您的位置: 首页  >  技术问答  >  如何在NodeJS上使用S3 SSE C(服务器端加密和客户端提供的密钥)

如何在NodeJS上使用S3 SSE C(服务器端加密和客户端提供的密钥)

分类: 技术问答 2022-08-28 23:54:20
问题描述:

如何在NodeJS上使用SSE C加密?我试过以下,但得到了一个错误如何在NodeJS上使用S3 SSE C(服务器端加密和客户端提供的密钥)

s3.putObject({ 
    Bucket: 'mybucket', 
    Body: 'Hello S3', 
    ACL: 'private', 
    Key: 'test.txt', 
    SSECustomerAlgorithm: 'AES256', 
    SSECustomerKey: '0699Exxxxxx' 
}, (err) => { 
    if (err) return console.error(err.stack) 
    s3.getSignedUrl('getObject', { 
    Key: 'test.txt', 
    Expires: 60, 
    SSECustomerAlgorithm: 'AES256', 
    SSECustomerKey: '0699Exxxxxx' 
    }, (err, data) => { 
    if (err) return console.error(err.stack) 
    console.log(data) 
    }) 
})

问题是我得到的“秘密密钥是针对指定的算法无效”

sails> (node:4802) DeprecationWarning: Calling an asynchronous function without callback is deprecated. 
InvalidArgument: The secret key was invalid for the specified algorithm. 
    at Request.extractError (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/services/s3.js:538:35) 
    at Request.callListeners (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/sequential_executor.js:105:20) 
    at Request.emit (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/sequential_executor.js:77:10) 
    at Request.emit (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/request.js:668:14) 
    at Request.transition (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/request.js:22:10) 
    at AcceptorStateMachine.runTo (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/state_machine.js:14:12) 
    at /home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/state_machine.js:26:10 
    at Request.<anonymous> (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/request.js:38:9) 
    at Request.<anonymous> (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/request.js:670:12) 
    at Request.callListeners (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/sequential_executor.js:115:18) 
    at Request.emit (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/sequential_executor.js:77:10) 
    at Request.emit (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/request.js:668:14) 
    at Request.transition (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/request.js:22:10) 
    at AcceptorStateMachine.runTo (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/state_machine.js:14:12) 
    at /home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/state_machine.js:26:10 
    at Request.<anonymous> (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/request.js:38:9) 
    at Request.<anonymous> (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/request.js:670:12) 
    at Request.callListeners (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/sequential_executor.js:115:18) 
    at callNextListener (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/sequential_executor.js:95:12) 
    at IncomingMessage.onEnd (/home/jiewmeng/Dropbox/goldbell-server/node_modules/aws-sdk/lib/event_listeners.js:211:11) 
    at emitNone (events.js:91:20) 
    at IncomingMessage.emit (events.js:185:7)

的哪些错误?他们键入我尝试使用产生这样的:

➜ openssl enc -d -a -md sha1 -aes-256-cbc -nosalt -p 
enter aes-256-cbc decryption password: 
key=0699EC90A02... 
iv =433BFB13C10...

我用keySSECustomerKey

尝试生成密钥这样:

const ssecKey = Buffer.alloc(32, 'your key')

然后你可以使用它像

s3.putObject({ 
    Bucket: 'mybucket', 
    Body: 'Hello S3', 
    ACL: 'private', 
    Key: 'test.txt', 
    SSECustomerAlgorithm: 'AES256', 
    SSECustomerKey: ssecKey 
}, (err) => { 
    if (err) return console.error(err.stack) 

    s3.getSignedUrl('getObject', { 
    Key: 'test.txt', 
    Expires: 60, 
    SSECustomerAlgorithm: 'AES256', 
    SSECustomerKey: ssecKey 
    }, (err, data) => { 
    if (err) return console.error(err.stack) 

    console.log(data) 
    }) 
})

相关推荐