|

»

toolkit and crypto

View: New views

4 Messages — Rating Filter: Alert me

	toolkit and crypto by Patrick Linehan :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message i'm having trouble getting transparent encryption working when using the toolkit. i had assumed that setting the "crypto.algorithm" property would automatically enable encryption, but i was wrong. i've searched the docs, mailing lists and the web, but i can't find any discussion of this. i'm using the standard "PBEWithMD5AndDES" algorithm, and running EncryptionUtil.java's "main" method verifies that the cipher should be available on my machine. is there a setting i'm missing? does the toolkit even support this functionality, or is it limited to the applications? any help would be grealy appreciated. thanks! PAt
	Re: toolkit and crypto by Patrick Linehan :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message > is there a setting i'm missing? does the toolkit even support this functionality, or > is it limited to the applications? after doing some more reading and grepping of the source, i believe i can now answer my own question: the toolkit does not support "transparent" encryption, only the apps it looks like i should use ObjectUtils and/or EncryptionUtil to do this work manually before uploading by blobs. am i now stuck with warnock's dilemma? only time will tell. On Tue, Jun 9, 2009 at 3:10 PM, Patrick Linehan <plinehan@...> wrote: i'm having trouble getting transparent encryption working when using the toolkit. i had assumed that setting the "crypto.algorithm" property would automatically enable encryption, but i was wrong. i've searched the docs, mailing lists and the web, but i can't find any discussion of this. i'm using the standard "PBEWithMD5AndDES" algorithm, and running EncryptionUtil.java's "main" method verifies that the cipher should be available on my machine. is there a setting i'm missing? does the toolkit even support this functionality, or is it limited to the applications? any help would be grealy appreciated. thanks! PAt
	Re: toolkit and crypto by James Murty-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi Patrick, You are correct. The "crypto.algorithm" property setting in jets3t.properties only applies to the JetS3t applications, and will not enable automatic encryption of uploaded objects in the toolkit. The easiest way to encrypt items you upload to S3 is to use the ObjectUtils#createObjectForUpload utility methods to transform a file prior to upload. These methods take an EncryptionUtil argument where you can specify a password and the encryption algorithm you wish to use. The ObjectUtils class has a corresponding #createPackageForDownload method that make it simpler to download encrypted objects from S3, decrypting the data as it is downloaded. Alternately, you can use the EncrptionUtil #encrypt and #decrypt methods to generate cipher input and output streams. These will encrypt or decrypt data in the underlying streams you provide. However, if you use these cipher streams directly, it would be wise to include enough metadata information with your S3 objects to allow you to decrypt them later. The advantage of the ObjectUtils methods is that they automatically create and consume S3 metadata items that indicate the algorithm that was used to encrypt data. Hope this helps, James --- http://www.jamesmurty.com On Tue, Jun 9, 2009 at 3:10 PM, Patrick Linehan<plinehan@...> wrote: > i'm having trouble getting transparent encryption working when using the > toolkit. i had assumed that setting the "crypto.algorithm" property would > automatically enable encryption, but i was wrong. > i've searched the docs, mailing lists and the web, but i can't find any > discussion of this. > i'm using the standard "PBEWithMD5AndDES" algorithm, and running > EncryptionUtil.java's "main" method verifies that the cipher should be > available on my machine. > is there a setting i'm missing? does the toolkit even support this > functionality, or is it limited to the applications? > any help would be grealy appreciated. > thanks! > PAt --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@...
	Re: toolkit and crypto by James Murty-2 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I should mention that it is difficult to achieve truly transparent encryption of data sent to S3 because you need to know the exact size of an S3 object before you upload it. If you simply run data through an encryption cipher as it is being uploaded, the resultant data probably won't match the size of the original data and the upload will fail. So if you do use the EncryptUtils#encrypt method to get an encrypting cipher stream, make sure you write this data to a temporary file or buffer first, and only upload it once you know the final size. > am i now stuck with warnock's dilemma? only time will tell. No dilemma. However, the JetS3t Users Google group is probably a better place to ask questions because more people are listening there: http://groups.google.com/group/jets3t-users Cheers, James --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@... For additional commands, e-mail: users-help@...