This repo hosts the 2015 solution of the AWS S3 Encryption Client, originally featured as a pull request for the AWS SDK, which in turn was a direct follow-up to the issue [#800](https://github.com/aws/aws-sdk-js/issues/800).
npm install aws-s3-encryption-clientThis repo hosts the 2015 solution of the AWS S3 Encryption Client, originally featured as a pull request for the AWS SDK, which in turn was a direct follow-up to the issue #800.
The Ruby lib was as a basis to reconstruct the logic for the JavaScript lib. Certain liberties were taken, some related with the JavaScript syntax and some with the existing conventions of the AWS SDK; the linting script was responsible for a few tweaks as well.
Please note, the new code relates with the ability to automatically encrypt/decrypt S3 objects from the client-side. It is not currently addressing SSE (Server-side Encryption), which I'm not sure if it's under the AWS.S3 domain.
Using NPM:
``
npm install aws-s3-encryption-client
Direct download: https://github.com/makesites/backbone-app/archive/master.zip
Find the compilled library in the "build/" folder. Choose between the uncompressed and comment annotated backbone.app.js and the minified backbone.app-min.js
At the current state my main objective, to read KMS encrypted SES messages is fulfilled. This can be easily done like this:
`
var params = {
Bucket: '{{BUCKET_NAME}}',
Key: '{{BUCKET_ADDRESS}}',
};
var store = new AWS.S3.Encryption.Client({
accessKeyId: '...',
secretAccessKey: '...',
region: '...',
sslEnabled: true,
signatureVersion: 'v4',
});
var downloader = store.getObject(params, function(err, response ){
// output...
res.end( response.Body );
});
`
Additional abilities are in place, but not fully tested:
and EncryptionKey.
- Encrypt and upload content using only a KMSKeyId, with the EncryptionKey automatically generated.kms_client, passed with the options of AWS.S3.Encryption.Client.KMSKeyId and EncryptionKey.KMSKeyId, with the `EncryptionKey resourced from the file headers (as _'x-amz-key-v2'_).kms_client, passed with the options of AWS.S3.Encryption.Client.There is also scaffolding for allowing an instruction file, which will contain the encryption context of an encrypted file, but that functionality is at present disabled.
Some of these features weren't completed to prevent from introducing new conventions. For example, arbitrary including the x-amz-key-v2 key in the putObject response (to allow the user to save that info).
Initiated by Makis Tracend ( @tracend )
Distributed through Makesites.org
Released under the Apache License v2.0