR: RequestId: %v\n", e.RequestID)
  34. // ERROR
  35. } else {
  36. fmt.Printf("ERROR: %v\n", err)
  37. // ERROR
  38. }
  39. os.Exit(1)
  40. }
  42. func cos_max(x, y int64) int64 {
  43. if x > y {
  44. return x
  45. }
  46. return y
  47. }
  49. func simple_put_object() {
  50. u, _ := url.Parse("https://test-1259654469.cos.ap-guangzhou.myqcloud.com")
  51. b := &cos.BaseURL{BucketURL: u}
  52. c := cos.NewClient(b, &http.Client{
  53. Transport: &cos.AuthorizationTransport{
  54. SecretID: os.Getenv("COS_SECRETID"),
  55. SecretKey: os.Getenv("COS_SECRETKEY"),
  56. Transport: &debug.DebugRequestTransport{
  57. RequestHeader: true,
  58. RequestBody: false,
  59. ResponseHeader: true,
  60. ResponseBody: false,
  61. },
  62. },
  63. })
  64. // Case1 上传对象
  65. name := "test/example2"
  67. fmt.Println("============== simple_put_object ======================")
  68. // 该标识信息唯一确认一个主加密密钥, 解密时,需要传入相同的标识信息
  69. // KMS加密时,该信息设置成EncryptionContext,最大支持1024字符,如果Encrypt指定了该参数,则在Decrypt 时需要提供同样的参数
  70. materialDesc := make(map[string]string)
  71. //materialDesc["desc"] = "material information of your master encrypt key"
  73. // 创建KMS客户端
  74. kmsclient, _ := coscrypto.NewKMSClient(c.GetCredential(), "ap-guangzhou")
  75. // 创建KMS主加密密钥,标识信息和主密钥一一对应
  76. kmsID := os.Getenv("KMSID")
  77. masterCipher, _ := coscrypto.CreateMasterKMS(kmsclient, kmsID, materialDesc)
  78. // 创建加密客户端
  79. client := coscrypto.NewCryptoClient(c, masterCipher)
  81. contentLength := 1024*1024*10 + 1
  82. originData := make([]byte, contentLength)
  83. _, err := rand.Read(originData)
  84. f := bytes.NewReader(originData)
  85. // 加密上传
  86. _, err = client.Object.Put(context.Background(), name, f, nil)
  87. log_status(err)
  89. math_rand.Seed(time.Now().UnixNano())
  90. rangeStart := math_rand.Intn(contentLength)
  91. rangeEnd := rangeStart + math_rand.Intn(contentLength-rangeStart)
  92. opt := &cos.ObjectGetOptions{
  93. Range: fmt.Sprintf("bytes=%v-%v", rangeStart, rangeEnd),
  94. }
  95. // 解密下载
  96. resp, err := client.Object.Get(context.Background(), name, opt)
  97. log_status(err)
  98. defer resp.Body.Close()
  99. decryptedData, _ := ioutil.ReadAll(resp.Body)
  100. if bytes.Compare(decryptedData, originData[rangeStart:rangeEnd+1]) != 0 {
  101. fmt.Println("Error: encryptedData != originData")
  102. }
  103. }
  105. func simple_put_object_from_file() {
  106. u, _ := url.Parse("https://test-1259654469.cos.ap-guangzhou.myqcloud.com")
  107. b := &cos.BaseURL{BucketURL: u}
  108. c := cos.NewClient(b, &http.Client{
  109. Transport: &cos.AuthorizationTransport{
  110. SecretID: os.Getenv("COS_SECRETID"),
  111. SecretKey: os.Getenv("COS_SECRETKEY"),
  112. Transport: &debug.DebugRequestTransport{
  113. RequestHeader: true,
  114. RequestBody: false,
  115. ResponseHeader: true,
  116. ResponseBody: false,
  117. },
  118. },
  119. })
  120. // Case1 上传对象
  121. name := "test/example1"
  123. fmt.Println("============== simple_put_object_from_file ======================")
  124. // 该标识信息唯一确认一个主加密密钥, 解密时,需要传入相同的标识信息
  125. // KMS加密时,该信息设置成EncryptionContext,最大支持1024字符,如果Encrypt指定了该参数,则在Decrypt 时需要提供同样的参数
  126. materialDesc := make(map[string]string)
  127. //materialDesc["desc"] = "material information of your master encrypt key"
  129. // 创建KMS客户端
  130. kmsclient, _ := coscrypto.NewKMSClient(c.GetCredential(), "ap-guangzhou")
  131. // 创建KMS主加密密钥,标识信息和主密钥一一对应
  132. kmsID := os.Getenv("KMSID")
  133. masterCipher, _ := coscrypto.CreateMasterKMS(kmsclient, kmsID, materialDesc)
  134. // 创建加密客户端
  135. client := coscrypto.NewCryptoClient(c, masterCipher)
  137. filepath := "test"
  138. fd, err := os.Open(filepath)
  139. log_status(err)
  140. defer fd.Close()
  141. m := md5.New()
  142. io.Copy(m, fd)
  143. originDataMD5 := m.Sum(nil)
  145. // 加密上传
  146. _, err = client.Object.PutFromFile(context.Background(), name, filepath, nil)
  147. log_status(err)
  149. // 解密下载
  150. _, err = client.Object.GetToFile(context.Background(), name, "./test.download", nil)
  151. log_status(err)
  153. fd, err = os.Open("./test.download")
  154. log_status(err)
  155. defer fd.Close()
  156. m = md5.New()
  157. io.Copy(m, fd)
  158. decryptedDataMD5 := m.Sum(nil)
  160. if bytes.Compare(decryptedDataMD5, originDataMD5) != 0 {
  161. fmt.Println("Error: encryptedData != originData")
  162. }
  163. }
  165. func multi_put_object() {
  166. u, _ := url.Parse("https://test-1259654469.cos.ap-guangzhou.myqcloud.com")
  167. b := &cos.BaseURL{BucketURL: u}
  168. c := cos.NewClient(b, &http.Client{
  169. Transport: &cos.AuthorizationTransport{
  170. SecretID: os.Getenv("COS_SECRETID"),
  171. SecretKey: os.Getenv("COS_SECRETKEY"),
  172. Transport: &debug.DebugRequestTransport{
  173. RequestHeader: true,
  174. RequestBody: false,
  175. ResponseHeader: true,
  176. ResponseBody: false,
  177. },
  178. },
  179. })
  180. // Case1 上传对象
  181. name := "test/example1"
  183. fmt.Println("============== multi_put_object ======================")
  184. // 该标识信息唯一确认一个主加密密钥, 解密时,需要传入相同的标识信息
  185. // KMS加密时,该信息设置成EncryptionContext,最大支持1024字符,如果Encrypt指定了该参数,则在Decrypt 时需要提供同样的参数
  186. materialDesc := make(map[string]string)
  187. //materialDesc["desc"] = "material information of your master encrypt key"
  189. // 创建KMS客户端
  190. kmsclient, _ := coscrypto.NewKMSClient(c.GetCredential(), "ap-guangzhou")
  191. // 创建KMS主加密密钥,标识信息和主密钥一一对应
  192. kmsID := os.Getenv("KMSID")
  193. masterCipher, _ := coscrypto.CreateMasterKMS(kmsclient, kmsID, materialDesc)
  194. // 创建加密客户端
  195. client := coscrypto.NewCryptoClient(c, masterCipher)
  197. contentLength := int64(1024*1024*10 + 1)
  198. originData := make([]byte, contentLength)
  199. _, err := rand.Read(originData)
  200. log_status(err)
  202. // 分块上传
  203. cryptoCtx := coscrypto.CryptoContext{
  204. DataSize: contentLength,
  205. // 每个分块需要16字节对齐
  206. PartSize: cos_max(1024*1024, (contentLength/16/3)*16),
  207. }
  208. v, _, err := client.Object.InitiateMultipartUpload(context.Background(), name, nil, &cryptoCtx)
  209. log_status(err)
  210. // 切分数据
  211. chunks, _, err := cos.SplitSizeIntoChunks(contentLength, cryptoCtx.PartSize)
  212. log_status(err)
  213. optcom := &cos.CompleteMultipartUploadOptions{}
  214. for _, chunk := range chunks {
  215. opt := &cos.ObjectUploadPartOptions{
  216. ContentLength: chunk.Size,
  217. }
  218. f := bytes.NewReader(originData[chunk.OffSet : chunk.OffSet+chunk.Size])
  219. resp, err := client.Object.UploadPart(context.Background(), name, v.UploadID, chunk.Number, f, opt, &cryptoCtx)
  220. log_status(err)
  221. optcom.Parts = append(optcom.Parts, cos.Object{
  222. PartNumber: chunk.Number, ETag: resp.Header.Get("ETag"),
  223. })
  224. }
  225. _, _, err = client.Object.CompleteMultipartUpload(context.Background(), name, v.UploadID, optcom)
  226. log_status(err)
  228. resp, err := client.Object.Get(context.Background(), name, nil)
  229. log_status(err)
  230. defer resp.Body.Close()
  231. decryptedData, _ := ioutil.ReadAll(resp.Body)
  232. if bytes.Compare(decryptedData, originData) != 0 {
  233. fmt.Println("Error: encryptedData != originData")
  234. }
  235. }
  237. func multi_put_object_from_file() {
  238. u, _ := url.Parse("https://test-1259654469.cos.ap-guangzhou.myqcloud.com")
  239. b := &cos.BaseURL{BucketURL: u}
  240. c := cos.NewClient(b, &http.Client{
  241. Transport: &cos.AuthorizationTransport{
  242. SecretID: os.Getenv("COS_SECRETID"),
  243. SecretKey: os.Getenv("COS_SECRETKEY"),
  244. Transport: &debug.DebugRequestTransport{
  245. RequestHeader: true,
  246. RequestBody: false,
  247. ResponseHeader: true,
  248. ResponseBody: false,
  249. },
  250. },
  251. })
  252. // Case1 上传对象
  253. name := "test/example1"
  255. fmt.Println("============== multi_put_object_from_file ======================")
  256. // 该标识信息唯一确认一个主加密密钥, 解密时,需要传入相同的标识信息
  257. // KMS加密时,该信息设置成EncryptionContext,最大支持1024字符,如果Encrypt指定了该参数,则在Decrypt 时需要提供同样的参数
  258. materialDesc := make(map[string]string)
  259. //materialDesc["desc"] = "material information of your master encrypt key"
  261. // 创建KMS客户端
  262. kmsclient, _ := coscrypto.NewKMSClient(c.GetCredential(), "ap-guangzhou")
  263. // 创建KMS主加密密钥,标识信息和主密钥一一对应
  264. kmsID := os.Getenv("KMSID")
  265. masterCipher, _ := coscrypto.CreateMasterKMS(kmsclient, kmsID, materialDesc)
  266. // 创建加密客户端
  267. client := coscrypto.NewCryptoClient(c, masterCipher)
  269. filepath := "test"
  270. stat, err := os.Stat(filepath)
  271. log_status(err)
  272. contentLength := stat.Size()
  274. // 分块上传
  275. cryptoCtx := coscrypto.CryptoContext{
  276. DataSize: contentLength,
  277. // 每个分块需要16字节对齐
  278. PartSize: cos_max(1024*1024, (contentLength/16/3)*16),
  279. }
  280. // 切分数据
  281. _, chunks, _, err := cos.SplitFileIntoChunks(filepath, cryptoCtx.PartSize)
  282. log_status(err)
  284. // init mulitupload
  285. v, _, err := client.Object.InitiateMultipartUpload(context.Background(), name, nil, &cryptoCtx)
  286. log_status(err)
  288. // part upload
  289. optcom := &cos.CompleteMultipartUploadOptions{}
  290. for _, chunk := range chunks {
  291. fd, err := os.Open(filepath)
  292. log_status(err)
  293. opt := &cos.ObjectUploadPartOptions{
  294. ContentLength: chunk.Size,
  295. }
  296. fd.Seek(chunk.OffSet, os.SEEK_SET)
  297. resp, err := client.Object.UploadPart(context.Background(), name, v.UploadID, chunk.Number, cos.LimitReadCloser(fd, chunk.Size), opt, &cryptoCtx)
  298. log_status(err)
  299. optcom.Parts = append(optcom.Parts, cos.Object{
  300. PartNumber: chunk.Number, ETag: resp.Header.Get("ETag"),
  301. })
  302. }
  303. // complete upload
  304. _, _, err = client.Object.CompleteMultipartUpload(context.Background(), name, v.UploadID, optcom)
  305. log_status(err)
  307. _, err = client.Object.GetToFile(context.Background(), name, "test.download", nil)
  308. log_status(err)
  309. }
  311. func main() {
  312. simple_put_object()
  313. simple_put_object_from_file()
  314. multi_put_object()
  315. multi_put_object_from_file()
  316. }