github.com/aliyun/aliyun-oss-go-sdk@v3.0.2+incompatible/oss/crypto/crypto_bucket_test.go (about) 1 package osscrypto 2 3 import ( 4 "crypto/md5" 5 "encoding/hex" 6 "fmt" 7 "io" 8 "io/ioutil" 9 "log" 10 "math/rand" 11 math_rand "math/rand" 12 "net/http" 13 "os" 14 "strings" 15 "testing" 16 "time" 17 18 kms "github.com/aliyun/alibaba-cloud-sdk-go/services/kms" 19 "github.com/aliyun/aliyun-oss-go-sdk/oss" 20 . "gopkg.in/check.v1" 21 ) 22 23 func Test(t *testing.T) { 24 TestingT(t) 25 } 26 27 type OssCryptoBucketSuite struct { 28 } 29 30 var _ = Suite(&OssCryptoBucketSuite{}) 31 32 var ( 33 matDesc = make(map[string]string) 34 35 rsaPublicKey string = `-----BEGIN PUBLIC KEY----- 36 MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCokfiAVXXf5ImFzKDw+XO/UByW 37 6mse2QsIgz3ZwBtMNu59fR5zttSx+8fB7vR4CN3bTztrP9A6bjoN0FFnhlQ3vNJC 38 5MFO1PByrE/MNd5AAfSVba93I6sx8NSk5MzUCA4NJzAUqYOEWGtGBcom6kEF6MmR 39 1EKib1Id8hpooY5xaQIDAQAB 40 -----END PUBLIC KEY-----` 41 42 rsaPrivateKey string = `-----BEGIN PRIVATE KEY----- 43 MIICdQIBADANBgkqhkiG9w0BAQEFAASCAl8wggJbAgEAAoGBAKiR+IBVdd/kiYXM 44 oPD5c79QHJbqax7ZCwiDPdnAG0w27n19HnO21LH7x8Hu9HgI3dtPO2s/0DpuOg3Q 45 UWeGVDe80kLkwU7U8HKsT8w13kAB9JVtr3cjqzHw1KTkzNQIDg0nMBSpg4RYa0YF 46 yibqQQXoyZHUQqJvUh3yGmihjnFpAgMBAAECgYA49RmCQ14QyKevDfVTdvYlLmx6 47 kbqgMbYIqk+7w611kxoCTMR9VMmJWgmk/Zic9mIAOEVbd7RkCdqT0E+xKzJJFpI2 48 ZHjrlwb21uqlcUqH1Gn+wI+jgmrafrnKih0kGucavr/GFi81rXixDrGON9KBE0FJ 49 cPVdc0XiQAvCBnIIAQJBANXu3htPH0VsSznfqcDE+w8zpoAJdo6S/p30tcjsDQnx 50 l/jYV4FXpErSrtAbmI013VYkdJcghNSLNUXppfk2e8UCQQDJt5c07BS9i2SDEXiz 51 byzqCfXVzkdnDj9ry9mba1dcr9B9NCslVelXDGZKvQUBqNYCVxg398aRfWlYDTjU 52 IoVVAkAbTyjPN6R4SkC4HJMg5oReBmvkwFCAFsemBk0GXwuzD0IlJAjXnAZ+/rIO 53 ItewfwXIL1Mqz53lO/gK+q6TR585AkB304KUIoWzjyF3JqLP3IQOxzns92u9EV6l 54 V2P+CkbMPXiZV6sls6I4XppJXX2i3bu7iidN3/dqJ9izQK94fMU9AkBZvgsIPCot 55 y1/POIbv9LtnviDKrmpkXgVQSU4BmTPvXwTJm8APC7P/horSh3SVf1zgmnsyjm9D 56 hO92gGc+4ajL 57 -----END PRIVATE KEY-----` 58 59 rsaPublicKeyPks1 string = `-----BEGIN RSA PUBLIC KEY----- 60 MIGJAoGBAKiR+IBVdd/kiYXMoPD5c79QHJbqax7ZCwiDPdnAG0w27n19HnO21LH7 61 x8Hu9HgI3dtPO2s/0DpuOg3QUWeGVDe80kLkwU7U8HKsT8w13kAB9JVtr3cjqzHw 62 1KTkzNQIDg0nMBSpg4RYa0YFyibqQQXoyZHUQqJvUh3yGmihjnFpAgMBAAE= 63 -----END RSA PUBLIC KEY-----` 64 65 rsaPrivateKeyPks1 string = `-----BEGIN RSA PRIVATE KEY----- 66 MIICWwIBAAKBgQCokfiAVXXf5ImFzKDw+XO/UByW6mse2QsIgz3ZwBtMNu59fR5z 67 ttSx+8fB7vR4CN3bTztrP9A6bjoN0FFnhlQ3vNJC5MFO1PByrE/MNd5AAfSVba93 68 I6sx8NSk5MzUCA4NJzAUqYOEWGtGBcom6kEF6MmR1EKib1Id8hpooY5xaQIDAQAB 69 AoGAOPUZgkNeEMinrw31U3b2JS5sepG6oDG2CKpPu8OtdZMaAkzEfVTJiVoJpP2Y 70 nPZiADhFW3e0ZAnak9BPsSsySRaSNmR465cG9tbqpXFKh9Rp/sCPo4Jq2n65yood 71 JBrnGr6/xhYvNa14sQ6xjjfSgRNBSXD1XXNF4kALwgZyCAECQQDV7t4bTx9FbEs5 72 36nAxPsPM6aACXaOkv6d9LXI7A0J8Zf42FeBV6RK0q7QG5iNNd1WJHSXIITUizVF 73 6aX5NnvFAkEAybeXNOwUvYtkgxF4s28s6gn11c5HZw4/a8vZm2tXXK/QfTQrJVXp 74 VwxmSr0FAajWAlcYN/fGkX1pWA041CKFVQJAG08ozzekeEpAuByTIOaEXgZr5MBQ 75 gBbHpgZNBl8Lsw9CJSQI15wGfv6yDiLXsH8FyC9TKs+d5Tv4Cvquk0efOQJAd9OC 76 lCKFs48hdyaiz9yEDsc57PdrvRFepVdj/gpGzD14mVerJbOiOF6aSV19ot27u4on 77 Td/3aifYs0CveHzFPQJAWb4LCDwqLctfzziG7/S7Z74gyq5qZF4FUElOAZkz718E 78 yZvADwuz/4aK0od0lX9c4Jp7Mo5vQ4TvdoBnPuGoyw== 79 -----END RSA PRIVATE KEY-----` 80 ) 81 82 var ( 83 // Endpoint/ID/Key 84 endpoint = os.Getenv("OSS_TEST_ENDPOINT") 85 accessID = os.Getenv("OSS_TEST_ACCESS_KEY_ID") 86 accessKey = os.Getenv("OSS_TEST_ACCESS_KEY_SECRET") 87 kmsID = os.Getenv("OSS_TEST_KMS_ID") 88 kmsRegion = os.Getenv("OSS_TEST_KMS_REGION") 89 kmsAccessID = accessID 90 kmsAccessKey = accessKey 91 bucketNamePrefix = "go-sdk-test-bucket-" 92 objectNamePrefix = "go-sdk-test-object-" 93 ) 94 95 var ( 96 logPath = "go_sdk_test_" + time.Now().Format("20060102_150405") + ".log" 97 testLogFile, _ = os.OpenFile(logPath, os.O_RDWR|os.O_CREATE, 0664) 98 testLogger = log.New(testLogFile, "", log.Ldate|log.Ltime|log.Lshortfile) 99 letters = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ") 100 timeoutInOperation = 3 * time.Second 101 ) 102 103 func RandStr(n int) string { 104 b := make([]rune, n) 105 randMarker := rand.New(rand.NewSource(time.Now().UnixNano())) 106 for i := range b { 107 b[i] = letters[randMarker.Intn(len(letters))] 108 } 109 return string(b) 110 } 111 112 func RandLowStr(n int) string { 113 return strings.ToLower(RandStr(n)) 114 } 115 116 func GetFileMD5(filePath string) (string, error) { 117 fd, err := os.Open(filePath) 118 if err != nil { 119 return "", err 120 } 121 defer fd.Close() 122 123 md5 := md5.New() 124 _, err = io.Copy(md5, fd) 125 if err != nil { 126 return "", fmt.Errorf("buff copy error") 127 } 128 md5Str := hex.EncodeToString(md5.Sum(nil)) 129 return md5Str, nil 130 } 131 132 func GetStringMd5(s string) string { 133 md5 := md5.New() 134 md5.Write([]byte(s)) 135 md5Str := hex.EncodeToString(md5.Sum(nil)) 136 return md5Str 137 } 138 139 func ForceDeleteBucket(client *oss.Client, bucketName string, c *C) { 140 bucket, err := client.Bucket(bucketName) 141 c.Assert(err, IsNil) 142 143 // Delete Object 144 marker := oss.Marker("") 145 for { 146 lor, err := bucket.ListObjects(marker) 147 c.Assert(err, IsNil) 148 for _, object := range lor.Objects { 149 err = bucket.DeleteObject(object.Key) 150 c.Assert(err, IsNil) 151 } 152 marker = oss.Marker(lor.NextMarker) 153 if !lor.IsTruncated { 154 break 155 } 156 } 157 158 // Delete Object Versions and DeleteMarks 159 keyMarker := oss.KeyMarker("") 160 versionIdMarker := oss.VersionIdMarker("") 161 options := []oss.Option{keyMarker, versionIdMarker} 162 for { 163 lor, err := bucket.ListObjectVersions(options...) 164 if err != nil { 165 break 166 } 167 168 for _, object := range lor.ObjectDeleteMarkers { 169 err = bucket.DeleteObject(object.Key, oss.VersionId(object.VersionId)) 170 c.Assert(err, IsNil) 171 } 172 173 for _, object := range lor.ObjectVersions { 174 err = bucket.DeleteObject(object.Key, oss.VersionId(object.VersionId)) 175 c.Assert(err, IsNil) 176 } 177 178 keyMarker = oss.KeyMarker(lor.NextKeyMarker) 179 versionIdMarker := oss.VersionIdMarker(lor.NextVersionIdMarker) 180 options = []oss.Option{keyMarker, versionIdMarker} 181 182 if !lor.IsTruncated { 183 break 184 } 185 } 186 187 // Delete Part 188 keyMarker = oss.KeyMarker("") 189 uploadIDMarker := oss.UploadIDMarker("") 190 for { 191 lmur, err := bucket.ListMultipartUploads(keyMarker, uploadIDMarker) 192 c.Assert(err, IsNil) 193 for _, upload := range lmur.Uploads { 194 var imur = oss.InitiateMultipartUploadResult{Bucket: bucketName, 195 Key: upload.Key, UploadID: upload.UploadID} 196 err = bucket.AbortMultipartUpload(imur) 197 c.Assert(err, IsNil) 198 } 199 keyMarker = oss.KeyMarker(lmur.NextKeyMarker) 200 uploadIDMarker = oss.UploadIDMarker(lmur.NextUploadIDMarker) 201 if !lmur.IsTruncated { 202 break 203 } 204 } 205 206 // delete live channel 207 strMarker := "" 208 for { 209 result, err := bucket.ListLiveChannel(oss.Marker(strMarker)) 210 c.Assert(err, IsNil) 211 212 for _, channel := range result.LiveChannel { 213 err := bucket.DeleteLiveChannel(channel.Name) 214 c.Assert(err, IsNil) 215 } 216 217 if result.IsTruncated { 218 strMarker = result.NextMarker 219 } else { 220 break 221 } 222 } 223 224 // Delete Bucket 225 err = client.DeleteBucket(bucketName) 226 c.Assert(err, IsNil) 227 } 228 229 func ReadBody(body io.ReadCloser) (string, error) { 230 data, err := ioutil.ReadAll(body) 231 body.Close() 232 if err != nil { 233 return "", err 234 } 235 return string(data), nil 236 } 237 238 // SetUpSuite runs once when the suite starts running 239 func (s *OssCryptoBucketSuite) SetUpSuite(c *C) { 240 } 241 242 // TearDownSuite runs before each test or benchmark starts running 243 func (s *OssCryptoBucketSuite) TearDownSuite(c *C) { 244 } 245 246 // SetUpTest runs after each test or benchmark runs 247 func (s *OssCryptoBucketSuite) SetUpTest(c *C) { 248 } 249 250 // TearDownTest runs once after all tests or benchmarks have finished running 251 func (s *OssCryptoBucketSuite) TearDownTest(c *C) { 252 253 } 254 255 func (s *OssCryptoBucketSuite) TestPutObjectNormalPks8(c *C) { 256 // create a bucket with default proprety 257 client, err := oss.New(endpoint, accessID, accessKey) 258 c.Assert(err, IsNil) 259 260 bucketName := bucketNamePrefix + RandLowStr(6) 261 err = client.CreateBucket(bucketName) 262 c.Assert(err, IsNil) 263 264 // crypto bucket 265 testMatDesc := make(map[string]string) 266 testMatDesc["desc"] = "test rsa key" 267 masterRsaCipher, _ := CreateMasterRsa(testMatDesc, rsaPublicKey, rsaPrivateKey) 268 contentProvider := CreateAesCtrCipher(masterRsaCipher) 269 bucket, err := GetCryptoBucket(client, bucketName, contentProvider) 270 271 objectName := objectNamePrefix + RandStr(8) 272 objectValue := RandStr(1023) 273 274 // Put string 275 var respHeader http.Header 276 err = bucket.PutObject(objectName, strings.NewReader(objectValue), oss.GetResponseHeader(&respHeader)) 277 c.Assert(err, IsNil) 278 279 // Check 280 body, err := bucket.GetObject(objectName) 281 c.Assert(err, IsNil) 282 text, err := ReadBody(body) 283 c.Assert(text, Equals, objectValue) 284 285 // non-crypto bucket download 286 normalBucket, err := client.Bucket(bucketName) 287 c.Assert(err, IsNil) 288 body, err = normalBucket.GetObject(objectName) 289 c.Assert(err, IsNil) 290 encryptText, err := ReadBody(body) 291 c.Assert(encryptText != objectValue, Equals, true) 292 293 // acl 294 acl, err := bucket.GetObjectACL(objectName) 295 c.Assert(err, IsNil) 296 c.Assert(acl.ACL, Equals, "default") 297 298 err = bucket.DeleteObject(objectName) 299 c.Assert(err, IsNil) 300 301 // put with meta 302 options := []oss.Option{ 303 oss.ObjectACL(oss.ACLPublicRead), 304 oss.Meta("myprop", "mypropval"), 305 } 306 err = bucket.PutObject(objectName, strings.NewReader(objectValue), options...) 307 c.Assert(err, IsNil) 308 309 // Check 310 body, err = bucket.GetObject(objectName) 311 c.Assert(err, IsNil) 312 text, err = ReadBody(body) 313 c.Assert(err, IsNil) 314 c.Assert(text, Equals, objectValue) 315 316 acl, err = bucket.GetObjectACL(objectName) 317 c.Assert(err, IsNil) 318 c.Assert(acl.ACL, Equals, string(oss.ACLPublicRead)) 319 320 meta, err := bucket.GetObjectDetailedMeta(objectName) 321 c.Assert(err, IsNil) 322 c.Assert(meta.Get("X-Oss-Meta-Myprop"), Equals, "mypropval") 323 324 ForceDeleteBucket(client, bucketName, c) 325 } 326 327 func (s *OssCryptoBucketSuite) TestPutObjectNormalPks1(c *C) { 328 // create a bucket with default proprety 329 client, err := oss.New(endpoint, accessID, accessKey) 330 c.Assert(err, IsNil) 331 332 bucketName := bucketNamePrefix + RandLowStr(6) 333 err = client.CreateBucket(bucketName) 334 c.Assert(err, IsNil) 335 336 // crypto bucket 337 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKeyPks1, rsaPrivateKeyPks1) 338 contentProvider := CreateAesCtrCipher(masterRsaCipher) 339 bucket, err := GetCryptoBucket(client, bucketName, contentProvider) 340 341 objectName := objectNamePrefix + RandStr(8) 342 objectValue := RandStr(1023) 343 344 // Put string 345 var respHeader http.Header 346 err = bucket.PutObject(objectName, strings.NewReader(objectValue), oss.GetResponseHeader(&respHeader)) 347 c.Assert(err, IsNil) 348 349 // Check 350 body, err := bucket.GetObject(objectName) 351 c.Assert(err, IsNil) 352 text, err := ReadBody(body) 353 c.Assert(text, Equals, objectValue) 354 355 // non-crypto bucket download 356 normalBucket, err := client.Bucket(bucketName) 357 c.Assert(err, IsNil) 358 body, err = normalBucket.GetObject(objectName) 359 c.Assert(err, IsNil) 360 encryptText, err := ReadBody(body) 361 c.Assert(encryptText != objectValue, Equals, true) 362 363 // acl 364 acl, err := bucket.GetObjectACL(objectName) 365 c.Assert(err, IsNil) 366 c.Assert(acl.ACL, Equals, "default") 367 368 err = bucket.DeleteObject(objectName) 369 c.Assert(err, IsNil) 370 371 // put with meta 372 options := []oss.Option{ 373 oss.ObjectACL(oss.ACLPublicRead), 374 oss.Meta("myprop", "mypropval"), 375 } 376 err = bucket.PutObject(objectName, strings.NewReader(objectValue), options...) 377 c.Assert(err, IsNil) 378 379 // Check 380 body, err = bucket.GetObject(objectName) 381 c.Assert(err, IsNil) 382 text, err = ReadBody(body) 383 c.Assert(err, IsNil) 384 c.Assert(text, Equals, objectValue) 385 386 acl, err = bucket.GetObjectACL(objectName) 387 c.Assert(err, IsNil) 388 c.Assert(acl.ACL, Equals, string(oss.ACLPublicRead)) 389 390 meta, err := bucket.GetObjectDetailedMeta(objectName) 391 c.Assert(err, IsNil) 392 c.Assert(meta.Get("X-Oss-Meta-Myprop"), Equals, "mypropval") 393 394 ForceDeleteBucket(client, bucketName, c) 395 } 396 397 func (s *OssCryptoBucketSuite) TestPutObjectEmptyPks1(c *C) { 398 // create a bucket with default proprety 399 client, err := oss.New(endpoint, accessID, accessKey) 400 c.Assert(err, IsNil) 401 402 bucketName := bucketNamePrefix + RandLowStr(6) 403 err = client.CreateBucket(bucketName) 404 c.Assert(err, IsNil) 405 406 // crypto bucket 407 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKeyPks1, rsaPrivateKeyPks1) 408 contentProvider := CreateAesCtrCipher(masterRsaCipher) 409 bucket, err := GetCryptoBucket(client, bucketName, contentProvider) 410 411 objectName := objectNamePrefix + RandStr(8) 412 objectValue := "" 413 414 // Put empty string 415 var respHeader http.Header 416 err = bucket.PutObject(objectName, strings.NewReader(objectValue), oss.GetResponseHeader(&respHeader)) 417 c.Assert(err, IsNil) 418 419 // Check 420 body, err := bucket.GetObject(objectName) 421 c.Assert(err, IsNil) 422 text, err := ReadBody(body) 423 c.Assert(text, Equals, objectValue) 424 425 // non-crypto bucket download 426 normalBucket, err := client.Bucket(bucketName) 427 c.Assert(err, IsNil) 428 body, err = normalBucket.GetObject(objectName) 429 c.Assert(err, IsNil) 430 encryptText, err := ReadBody(body) 431 c.Assert(encryptText == objectValue, Equals, true) 432 ForceDeleteBucket(client, bucketName, c) 433 } 434 435 func (s *OssCryptoBucketSuite) TestPutObjectSmallSizePks1(c *C) { 436 // create a bucket with default proprety 437 client, err := oss.New(endpoint, accessID, accessKey) 438 c.Assert(err, IsNil) 439 440 bucketName := bucketNamePrefix + RandLowStr(6) 441 err = client.CreateBucket(bucketName) 442 c.Assert(err, IsNil) 443 444 // crypto bucket 445 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKeyPks1, rsaPrivateKeyPks1) 446 contentProvider := CreateAesCtrCipher(masterRsaCipher) 447 bucket, err := GetCryptoBucket(client, bucketName, contentProvider) 448 449 objectName := objectNamePrefix + RandStr(8) 450 objectValue := "123" 451 452 var respHeader http.Header 453 err = bucket.PutObject(objectName, strings.NewReader(objectValue), oss.GetResponseHeader(&respHeader)) 454 c.Assert(err, IsNil) 455 456 // Check 457 body, err := bucket.GetObject(objectName) 458 c.Assert(err, IsNil) 459 text, err := ReadBody(body) 460 c.Assert(text, Equals, objectValue) 461 462 // non-crypto bucket download 463 normalBucket, err := client.Bucket(bucketName) 464 c.Assert(err, IsNil) 465 body, err = normalBucket.GetObject(objectName) 466 c.Assert(err, IsNil) 467 encryptText, err := ReadBody(body) 468 c.Assert(encryptText != objectValue, Equals, true) 469 ForceDeleteBucket(client, bucketName, c) 470 } 471 472 func (s *OssCryptoBucketSuite) TestPutObjectEmptyFilePks1(c *C) { 473 // create a bucket with default proprety 474 client, err := oss.New(endpoint, accessID, accessKey) 475 c.Assert(err, IsNil) 476 477 bucketName := bucketNamePrefix + RandLowStr(6) 478 err = client.CreateBucket(bucketName) 479 c.Assert(err, IsNil) 480 481 // crypto bucket 482 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKeyPks1, rsaPrivateKeyPks1) 483 contentProvider := CreateAesCtrCipher(masterRsaCipher) 484 bucket, err := GetCryptoBucket(client, bucketName, contentProvider) 485 486 fileName := "oss-go-sdk-test-file-" + RandStr(5) 487 fo, err := os.Create(fileName) 488 c.Assert(err, IsNil) 489 _, err = fo.Write([]byte("")) 490 c.Assert(err, IsNil) 491 fo.Close() 492 493 objectName := objectNamePrefix + RandStr(8) 494 495 // file not exist 496 err = bucket.PutObjectFromFile(objectName, "/root1/abc.txt") 497 c.Assert(err, NotNil) 498 499 err = bucket.PutObjectFromFile(objectName, fileName) 500 c.Assert(err, IsNil) 501 502 downFileName := fileName + "-down" 503 504 // Check 505 err = bucket.GetObjectToFile(objectName, downFileName) 506 c.Assert(err, IsNil) 507 508 b1, err := ioutil.ReadFile(fileName) 509 b2, err := ioutil.ReadFile(downFileName) 510 c.Assert(len(b1), Equals, 0) 511 c.Assert(string(b1), Equals, string(b2)) 512 513 os.Remove(downFileName) 514 os.Remove(fileName) 515 516 ForceDeleteBucket(client, bucketName, c) 517 } 518 519 func (s *OssCryptoBucketSuite) TestKmsPutObjectNormal(c *C) { 520 // create a bucket with default proprety 521 client, err := oss.New(endpoint, accessID, accessKey) 522 c.Assert(err, IsNil) 523 524 bucketName := bucketNamePrefix + RandLowStr(6) 525 err = client.CreateBucket(bucketName) 526 c.Assert(err, IsNil) 527 528 kmsClient, err := kms.NewClientWithAccessKey(kmsRegion, kmsAccessID, kmsAccessKey) 529 c.Assert(err, IsNil) 530 531 // crypto bucket 532 masterKmsCipher, _ := CreateMasterAliKms(matDesc, kmsID, kmsClient) 533 contentProvider := CreateAesCtrCipher(masterKmsCipher) 534 bucket, err := GetCryptoBucket(client, bucketName, contentProvider) 535 536 objectName := objectNamePrefix + RandStr(8) 537 objectValue := RandStr(1023) 538 539 // Put string 540 var respHeader http.Header 541 err = bucket.PutObject(objectName, strings.NewReader(objectValue), oss.GetResponseHeader(&respHeader)) 542 c.Assert(err, IsNil) 543 544 // Check 545 body, err := bucket.GetObject(objectName) 546 c.Assert(err, IsNil) 547 text, err := ReadBody(body) 548 c.Assert(text, Equals, objectValue) 549 550 // non-crypto bucket download 551 normalBucket, err := client.Bucket(bucketName) 552 c.Assert(err, IsNil) 553 body, err = normalBucket.GetObject(objectName) 554 c.Assert(err, IsNil) 555 encryptText, err := ReadBody(body) 556 c.Assert(encryptText != objectValue, Equals, true) 557 558 // acl 559 acl, err := bucket.GetObjectACL(objectName) 560 c.Assert(err, IsNil) 561 c.Assert(acl.ACL, Equals, "default") 562 563 err = bucket.DeleteObject(objectName) 564 c.Assert(err, IsNil) 565 566 // put with meta 567 options := []oss.Option{ 568 oss.ObjectACL(oss.ACLPublicRead), 569 oss.Meta("myprop", "mypropval"), 570 } 571 err = bucket.PutObject(objectName, strings.NewReader(objectValue), options...) 572 c.Assert(err, IsNil) 573 574 // Check 575 body, err = bucket.GetObject(objectName) 576 c.Assert(err, IsNil) 577 text, err = ReadBody(body) 578 c.Assert(err, IsNil) 579 c.Assert(text, Equals, objectValue) 580 581 acl, err = bucket.GetObjectACL(objectName) 582 c.Assert(err, IsNil) 583 c.Assert(acl.ACL, Equals, string(oss.ACLPublicRead)) 584 585 meta, err := bucket.GetObjectDetailedMeta(objectName) 586 c.Assert(err, IsNil) 587 c.Assert(meta.Get("X-Oss-Meta-Myprop"), Equals, "mypropval") 588 589 // put object error,bucket not exist 590 bucket.BucketName = bucket.BucketName + "-not-exist" 591 err = bucket.PutObject(objectName, strings.NewReader(objectValue), options...) 592 c.Assert(err, NotNil) 593 594 ForceDeleteBucket(client, bucketName, c) 595 } 596 597 type MockKmsManager struct { 598 } 599 600 func (mg *MockKmsManager) GetMasterKey(matDesc map[string]string) ([]string, error) { 601 if len(matDesc) == 0 { 602 return nil, fmt.Errorf("not found") 603 } 604 605 keyList := []string{kmsID} 606 return keyList, nil 607 } 608 609 func (s *OssCryptoBucketSuite) TestRsaBucketDecrptObjectWithKmsSuccess(c *C) { 610 // create a bucket with default proprety 611 client, err := oss.New(endpoint, accessID, accessKey) 612 c.Assert(err, IsNil) 613 614 bucketName := bucketNamePrefix + RandLowStr(6) 615 err = client.CreateBucket(bucketName) 616 c.Assert(err, IsNil) 617 618 kmsClient, err := kms.NewClientWithAccessKey(kmsRegion, kmsAccessID, kmsAccessKey) 619 c.Assert(err, IsNil) 620 621 // crypto bucket with kms 622 testMatDesc := make(map[string]string) 623 testMatDesc["desc"] = "test kms wrap" 624 masterKmsCipher, _ := CreateMasterAliKms(testMatDesc, kmsID, kmsClient) 625 contentProvider := CreateAesCtrCipher(masterKmsCipher) 626 bucket, err := GetCryptoBucket(client, bucketName, contentProvider) 627 628 objectName := objectNamePrefix + RandStr(8) 629 objectValue := RandStr(1023) 630 631 // Put string 632 var respHeader http.Header 633 err = bucket.PutObject(objectName, strings.NewReader(objectValue), oss.GetResponseHeader(&respHeader)) 634 c.Assert(err, IsNil) 635 636 // crypto bucket with rsa 637 var masterManager MockKmsManager 638 var options []CryptoBucketOption 639 options = append(options, SetAliKmsClient(kmsClient)) 640 options = append(options, SetMasterCipherManager(&masterManager)) 641 642 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKey, rsaPrivateKey) 643 rsaProvider := CreateAesCtrCipher(masterRsaCipher) 644 rsaBucket, err := GetCryptoBucket(client, bucketName, rsaProvider, options...) 645 646 // Check 647 body, err := rsaBucket.GetObject(objectName) 648 c.Assert(err, IsNil) 649 text, err := ReadBody(body) 650 c.Assert(text, Equals, objectValue) 651 652 // non-crypto bucket download 653 normalBucket, err := client.Bucket(bucketName) 654 c.Assert(err, IsNil) 655 body, err = normalBucket.GetObject(objectName) 656 c.Assert(err, IsNil) 657 encryptText, err := ReadBody(body) 658 c.Assert(encryptText != objectValue, Equals, true) 659 ForceDeleteBucket(client, bucketName, c) 660 } 661 662 func (s *OssCryptoBucketSuite) TestRsaBucketDecrptObjectWithKmsError(c *C) { 663 // create a bucket with default proprety 664 client, err := oss.New(endpoint, accessID, accessKey) 665 c.Assert(err, IsNil) 666 667 bucketName := bucketNamePrefix + RandLowStr(6) 668 err = client.CreateBucket(bucketName) 669 c.Assert(err, IsNil) 670 671 kmsClient, err := kms.NewClientWithAccessKey(kmsRegion, kmsAccessID, kmsAccessKey) 672 c.Assert(err, IsNil) 673 674 // crypto bucket with kms 675 testMatDesc := make(map[string]string) 676 testMatDesc["desc"] = "test kms wrap" 677 masterKmsCipher, _ := CreateMasterAliKms(testMatDesc, kmsID, kmsClient) 678 contentProvider := CreateAesCtrCipher(masterKmsCipher) 679 bucket, err := GetCryptoBucket(client, bucketName, contentProvider) 680 681 objectName := objectNamePrefix + RandStr(8) 682 objectValue := RandStr(1023) 683 684 // Put string 685 var respHeader http.Header 686 err = bucket.PutObject(objectName, strings.NewReader(objectValue), oss.GetResponseHeader(&respHeader)) 687 c.Assert(err, IsNil) 688 689 // crypto bucket with rsa 690 var masterManager MockKmsManager 691 var options []CryptoBucketOption 692 693 // kms client is nil 694 //options = append(options, SetAliKmsClient(kmsClient)) 695 696 options = append(options, SetMasterCipherManager(&masterManager)) 697 698 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKey, rsaPrivateKey) 699 rsaProvider := CreateAesCtrCipher(masterRsaCipher) 700 rsaBucket, err := GetCryptoBucket(client, bucketName, rsaProvider, options...) 701 702 // Check 703 _, err = rsaBucket.GetObject(objectName) 704 c.Assert(err, NotNil) 705 ForceDeleteBucket(client, bucketName, c) 706 } 707 708 func (s *OssCryptoBucketSuite) TestRangeGetObject(c *C) { 709 // create a bucket with default proprety 710 client, err := oss.New(endpoint, accessID, accessKey) 711 c.Assert(err, IsNil) 712 713 bucketName := bucketNamePrefix + RandLowStr(6) 714 err = client.CreateBucket(bucketName) 715 c.Assert(err, IsNil) 716 717 // crypto bucket 718 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKey, rsaPrivateKey) 719 contentProvider := CreateAesCtrCipher(masterRsaCipher) 720 bucket, err := GetCryptoBucket(client, bucketName, contentProvider) 721 722 objectName := objectNamePrefix + RandStr(8) 723 contentLen := 1024 * 1024 724 content := RandStr(contentLen) 725 err = bucket.PutObject(objectName, strings.NewReader(content)) 726 c.Assert(err, IsNil) 727 728 // range get 729 for i := 0; i < 20; i++ { 730 math_rand.Seed(time.Now().UnixNano()) 731 rangeStart := rand.Intn(contentLen) 732 rangeEnd := rangeStart + rand.Intn(contentLen-rangeStart) 733 if rangeEnd == rangeStart || rangeStart >= contentLen-1 { 734 continue 735 } 736 737 body, err := bucket.GetObject(objectName, oss.Range(int64(rangeStart), int64(rangeEnd))) 738 c.Assert(err, IsNil) 739 downText, err := ReadBody(body) 740 c.Assert(len(downText) > 0, Equals, true) 741 downMd5 := GetStringMd5(downText) 742 743 srcText := content[rangeStart : rangeEnd+1] 744 srcMd5 := GetStringMd5(srcText) 745 746 c.Assert(len(downText), Equals, len(srcText)) 747 c.Assert(downMd5, Equals, srcMd5) 748 } 749 ForceDeleteBucket(client, bucketName, c) 750 } 751 752 func (s *OssCryptoBucketSuite) TestGetNormalObject(c *C) { 753 // create a bucket with default proprety 754 client, err := oss.New(endpoint, accessID, accessKey) 755 c.Assert(err, IsNil) 756 757 bucketName := bucketNamePrefix + RandLowStr(6) 758 err = client.CreateBucket(bucketName) 759 c.Assert(err, IsNil) 760 761 // crypto bucket 762 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKey, rsaPrivateKey) 763 contentProvider := CreateAesCtrCipher(masterRsaCipher) 764 bucket, err := GetCryptoBucket(client, bucketName, contentProvider) 765 766 // normal bucket 767 normalBucket, _ := client.Bucket(bucketName) 768 769 objectName := objectNamePrefix + RandStr(8) 770 objectValue := RandStr(1023) 771 772 // Put string 773 err = normalBucket.PutObject(objectName, strings.NewReader(objectValue)) 774 c.Assert(err, IsNil) 775 776 // Check 777 body, err := bucket.GetObject(objectName) 778 c.Assert(err, IsNil) 779 text, err := ReadBody(body) 780 c.Assert(text, Equals, objectValue) 781 782 // delete object 783 err = bucket.DeleteObject(objectName) 784 c.Assert(err, IsNil) 785 786 // get object again 787 body, err = bucket.GetObject(objectName) 788 c.Assert(err, NotNil) 789 790 ForceDeleteBucket(client, bucketName, c) 791 } 792 793 func (s *OssCryptoBucketSuite) TestGetCryptoBucketNotSupport(c *C) { 794 // create a bucket with default proprety 795 client, err := oss.New(endpoint, accessID, accessKey) 796 c.Assert(err, IsNil) 797 798 bucketName := bucketNamePrefix + RandLowStr(6) 799 800 // crypto bucket 801 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKey, rsaPrivateKey) 802 contentProvider := CreateAesCtrCipher(masterRsaCipher) 803 bucket, err := GetCryptoBucket(client, bucketName, contentProvider) 804 805 objectName := objectNamePrefix + RandStr(8) 806 objectValue := RandStr(1023) 807 808 // AppendObject 809 _, err = bucket.AppendObject(objectName, strings.NewReader(objectValue), 0) 810 c.Assert(err, NotNil) 811 812 // DoAppendObject 813 var request oss.AppendObjectRequest 814 var options []oss.Option 815 _, err = bucket.DoAppendObject(&request, options) 816 c.Assert(err, NotNil) 817 818 // PutObjectWithURL 819 err = bucket.PutObjectWithURL("oss://bucket/object", strings.NewReader(objectValue)) 820 c.Assert(err, NotNil) 821 822 // PutObjectFromFileWithURL 823 err = bucket.PutObjectFromFileWithURL("oss://bucket/object", "file.txt") 824 c.Assert(err, NotNil) 825 826 // DoPutObjectWithURL 827 _, err = bucket.DoPutObjectWithURL("oss://bucket/object", strings.NewReader(objectValue), options) 828 c.Assert(err, NotNil) 829 830 // GetObjectWithURL 831 _, err = bucket.GetObjectWithURL("oss://bucket/object") 832 c.Assert(err, NotNil) 833 834 // GetObjectToFileWithURL 835 err = bucket.GetObjectToFileWithURL("oss://bucket/object", "file.txt") 836 c.Assert(err, NotNil) 837 838 // DoGetObjectWithURL 839 _, err = bucket.DoGetObjectWithURL("oss://bucket/object", options) 840 c.Assert(err, NotNil) 841 842 // ProcessObject 843 _, err = bucket.ProcessObject("oss://bucket/object", "") 844 c.Assert(err, NotNil) 845 846 // DownloadFile 847 err = bucket.DownloadFile(objectName, "file.txt", 1024) 848 c.Assert(err, NotNil) 849 850 // CopyFile 851 err = bucket.CopyFile("src-bucket", "src-object", "dest-object", 1024) 852 c.Assert(err, NotNil) 853 854 // UploadFile 855 err = bucket.UploadFile(objectName, "file.txt", 1024) 856 c.Assert(err, NotNil) 857 } 858 859 type MockRsaManager struct { 860 } 861 862 func (mg *MockRsaManager) GetMasterKey(matDesc map[string]string) ([]string, error) { 863 if len(matDesc) == 0 { 864 return nil, fmt.Errorf("not found") 865 } 866 867 keyList := []string{rsaPublicKey, rsaPrivateKey} 868 return keyList, nil 869 } 870 871 func (s *OssCryptoBucketSuite) TestGetMasterKey(c *C) { 872 // create a bucket with default proprety 873 client, err := oss.New(endpoint, accessID, accessKey) 874 c.Assert(err, IsNil) 875 876 bucketName := bucketNamePrefix + RandLowStr(6) 877 err = client.CreateBucket(bucketName) 878 c.Assert(err, IsNil) 879 880 // crypto bucket 881 testMatDesc := make(map[string]string) 882 testMatDesc["desc"] = "test rsa key" 883 masterRsaCipher, _ := CreateMasterRsa(testMatDesc, rsaPublicKey, rsaPrivateKey) 884 contentProvider := CreateAesCtrCipher(masterRsaCipher) 885 bucket, err := GetCryptoBucket(client, bucketName, contentProvider) 886 887 objectName := objectNamePrefix + RandStr(8) 888 889 fileName := "../../sample/BingWallpaper-2015-11-07.jpg" 890 srcMD5, err := GetFileMD5(fileName) 891 c.Assert(err, IsNil) 892 893 err = bucket.PutObjectFromFile(objectName, fileName) 894 c.Assert(err, IsNil) 895 896 // other crypto bucket 897 var rsaManager MockRsaManager 898 masterRsaCipherOther, _ := CreateMasterRsa(matDesc, rsaPublicKey, rsaPrivateKey) 899 contentProviderOther := CreateAesCtrCipher(masterRsaCipherOther) 900 bucketOther, err := GetCryptoBucket(client, bucketName, contentProviderOther, SetMasterCipherManager(&rsaManager)) 901 902 // download 903 downfileName := "test-go-sdk-file-" + RandLowStr(5) + ".jpg" 904 err = bucketOther.GetObjectToFile(objectName, downfileName) 905 c.Assert(err, IsNil) 906 downFileMD5, err := GetFileMD5(downfileName) 907 c.Assert(err, IsNil) 908 c.Assert(downFileMD5, Equals, srcMD5) 909 910 // GetObjectToFile error 911 err = bucketOther.GetObjectToFile(objectName, "/root1/"+downfileName) 912 c.Assert(err, NotNil) 913 914 os.Remove(downfileName) 915 ForceDeleteBucket(client, bucketName, c) 916 } 917 918 type MockReader struct { 919 Reader io.Reader 920 } 921 922 func (r *MockReader) Read(b []byte) (int, error) { 923 return r.Reader.Read(b) 924 } 925 926 func (s *OssCryptoBucketSuite) TestPutObjectUnkownReaderLen(c *C) { 927 // create a bucket with default proprety 928 client, err := oss.New(endpoint, accessID, accessKey) 929 c.Assert(err, IsNil) 930 931 bucketName := bucketNamePrefix + RandLowStr(6) 932 err = client.CreateBucket(bucketName) 933 c.Assert(err, IsNil) 934 935 // crypto bucket 936 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKey, rsaPrivateKey) 937 contentProvider := CreateAesCtrCipher(masterRsaCipher) 938 bucket, err := GetCryptoBucket(client, bucketName, contentProvider) 939 940 objectName := objectNamePrefix + RandStr(8) 941 objectValue := RandStr(1023) 942 943 srcMD5 := GetStringMd5(objectValue) 944 options := []oss.Option{oss.ContentMD5(srcMD5), oss.ContentLength(1023)} 945 946 // Put string 947 mockReader := &MockReader{strings.NewReader(objectValue)} 948 err = bucket.PutObject(objectName, mockReader, options...) 949 c.Assert(err, IsNil) 950 951 // Check 952 body, err := bucket.GetObject(objectName) 953 c.Assert(err, IsNil) 954 text, err := ReadBody(body) 955 c.Assert(text, Equals, objectValue) 956 957 ForceDeleteBucket(client, bucketName, c) 958 } 959 960 func (s *OssCryptoBucketSuite) TestGetDecryptCipher(c *C) { 961 // create a bucket with default proprety 962 client, err := oss.New(endpoint, accessID, accessKey) 963 c.Assert(err, IsNil) 964 965 bucketName := bucketNamePrefix + RandLowStr(6) 966 err = client.CreateBucket(bucketName) 967 c.Assert(err, IsNil) 968 969 // crypto bucket 970 var rsaManager MockRsaManager 971 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKey, rsaPrivateKey) 972 contentProvider := CreateAesCtrCipher(masterRsaCipher) 973 bucket, err := GetCryptoBucket(client, bucketName, contentProvider, SetMasterCipherManager(&rsaManager)) 974 975 objectName := objectNamePrefix + RandStr(8) 976 objectValue := RandStr(1023) 977 978 // Put string 979 var respHeader http.Header 980 err = bucket.PutObject(objectName, strings.NewReader(objectValue), oss.GetResponseHeader(&respHeader)) 981 c.Assert(err, IsNil) 982 983 // first,we must head object 984 metaInfo, err := bucket.GetObjectDetailedMeta(objectName) 985 c.Assert(err, IsNil) 986 987 envelope, _ := getEnvelopeFromHeader(metaInfo) 988 989 // test for getEnvelopeFromHeader 990 metaInfo.Set(oss.HTTPHeaderOssMetaPrefix+OssClientSideEncryptionKey, string([]byte{200, 200, 200})) 991 _, err = getEnvelopeFromHeader(metaInfo) 992 c.Assert(err, NotNil) 993 metaInfo.Set(oss.HTTPHeaderOssMetaPrefix+OssClientSideEncryptionKey, envelope.CipherKey) 994 995 metaInfo.Set(oss.HTTPHeaderOssMetaPrefix+OssClientSideEncryptionStart, string([]byte{200, 200, 200})) 996 _, err = getEnvelopeFromHeader(metaInfo) 997 c.Assert(err, NotNil) 998 metaInfo.Set(oss.HTTPHeaderOssMetaPrefix+OssClientSideEncryptionKey, envelope.IV) 999 1000 // test for getDecryptCipher 1001 CEKAlg := envelope.CEKAlg 1002 envelope.CEKAlg = "" 1003 _, err = bucket.ExtraCipherBuilder.GetDecryptCipher(envelope, bucket.MasterCipherManager) 1004 c.Assert(err, NotNil) 1005 envelope.CEKAlg = CEKAlg 1006 1007 // matDesc is emtpy 1008 bucket.MasterCipherManager = &MockRsaManager{} 1009 _, err = bucket.ExtraCipherBuilder.GetDecryptCipher(envelope, bucket.MasterCipherManager) 1010 c.Assert(err, NotNil) 1011 1012 // MasterCipherManager is nil 1013 bucket.MasterCipherManager = nil 1014 _, err = bucket.ExtraCipherBuilder.GetDecryptCipher(envelope, bucket.MasterCipherManager) 1015 c.Assert(err, NotNil) 1016 1017 WrapAlg := envelope.WrapAlg 1018 envelope.WrapAlg = "test" 1019 _, err = bucket.ExtraCipherBuilder.GetDecryptCipher(envelope, bucket.MasterCipherManager) 1020 c.Assert(err, NotNil) 1021 envelope.WrapAlg = WrapAlg 1022 1023 envelope.WrapAlg = KmsAliCryptoWrap 1024 _, err = bucket.ExtraCipherBuilder.GetDecryptCipher(envelope, bucket.MasterCipherManager) 1025 c.Assert(err, NotNil) 1026 ForceDeleteBucket(client, bucketName, c) 1027 } 1028 1029 func (s *OssCryptoBucketSuite) TestGetObjectEncryptedByCppRsa(c *C) { 1030 // create a bucket with default proprety 1031 client, err := oss.New(endpoint, accessID, accessKey) 1032 c.Assert(err, IsNil) 1033 1034 bucketName := bucketNamePrefix + RandLowStr(6) 1035 err = client.CreateBucket(bucketName) 1036 c.Assert(err, IsNil) 1037 1038 // put object encrypted by cpp 1039 bucket, err := client.Bucket(bucketName) 1040 c.Assert(err, IsNil) 1041 1042 objectName := objectNamePrefix + RandStr(8) 1043 srcJpgFile := "../../sample/test-client-encryption-src.jpg" 1044 fileEncryptedByCpp := "../../sample/test-client-encryption-crypto-cpp-rsa.jpg" 1045 1046 opts := []oss.Option{} 1047 opts = append(opts, oss.Meta(OssClientSideEncryptionKey, "nyXOp7delQ/MQLjKQMhHLaT0w7u2yQoDLkSnK8MFg/MwYdh4na4/LS8LLbLcM18m8I/ObWUHU775I50sJCpdv+f4e0jLeVRRiDFWe+uo7Puc9j4xHj8YB3QlcIOFQiTxHIB6q+C+RA6lGwqqYVa+n3aV5uWhygyv1MWmESurppg=")) 1048 opts = append(opts, oss.Meta(OssClientSideEncryptionStart, "De/S3T8wFjx7QPxAAFl7h7TeI2EsZlfCwox4WhLGng5DK2vNXxULmulMUUpYkdc9umqmDilgSy5Z3Foafw+v4JJThfw68T/9G2gxZLrQTbAlvFPFfPM9Ehk6cY4+8WpY32uN8w5vrHyoSZGr343NxCUGIp6fQ9sSuOLMoJg7hNw=")) 1049 opts = append(opts, oss.Meta(OssClientSideEncryptionWrapAlg, "RSA/NONE/PKCS1Padding")) 1050 opts = append(opts, oss.Meta(OssClientSideEncryptionCekAlg, "AES/CTR/NoPadding")) 1051 err = bucket.PutObjectFromFile(objectName, fileEncryptedByCpp, opts...) 1052 c.Assert(err, IsNil) 1053 1054 // download with crypto bucket 1055 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKey, rsaPrivateKey) 1056 contentProvider := CreateAesCtrCipher(masterRsaCipher) 1057 cryptoBucket, err := GetCryptoBucket(client, bucketName, contentProvider) 1058 1059 downFileName := "oss-go-sdk-test-file-" + RandStr(5) 1060 err = cryptoBucket.GetObjectToFile(objectName, downFileName) 1061 c.Assert(err, IsNil) 1062 1063 downMd5, _ := GetFileMD5(downFileName) 1064 srcJpgMd5, _ := GetFileMD5(srcJpgFile) 1065 c.Assert(downMd5, Equals, srcJpgMd5) 1066 os.Remove(downFileName) 1067 1068 ForceDeleteBucket(client, bucketName, c) 1069 } 1070 1071 func (s *OssCryptoBucketSuite) TestGetObjectEncryptedByPythonRsa(c *C) { 1072 // create a bucket with default proprety 1073 client, err := oss.New(endpoint, accessID, accessKey) 1074 c.Assert(err, IsNil) 1075 1076 bucketName := bucketNamePrefix + RandLowStr(6) 1077 err = client.CreateBucket(bucketName) 1078 c.Assert(err, IsNil) 1079 1080 // put object encrypted by python 1081 bucket, err := client.Bucket(bucketName) 1082 c.Assert(err, IsNil) 1083 1084 objectName := objectNamePrefix + RandStr(8) 1085 srcJpgFile := "../../sample/test-client-encryption-src.jpg" 1086 fileEncryptedByCpp := "../../sample/test-client-encryption-crypto-python-rsa.jpg" 1087 1088 opts := []oss.Option{} 1089 opts = append(opts, oss.Meta(OssClientSideEncryptionKey, "ZNQM4g+JykUfOBMkfL8kbvChD3R23UH53sRyTg42h9H2ph8ZJJlo2tSP5Oi3nR5gJAwA/OTrruNq02M2Zt4N7zVWdbFArKbY/CkHpihVYOqsSU4Z8RmrNBm4QfC5om2WElRHNt8hlqhnvzhdorGDB5OoMQ8KvQqXDC53aM5OY64=")) 1090 opts = append(opts, oss.Meta(OssClientSideEncryptionStart, "mZ6kts6kaMm++0akhQQZl+tj8gPWznZ+giHciCQTIzriwBzZZO4d85YZeBStuUPshdnO3QHK63/NH9QFL6pwpLiXI9UZxkGygkp82oB4jaF4HKoQ4ujd670pXLxpljBLnp0sCxiCIaf5Fzp4jgNCurXycY10/5DN7yPPtdw7dkk=")) 1091 opts = append(opts, oss.Meta(OssClientSideEncryptionWrapAlg, "RSA/NONE/PKCS1Padding")) 1092 opts = append(opts, oss.Meta(OssClientSideEncryptionCekAlg, "AES/CTR/NoPadding")) 1093 err = bucket.PutObjectFromFile(objectName, fileEncryptedByCpp, opts...) 1094 c.Assert(err, IsNil) 1095 1096 // download with crypto bucket 1097 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKey, rsaPrivateKey) 1098 contentProvider := CreateAesCtrCipher(masterRsaCipher) 1099 cryptoBucket, err := GetCryptoBucket(client, bucketName, contentProvider) 1100 1101 downFileName := "oss-go-sdk-test-file-" + RandStr(5) 1102 err = cryptoBucket.GetObjectToFile(objectName, downFileName) 1103 c.Assert(err, IsNil) 1104 1105 downMd5, _ := GetFileMD5(downFileName) 1106 srcJpgMd5, _ := GetFileMD5(srcJpgFile) 1107 c.Assert(downMd5, Equals, srcJpgMd5) 1108 os.Remove(downFileName) 1109 1110 ForceDeleteBucket(client, bucketName, c) 1111 } 1112 1113 func (s *OssCryptoBucketSuite) TestRepeatedPutObjectFromFile(c *C) { 1114 // create a bucket with default proprety 1115 client, err := oss.New(endpoint, accessID, accessKey) 1116 c.Assert(err, IsNil) 1117 1118 bucketName := bucketNamePrefix + RandLowStr(6) 1119 err = client.CreateBucket(bucketName) 1120 c.Assert(err, IsNil) 1121 1122 objectName := objectNamePrefix + RandStr(8) 1123 srcJpgFile := "../../sample/test-client-encryption-src.jpg" 1124 1125 // put object from file 1126 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKey, rsaPrivateKey) 1127 contentProvider := CreateAesCtrCipher(masterRsaCipher) 1128 cryptoBucket, err := GetCryptoBucket(client, bucketName, contentProvider) 1129 1130 err = cryptoBucket.PutObjectFromFile(objectName, srcJpgFile) 1131 c.Assert(err, IsNil) 1132 1133 downFileName := "oss-go-sdk-test-file-" + RandStr(5) 1134 err = cryptoBucket.GetObjectToFile(objectName, downFileName) 1135 c.Assert(err, IsNil) 1136 1137 srcJpgMd5, _ := GetFileMD5(srcJpgFile) 1138 downMd5, _ := GetFileMD5(downFileName) 1139 c.Assert(len(srcJpgMd5) > 0, Equals, true) 1140 c.Assert(len(downMd5) > 0, Equals, true) 1141 c.Assert(downMd5, Equals, srcJpgMd5) 1142 os.Remove(downFileName) 1143 1144 err = cryptoBucket.PutObjectFromFile(objectName+"-other", srcJpgFile) 1145 c.Assert(err, IsNil) 1146 err = cryptoBucket.GetObjectToFile(objectName, downFileName) 1147 c.Assert(err, IsNil) 1148 downMd5, _ = GetFileMD5(downFileName) 1149 c.Assert(downMd5, Equals, srcJpgMd5) 1150 1151 os.Remove(downFileName) 1152 ForceDeleteBucket(client, bucketName, c) 1153 } 1154 1155 func (s *OssCryptoBucketSuite) TestPutObjectEncryptionUserAgent(c *C) { 1156 logName := "." + string(os.PathSeparator) + "test-go-sdk.log" + RandStr(5) 1157 f, err := os.OpenFile(logName, os.O_CREATE|os.O_TRUNC|os.O_RDWR, 0660) 1158 c.Assert(err, IsNil) 1159 1160 // create a bucket with default proprety 1161 client, err := oss.New(endpoint, accessID, accessKey) 1162 c.Assert(err, IsNil) 1163 client.Config.LogLevel = oss.Debug 1164 client.Config.Logger = log.New(f, "", log.LstdFlags) 1165 1166 bucketName := bucketNamePrefix + RandLowStr(6) 1167 err = client.CreateBucket(bucketName) 1168 c.Assert(err, IsNil) 1169 1170 objectName := objectNamePrefix + RandStr(8) 1171 srcJpgFile := "../../sample/test-client-encryption-src.jpg" 1172 1173 // put object from file 1174 masterRsaCipher, _ := CreateMasterRsa(matDesc, rsaPublicKey, rsaPrivateKey) 1175 contentProvider := CreateAesCtrCipher(masterRsaCipher) 1176 cryptoBucket, err := GetCryptoBucket(client, bucketName, contentProvider) 1177 1178 err = cryptoBucket.PutObjectFromFile(objectName, srcJpgFile) 1179 c.Assert(err, IsNil) 1180 1181 // read log file,get http info 1182 contents, err := ioutil.ReadFile(logName) 1183 c.Assert(err, IsNil) 1184 1185 httpContent := string(contents) 1186 c.Assert(strings.Contains(httpContent, EncryptionUaSuffix), Equals, true) 1187 1188 f.Close() 1189 os.Remove(logName) 1190 ForceDeleteBucket(client, bucketName, c) 1191 } 1192 1193 func (s *OssCryptoBucketSuite) TestPutObjectNormalUserAgent(c *C) { 1194 logName := "." + string(os.PathSeparator) + "test-go-sdk.log" + RandStr(5) 1195 f, err := os.OpenFile(logName, os.O_CREATE|os.O_TRUNC|os.O_RDWR, 0660) 1196 c.Assert(err, IsNil) 1197 1198 // create a bucket with default proprety 1199 client, err := oss.New(endpoint, accessID, accessKey) 1200 c.Assert(err, IsNil) 1201 client.Config.LogLevel = oss.Debug 1202 client.Config.Logger = log.New(f, "", log.LstdFlags) 1203 1204 bucketName := bucketNamePrefix + RandLowStr(6) 1205 err = client.CreateBucket(bucketName) 1206 c.Assert(err, IsNil) 1207 1208 objectName := objectNamePrefix + RandStr(8) 1209 srcJpgFile := "../../sample/test-client-encryption-src.jpg" 1210 1211 bucket, err := client.Bucket(bucketName) 1212 1213 err = bucket.PutObjectFromFile(objectName, srcJpgFile) 1214 c.Assert(err, IsNil) 1215 1216 // read log file,get http info 1217 contents, err := ioutil.ReadFile(logName) 1218 c.Assert(err, IsNil) 1219 1220 httpContent := string(contents) 1221 c.Assert(strings.Contains(httpContent, EncryptionUaSuffix), Equals, false) 1222 1223 f.Close() 1224 os.Remove(logName) 1225 ForceDeleteBucket(client, bucketName, c) 1226 }