Permalink
Browse files

Version 1.6.3 of the AWS SDK for Ruby

  • Loading branch information...
1 parent b91a8ba commit 9877f13179fdffaa31484416ecf690d52597a767 @trevorrowe trevorrowe committed Aug 8, 2012
Showing with 3,661 additions and 883 deletions.
  1. +1 −0 Gemfile
  2. +2 −1 features/ec2/step_definitions/ec2.rb
  3. +9 −1 features/ec2/step_definitions/snapshot_attributes.rb
  4. +326 −0 features/s3/high_level/client_side_encryption.feature
  5. +0 −5 features/s3/high_level/objects.feature
  6. +235 −0 features/s3/high_level/step_definitions/client_side_encryption.rb
  7. +1 −1 features/s3/high_level/step_definitions/objects.rb
  8. +6 −2 features/s3/high_level/step_definitions/versions.rb
  9. +2 −2 features/s3/high_level/versions.feature
  10. +6 −2 features/support/common.rb
  11. +13 −2 lib/aws/core.rb
  12. +1 −1 lib/aws/core/autoloader.rb
  13. +69 −30 lib/aws/core/client.rb
  14. +12 −1 lib/aws/core/configuration.rb
  15. +28 −16 lib/aws/core/http/handler.rb
  16. +31 −11 lib/aws/core/http/net_http_handler.rb
  17. +52 −16 lib/aws/core/http/request.rb
  18. +20 −16 lib/aws/core/http/response.rb
  19. +14 −14 lib/aws/core/indifferent_hash.rb
  20. +1 −0 lib/aws/core/query_client.rb
  21. +32 −14 lib/aws/core/response.rb
  22. +1 −0 lib/aws/core/signature/version_2.rb
  23. +16 −16 lib/aws/core/signature/version_4.rb
  24. +2 −2 lib/aws/dynamo_db/client.rb
  25. +0 −6 lib/aws/dynamo_db/request.rb
  26. +10 −10 lib/aws/rails.rb
  27. +44 −29 lib/aws/s3.rb
  28. +171 −6 lib/aws/s3/bucket.rb
  29. +119 −0 lib/aws/s3/cipher_io.rb
  30. +75 −45 lib/aws/s3/client.rb
  31. +6 −0 lib/aws/s3/config.rb
  32. +136 −49 lib/aws/s3/data_options.rb
  33. +144 −0 lib/aws/s3/encryption_utils.rb
  34. +14 −0 lib/aws/s3/errors.rb
  35. +7 −4 lib/aws/s3/multipart_upload.rb
  36. +2 −2 lib/aws/s3/object_collection.rb
  37. +1 −1 lib/aws/s3/policy.rb
  38. +21 −33 lib/aws/s3/request.rb
  39. +797 −237 lib/aws/s3/s3_object.rb
  40. +0 −2 lib/aws/simple_email_service/request.rb
  41. +0 −3 lib/aws/simple_workflow/request.rb
  42. +63 −75 lib/net/http/connection_pool.rb
  43. +69 −15 lib/net/http/connection_pool/connection.rb
  44. +39 −6 lib/net/http/connection_pool/session.rb
  45. +1 −1 spec/aws/config_spec.rb
  46. +23 −10 spec/aws/core/client_spec.rb
  47. +2 −2 spec/aws/core/http/httparty_handler_spec.rb
  48. +23 −21 spec/aws/core/http/net_http_handler_spec.rb
  49. +45 −15 spec/aws/core/http/request_spec.rb
  50. +2 −2 spec/aws/core/http/response_spec.rb
  51. +16 −15 spec/aws/core/response_spec.rb
  52. +115 −0 spec/aws/s3/cipher_io_spec.rb
  53. +25 −75 spec/aws/s3/client_spec.rb
  54. +674 −0 spec/aws/s3/s3_object_encrypt_spec.rb
  55. +86 −35 spec/aws/s3/s3_object_spec.rb
  56. +18 −9 spec/net/http/connection_pool/session_spec.rb
  57. +30 −22 spec/shared/aws_client_examples.rb
  58. +3 −0 spec/spec_helper.rb
View
@@ -39,6 +39,7 @@ group :build do
gem 'rspec', '2.5'
gem 'rspec', '2.5', :require => 'rspec/core/rake_task'
gem 'rcov', '0.9.9'
+ gem 'simplecov', :require => false
gem 'ci_reporter', '~> 1.6', :require => 'ci/reporter/rake/rspec'
end
@@ -131,7 +131,8 @@
@created_volumes.each do |volume|
begin
volume.delete
- rescue AWS::EC2::Errors::InvalidVolumeID::NotFound
+ rescue AWS::EC2::Errors::InvalidVolumeID::NotFound,
+ AWS::EC2::Errors::InvalidVolume::NotFound
# already deleted
end
end
@@ -41,9 +41,17 @@
end
Given /^I create a snapshot with description "([^\"]*)"$/ do |description|
+
Given %(I create a volume)
- @snapshot = @volume.create_snapshot(description)
+
+ # it can take a while before the volume is in a state where snapshots
+ # are allowed
+ eventually do
+ @snapshot = @volume.create_snapshot(description)
+ end
+
@created_snapshots << @snapshot
+
end
Then /^the snapshot description should be "([^\"]*)"$/ do |description|
@@ -0,0 +1,326 @@
+# Copyright 2011-2012 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"). You
+# may not use this file except in compliance with the License. A copy of
+# the License is located at
+#
+# http://aws.amazon.com/apache2.0/
+#
+# or in the "license" file accompanying this file. This file is
+# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
+# ANY KIND, either express or implied. See the License for the specific
+# language governing permissions and limitations under the License.
+
+# language: en
+@s3 @high_level @objects @cse
+Feature: Amazon S3 Client Side Encryption
+
+ As a customer of Amazon S3
+ I want my data to be envelope encrypted within Amazon S3
+ So that I can store my private data securely while managing my own key
+
+ @cse_asym @cse_write
+ Scenario: Write an object with CSE
+ Given I ask for the object with key "foo"
+ And I have an asymmetric CSE key
+ And I specify no CSE material location
+ When I write the string "HELLO" to it using CSE
+ And I specify metadata CSE material location
+ Then the object should eventually have encrypted "HELLO" as its body
+ And the object CSE data should be stored with metadata
+ And the object should have unencrypted_content_length
+
+ @cse_asym @cse_read
+ Scenario: Read an object with CSE
+ Given I ask for the object with key "foo"
+ And I have an asymmetric CSE key
+ And I specify no CSE material location
+ And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+ When I specify metadata CSE material location
+ And I read it with the CSE key
+ Then the result should be "HELLO"
+
+ @cse_asym @cse_read
+ Scenario: Read an object with CSE with metadata specified
+ Given I ask for the object with key "foo"
+ And I have an asymmetric CSE key
+ And I specify metadata CSE material location
+ And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+ When I read it with the CSE key
+ And I specify metadata CSE material location
+ Then the result should be "HELLO"
+
+ @cse_asym @cse_write
+ Scenario: Write an object with CSE with instruction file material location
+ Given I ask for the object with key "foo"
+ And I have an asymmetric CSE key
+ And I specify instruction file CSE material location
+ When I write the string "HELLO" to it using CSE
+ And I specify instruction file CSE material location
+ Then the object should eventually have encrypted "HELLO" as its body
+ And the object CSE data should be stored with an instruction file
+ And the object should have unencrypted_content_length
+
+# @cse_asym @cse_read
+# Scenario: Read an object with CSE with instruction file material location when not specified
+# Given I ask for the object with key "foo"
+# And I have an asymmetric CSE key
+# And I specify instruction file CSE material location
+# And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+# When I read it with the CSE key
+# And I specify no CSE material location
+# Then the result should be "HELLO"
+
+ @cse_asym @cse_read
+ Scenario: Read an object with CSE with instruction file material location when specified
+ Given I ask for the object with key "foo"
+ And I have an asymmetric CSE key
+ And I specify instruction file CSE material location
+ And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+ When I read it with the CSE key
+ Then the result should be "HELLO"
+
+ @cse_sym @cse_write
+ Scenario: Write an object with CSE symmetric
+ Given I ask for the object with key "foo"
+ And I have a symmetric "128" CSE key
+ And I specify no CSE material location
+ When I write the string "HELLO" to it using CSE
+ Then the object should eventually have encrypted "HELLO" as its body
+ And the object CSE data should be stored with metadata
+ And the object should have unencrypted_content_length
+
+ @cse_sym @cse_read
+ Scenario: Read an object with CSE symmetric
+ Given I ask for the object with key "foo"
+ And I have a symmetric "192" CSE key
+ And I specify no CSE material location
+ And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+ When I specify metadata CSE material location
+ And I read it with the CSE key
+ Then the result should be "HELLO"
+
+ @cse_sym @cse_read
+ Scenario: Read an object with CSE symmetric with metadata specified
+ Given I ask for the object with key "foo"
+ And I have a symmetric "256" CSE key
+ And I specify metadata CSE material location
+ And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+ When I read it with the CSE key
+ And I specify metadata CSE material location
+ Then the result should be "HELLO"
+
+ @cse_sym @cse_write
+ Scenario: Write an object with CSE symmetric with instruction file material location
+ Given I ask for the object with key "foo"
+ And I have a symmetric "192" CSE key
+ And I specify instruction file CSE material location
+ When I write the string "HELLO" to it using CSE
+ And I specify instruction file CSE material location
+ Then the object should eventually have encrypted "HELLO" as its body
+ And the object CSE data should be stored with an instruction file
+ And the object should have unencrypted_content_length
+
+ @cse_sym @cse_read
+ Scenario: Read an object with CSE symmetric with metadata specified on both ends
+ Given I ask for the object with key "foo"
+ And I have a symmetric "128" CSE key
+ And I specify metadata CSE material location
+ And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+ When I read it with the CSE key
+ And I specify metadata CSE material location
+ Then the result should be "HELLO"
+
+ @cse_sym @cse_write
+ Scenario: Write an object with CSE symmetric with instruction file material location on both ends
+ Given I ask for the object with key "foo"
+ And I have a symmetric "256" CSE key
+ And I specify instruction file CSE material location
+ When I write the string "HELLO" to it using CSE
+ And I specify instruction file CSE material location
+ Then the object should eventually have encrypted "HELLO" as its body
+ And the object CSE data should be stored with an instruction file
+ And the object should have unencrypted_content_length
+
+# @cse_sym @cse_read
+# Scenario: Read an object with incorrect material location at runtime (will not find encryption materials)
+# Given I ask for the object with key "foo"
+# And I have a symmetric "192" CSE key
+# And I specify metadata CSE material location
+# And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+# When I specify instruction file CSE material location
+# And I read it with the CSE key
+# Then the result should not be "HELLO"
+
+
+ @cse_asym @cse_read @cse_multipart
+ Scenario: Perform a multipart upload with CSE
+ Given the multipart upload threshold is 5mb
+ And I have a 7mb file
+ And I have an asymmetric CSE key
+ And I specify metadata CSE material location
+ When I write the file to the object "foo" with CSE and the following metadata:
+ | color | red |
+ | shape | circle |
+ Then the metadata of object "foo" should eventually include:
+ | color | red |
+ | shape | circle |
+ Then the file at key "foo" should eventually be encrypted
+ And the contents of CSE object "foo" should eventually match the file
+ And the object CSE data should be stored with metadata
+ And the object should have unencrypted_content_length
+
+ @cse_asym @cse_read @cse_block
+ Scenario: Performing a streaming read with a block and CSE
+ Given I ask for the object with key "foo"
+ And I have an asymmetric CSE key
+ And I specify metadata CSE material location
+ And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+ When I read it with the CSE key and a block into a variable
+ Then the result should be "HELLO"
+ And the object CSE data should be stored with metadata
+ And the object should have unencrypted_content_length
+
+ @cse_asym @cse_read @cse_multipart @cse_block
+ Scenario: Performing a streaming read with a block and CSE and a large file uploaded with multipart
+ Given the multipart upload threshold is 5mb
+ And I have a 7mb file
+ And I have an asymmetric CSE key
+ And I specify metadata CSE material location
+ And in the bucket the object with key "foo" has the CSE encrypted file
+ When I read it with the CSE key
+ Then the contents of CSE object "foo" should eventually match the file
+ And the object CSE data should be stored with metadata
+ And the object should have unencrypted_content_length
+
+ @cse_sym @cse_read @cse_multipart @cse_block
+ Scenario: Performing a streaming read with a block and CSE and a large file uploaded with multipart and instruction file material location using a symmetric key
+ Given the multipart upload threshold is 5mb
+ And I have a 7mb file
+ And I have a symmetric "256" CSE key
+ And I specify instruction file CSE material location
+ And in the bucket the object with key "foo" has the CSE encrypted file
+ When I specify instruction file CSE material location
+ And I read it with the CSE key
+ Then the contents of CSE object "foo" should eventually match the file
+ And the object CSE data should be stored with an instruction file
+ And the object should have unencrypted_content_length
+
+ @cse_asym @cse_copy
+ Scenario: Copy an object with CSE
+ Given I ask for the object with key "foo"
+ And I have an asymmetric CSE key
+ And I specify metadata CSE material location
+ And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+ When I copy "foo" to "foo2" with CSE enabled
+ And I ask for the object with key "foo2"
+ Then the object should eventually have encrypted "HELLO" as its body
+ And the object CSE data should be stored with metadata
+ And the object should have unencrypted_content_length
+
+ @cse_asym @cse_copy
+ Scenario: Copy an object with CSE and decrypt
+ Given I ask for the object with key "foo"
+ And I have an asymmetric CSE key
+ And I specify metadata CSE material location
+ And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+ When I copy "foo" to "foo2" with CSE enabled
+ And I specify metadata CSE material location
+ And I read it with the CSE key
+ Then the result should be "HELLO"
+
+ @cse_asym @cse_copy
+ Scenario: Copy an object with CSE and decrypt with instruction filematerial location
+ Given I ask for the object with key "foo"
+ And I have an asymmetric CSE key
+ And I specify instruction file CSE material location
+ And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+ When I copy "foo" to "foo2" with CSE enabled
+ And I specify instruction file CSE material location
+ And I read it with the CSE key
+ Then the result should be "HELLO"
+ And the object CSE data should be stored with an instruction file
+
+
+ @cse_asym @cse_copy
+ Scenario: Move an object with CSE and decrypt with instruction filematerial location and md5
+ Given I ask for the object with key "foo"
+ And I have an asymmetric CSE key
+ And I specify instruction file CSE material location
+ And I specify "blah blah" as the md5
+ And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+ When I move "foo" to "foo2" with CSE enabled
+ And I specify instruction file CSE material location
+ And I read it with the CSE key
+ Then the result should be "HELLO"
+ And the object CSE data should be stored with an instruction file
+
+ @cse_asym @cse_copy
+ Scenario: Copy an object with CSE and decrypt with instruction filematerial location and no md5
+ Given I ask for the object with key "foo"
+ And I have an asymmetric CSE key
+ And I specify instruction file CSE material location
+ And I specify no md5
+ And in the bucket the object with key "foo" has the contents CSE encrypted "HELLO"
+ When I copy "foo" to "foo2" with CSE enabled
+ And I specify instruction file CSE material location
+ And I read it with the CSE key
+ Then the result should be "HELLO"
+ And the object CSE data should be stored with an instruction file
+
+
+# @cse_read
+# Scenario: Read a file with CSE that wasn't encrypted (will produce error)
+# Given I ask for the object with key "foo"
+# And I have an asymmetric CSE key
+# And I write the string "HELLO" to it
+# Then I specify metadata CSE material location
+# And I read it with the CSE key
+# And the result should be "HELLO"
+
+ @cse_write
+ Scenario: Write a file using an IO-like object
+ Given the multipart upload threshold is 5mb
+ And I have a 2mb file
+ And I put the file in an IO object
+ And I have an asymmetric CSE key
+ And I ask for the object with key "foo"
+ When I specify metadata CSE material location
+ And I write the IO object
+ Then the contents of CSE object "foo" should eventually match the file
+
+ @cse_write
+ Scenario: Write a file using an IO-like object multipart
+ Given the multipart upload threshold is 5mb
+ And I have a 7mb file
+ And I put the file in an IO object
+ And I have an asymmetric CSE key
+ And I ask for the object with key "foo"
+ When I specify metadata CSE material location
+ And I write the IO object
+ Then the contents of CSE object "foo" should eventually match the file
+
+
+ @cse_write @test
+ Scenario: Write an IO like object with an estimated length of 5mb
+ Given the multipart upload threshold is 10mb
+ And I have a 7mb file
+ And I have an asymmetric CSE key
+ And I ask for the object with key "foo"
+ And I specify metadata CSE material location
+ When I write the file using an IO-like object and an estimated length of 5mb
+ Then the contents of CSE object "foo" should eventually match the file
+
+ @cse_delete
+ Scenario: Delete an object uploaded with CSE and an instruction file
+ Given the multipart upload threshold is 5mb
+ And I have a 7mb file
+ And I put the file in an IO object
+ And I have an asymmetric CSE key
+ And I ask for the object with key "foo"
+ And I specify metadata CSE material location
+ And I write the IO object
+ When I delete the CSE object with :delete_instruction_file
+ Then No instruction file remains
+
+
@@ -87,11 +87,6 @@ Feature: CRUD Objects (High Level)
When I write the string "HELLO" to it
Then the result should be the object with key "foo"
And the object should eventually have "HELLO" as its body
- And a request should have been made like:
- | TYPE | NAME | VALUE |
- | http | verb | PUT |
- | http | uri | /foo |
- | http | body | HELLO |
@put_object @multibyte
Scenario: Write an object with a multibyte string
Oops, something went wrong.

0 comments on commit 9877f13

Please sign in to comment.