使用 boto3 实现 AWS S3 SSE-KMS / SSE-C 加密上传

#!usr/bin/env python
# -*- coding: utf-8 -*- 
"""
@file: aws_s3_encrypt.py
"""
import boto3
import base64
import hashlib
import ssl

aws_access_key_id = "test"
aws_secret_access_key = "test"
endpoint_url = "https://192.168.1.1:1234"
isUse = True
verify = False

try:
    ssl._create_default_https_context = ssl._create_unverified_context
except AttributeError:
    pass
except Exception as exc:
    print(exc)

s3 = boto3.client(
    service_name='s3',
    aws_access_key_id=aws_access_key_id,
    aws_secret_access_key=aws_secret_access_key,
    endpoint_url=endpoint_url,
    verify=verify,
    use_ssl=True
)

### SSE-KMS ##
s3.put_object(
    Bucket="sse-kms",
    Body='test.txt',
    Key='test.txt',
    ServerSideEncryption='aws:kms',
    SSEKMSKeyId='123456789-1234-1234-1234-123456789'
)


### SSE-C ##
key='EE0UwqYyMgWfEIjSHhmVHBoJgobVUJbR'
base64ed_key = base64.b64encode(key)
hl = hashlib.md5()
hl.update(key)
md5_of_key = hl.digest()

s3.put_object(
        Bucket="sse-c",
        Body='test.txt',
        Key='test.txt',
        ServerSideEncryption='AES256',
        SSECustomerAlgorithm='AES256',
        SSECustomerKey=base64ed_key,
        SSECustomerKeyMD5=base64.b64encode(md5_of_key),
    )

你可能感兴趣的:(AWS,S3)