github.com/minio/minio-go/v6@v6.0.57/examples/s3/putobject-client-encryption.go

github.com/minio/minio-go/v6@v6.0.57/examples/s3/putobject-client-encryption.go (about)

     1  // +build ignore
     2  
     3  /*
     4   * MinIO Go Library for Amazon S3 Compatible Cloud Storage
     5   * Copyright 2018 MinIO, Inc.
     6   *
     7   * Licensed under the Apache License, Version 2.0 (the "License");
     8   * you may not use this file except in compliance with the License.
     9   * You may obtain a copy of the License at
    10   *
    11   *     http://www.apache.org/licenses/LICENSE-2.0
    12   *
    13   * Unless required by applicable law or agreed to in writing, software
    14   * distributed under the License is distributed on an "AS IS" BASIS,
    15   * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    16   * See the License for the specific language governing permissions and
    17   * limitations under the License.
    18   */
    19  
    20  package main
    21  
    22  import (
    23  	"log"
    24  	"os"
    25  	"path"
    26  
    27  	"github.com/minio/minio-go/v6"
    28  	"github.com/minio/sio"
    29  	"golang.org/x/crypto/argon2"
    30  )
    31  
    32  func main() {
    33  	// Note: YOUR-ACCESSKEYID, YOUR-SECRETACCESSKEY, my-testfile, my-bucketname and
    34  	// my-objectname are dummy values, please replace them with original values.
    35  
    36  	// Requests are always secure (HTTPS) by default. Set secure=false to enable insecure (HTTP) access.
    37  	// This boolean value is the last argument for New().
    38  
    39  	// New returns an Amazon S3 compatible client object. API compatibility (v2 or v4) is automatically
    40  	// determined based on the Endpoint value.
    41  	s3Client, err := minio.New("s3.amazonaws.com", "YOUR-ACCESSKEYID", "YOUR-SECRETACCESSKEY", true)
    42  	if err != nil {
    43  		log.Fatalln(err)
    44  	}
    45  
    46  	object, err := os.Open("my-testfile")
    47  	if err != nil {
    48  		log.Fatalln(err)
    49  	}
    50  	defer object.Close()
    51  	objectStat, err := object.Stat()
    52  	if err != nil {
    53  		log.Fatalln(err)
    54  	}
    55  
    56  	password := []byte("myfavoritepassword")                    // Change as per your needs.
    57  	salt := []byte(path.Join("my-bucketname", "my-objectname")) // Change as per your needs.
    58  	encrypted, err := sio.EncryptReader(object, sio.Config{
    59  		// generate a 256 bit long key.
    60  		Key: argon2.IDKey(password, salt, 1, 64*1024, 4, 32),
    61  	})
    62  	if err != nil {
    63  		log.Fatalln(err)
    64  	}
    65  
    66  	encSize, err := sio.EncryptedSize(uint64(objectStat.Size()))
    67  	if err != nil {
    68  		log.Fatalln(err)
    69  	}
    70  	_, err = s3Client.PutObject("my-bucketname", "my-objectname", encrypted, int64(encSize), minio.PutObjectOptions{})
    71  	if err != nil {
    72  		log.Fatalln(err)
    73  	}
    74  	log.Println("Successfully encrypted 'my-objectname'")
    75  }