[sse-c] add encrypted multipart upload test
This commit is contained in:
parent
9c7c6c4d7c
commit
d7a552ac31
|
@ -1,11 +1,14 @@
|
|||
use crate::common::{self, Context};
|
||||
use aws_sdk_s3::primitives::ByteStream;
|
||||
use aws_sdk_s3::types::{CompletedMultipartUpload, CompletedPart};
|
||||
|
||||
const SSEC_KEY: &str = "u8zCfnEyt5Imo/krN+sxA1DQXxLWtPJavU6T6gOVj1Y=";
|
||||
const SSEC_KEY_MD5: &str = "jMGbs3GyZkYjJUP6q5jA7g==";
|
||||
const SSEC_KEY2: &str = "XkYVk4Z3vVDO2yJaUqCAEZX6lL10voMxtV06d8my/eU=";
|
||||
const SSEC_KEY2_MD5: &str = "kedo2ab8J1MCjHwJuLTJHw==";
|
||||
|
||||
const SZ_2MB: usize = 2 * 1024 * 1024;
|
||||
|
||||
#[tokio::test]
|
||||
async fn test_ssec_object() {
|
||||
let ctx = common::context();
|
||||
|
@ -101,7 +104,8 @@ async fn test_ssec_object() {
|
|||
SSEC_KEY2_MD5,
|
||||
SSEC_KEY,
|
||||
SSEC_KEY_MD5,
|
||||
);
|
||||
)
|
||||
.await;
|
||||
|
||||
// Test copy from encrypted to encrypted
|
||||
let r = ctx
|
||||
|
@ -130,7 +134,238 @@ async fn test_ssec_object() {
|
|||
SSEC_KEY2_MD5,
|
||||
SSEC_KEY,
|
||||
SSEC_KEY_MD5,
|
||||
);
|
||||
)
|
||||
.await;
|
||||
}
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn test_multipart_upload() {
|
||||
let ctx = common::context();
|
||||
let bucket = ctx.create_bucket("test-ssec-mpu");
|
||||
|
||||
let u1 = vec![0x11; SZ_2MB];
|
||||
let u2 = vec![0x22; SZ_2MB];
|
||||
let u3 = vec![0x33; SZ_2MB];
|
||||
let all = [&u1[..], &u2[..], &u3[..]].concat();
|
||||
|
||||
// Test simple encrypted mpu
|
||||
{
|
||||
let up = ctx
|
||||
.client
|
||||
.create_multipart_upload()
|
||||
.bucket(&bucket)
|
||||
.key("a")
|
||||
.sse_customer_algorithm("AES256")
|
||||
.sse_customer_key(SSEC_KEY)
|
||||
.sse_customer_key_md5(SSEC_KEY_MD5)
|
||||
.send()
|
||||
.await
|
||||
.unwrap();
|
||||
assert!(up.upload_id.is_some());
|
||||
assert_eq!(up.sse_customer_algorithm, Some("AES256".into()));
|
||||
assert_eq!(up.sse_customer_key_md5, Some(SSEC_KEY_MD5.into()));
|
||||
|
||||
let uid = up.upload_id.as_ref().unwrap();
|
||||
|
||||
let mut etags = vec![];
|
||||
for (i, part) in vec![&u1, &u2, &u3].into_iter().enumerate() {
|
||||
let pu = ctx
|
||||
.client
|
||||
.upload_part()
|
||||
.bucket(&bucket)
|
||||
.key("a")
|
||||
.upload_id(uid)
|
||||
.part_number((i + 1) as i32)
|
||||
.sse_customer_algorithm("AES256")
|
||||
.sse_customer_key(SSEC_KEY)
|
||||
.sse_customer_key_md5(SSEC_KEY_MD5)
|
||||
.body(ByteStream::from(part.to_vec()))
|
||||
.send()
|
||||
.await
|
||||
.unwrap();
|
||||
etags.push(pu.e_tag.unwrap());
|
||||
}
|
||||
|
||||
let mut cmp = CompletedMultipartUpload::builder();
|
||||
for (i, etag) in etags.into_iter().enumerate() {
|
||||
cmp = cmp.parts(
|
||||
CompletedPart::builder()
|
||||
.part_number((i + 1) as i32)
|
||||
.e_tag(etag)
|
||||
.build(),
|
||||
);
|
||||
}
|
||||
|
||||
ctx.client
|
||||
.complete_multipart_upload()
|
||||
.bucket(&bucket)
|
||||
.key("a")
|
||||
.upload_id(uid)
|
||||
.multipart_upload(cmp.build())
|
||||
.send()
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
test_read_encrypted(
|
||||
&ctx,
|
||||
&bucket,
|
||||
"a",
|
||||
&all,
|
||||
SSEC_KEY,
|
||||
SSEC_KEY_MD5,
|
||||
SSEC_KEY2,
|
||||
SSEC_KEY2_MD5,
|
||||
)
|
||||
.await;
|
||||
}
|
||||
|
||||
// Test upload part copy from first object
|
||||
{
|
||||
// (setup) Upload a single part object
|
||||
ctx.client
|
||||
.put_object()
|
||||
.bucket(&bucket)
|
||||
.key("b")
|
||||
.body(ByteStream::from(u1.clone()))
|
||||
.sse_customer_algorithm("AES256")
|
||||
.sse_customer_key(SSEC_KEY2)
|
||||
.sse_customer_key_md5(SSEC_KEY2_MD5)
|
||||
.send()
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
let up = ctx
|
||||
.client
|
||||
.create_multipart_upload()
|
||||
.bucket(&bucket)
|
||||
.key("target")
|
||||
.sse_customer_algorithm("AES256")
|
||||
.sse_customer_key(SSEC_KEY2)
|
||||
.sse_customer_key_md5(SSEC_KEY2_MD5)
|
||||
.send()
|
||||
.await
|
||||
.unwrap();
|
||||
let uid = up.upload_id.as_ref().unwrap();
|
||||
|
||||
let p1 = ctx
|
||||
.client
|
||||
.upload_part()
|
||||
.bucket(&bucket)
|
||||
.key("target")
|
||||
.upload_id(uid)
|
||||
.part_number(1)
|
||||
.sse_customer_algorithm("AES256")
|
||||
.sse_customer_key(SSEC_KEY2)
|
||||
.sse_customer_key_md5(SSEC_KEY2_MD5)
|
||||
.body(ByteStream::from(u3.clone()))
|
||||
.send()
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
let p2 = ctx
|
||||
.client
|
||||
.upload_part_copy()
|
||||
.bucket(&bucket)
|
||||
.key("target")
|
||||
.upload_id(uid)
|
||||
.part_number(2)
|
||||
.copy_source(format!("{}/a", bucket))
|
||||
.copy_source_range("bytes=500-550000")
|
||||
.copy_source_sse_customer_algorithm("AES256")
|
||||
.copy_source_sse_customer_key(SSEC_KEY)
|
||||
.copy_source_sse_customer_key_md5(SSEC_KEY_MD5)
|
||||
.sse_customer_algorithm("AES256")
|
||||
.sse_customer_key(SSEC_KEY2)
|
||||
.sse_customer_key_md5(SSEC_KEY2_MD5)
|
||||
.send()
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
let p3 = ctx
|
||||
.client
|
||||
.upload_part()
|
||||
.bucket(&bucket)
|
||||
.key("target")
|
||||
.upload_id(uid)
|
||||
.part_number(3)
|
||||
.sse_customer_algorithm("AES256")
|
||||
.sse_customer_key(SSEC_KEY2)
|
||||
.sse_customer_key_md5(SSEC_KEY2_MD5)
|
||||
.body(ByteStream::from(u2.clone()))
|
||||
.send()
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
let p4 = ctx
|
||||
.client
|
||||
.upload_part_copy()
|
||||
.bucket(&bucket)
|
||||
.key("target")
|
||||
.upload_id(uid)
|
||||
.part_number(4)
|
||||
.copy_source(format!("{}/b", bucket))
|
||||
.copy_source_range("bytes=1500-20500")
|
||||
.copy_source_sse_customer_algorithm("AES256")
|
||||
.copy_source_sse_customer_key(SSEC_KEY2)
|
||||
.copy_source_sse_customer_key_md5(SSEC_KEY2_MD5)
|
||||
.sse_customer_algorithm("AES256")
|
||||
.sse_customer_key(SSEC_KEY2)
|
||||
.sse_customer_key_md5(SSEC_KEY2_MD5)
|
||||
.send()
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
let cmp = CompletedMultipartUpload::builder()
|
||||
.parts(
|
||||
CompletedPart::builder()
|
||||
.part_number(1)
|
||||
.e_tag(p1.e_tag.unwrap())
|
||||
.build(),
|
||||
)
|
||||
.parts(
|
||||
CompletedPart::builder()
|
||||
.part_number(2)
|
||||
.e_tag(p2.copy_part_result.unwrap().e_tag.unwrap())
|
||||
.build(),
|
||||
)
|
||||
.parts(
|
||||
CompletedPart::builder()
|
||||
.part_number(3)
|
||||
.e_tag(p3.e_tag.unwrap())
|
||||
.build(),
|
||||
)
|
||||
.parts(
|
||||
CompletedPart::builder()
|
||||
.part_number(4)
|
||||
.e_tag(p4.copy_part_result.unwrap().e_tag.unwrap())
|
||||
.build(),
|
||||
)
|
||||
.build();
|
||||
|
||||
ctx.client
|
||||
.complete_multipart_upload()
|
||||
.bucket(&bucket)
|
||||
.key("target")
|
||||
.upload_id(uid)
|
||||
.multipart_upload(cmp)
|
||||
.send()
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
// (check) Get object
|
||||
let expected = [&u3[..], &all[500..550001], &u2[..], &u1[1500..20501]].concat();
|
||||
test_read_encrypted(
|
||||
&ctx,
|
||||
&bucket,
|
||||
"target",
|
||||
&expected,
|
||||
SSEC_KEY2,
|
||||
SSEC_KEY2_MD5,
|
||||
SSEC_KEY,
|
||||
SSEC_KEY_MD5,
|
||||
)
|
||||
.await;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue