使用带有AWS KMS的Nodejs在s3中encryption和解密文件
我正在使用AWS KMS将文件encryption到s3存储桶。 我目前正在使用AWS控制台执行此操作,但是我想使用Nodejs来执行此操作。
我刚刚检查了一些东西,但是对于使用nodejs进行KMSencryption和解密的问题我还没有明确的想法。
您需要查看适用于JavaScript的AWS开发工具包 。 从例子:
var AWS = require('aws-sdk'); var kms = new AWS.KMS({apiVersion: '2014-11-01'}); var params = { KeyId: "1234abcd-12ab-34cd-56ef-1234567890ab", // The identifier of the CMK to use for encryption. You can use the key ID or Amazon Resource Name (ARN) of the CMK, or the name or ARN of an alias that refers to the CMK. Plaintext: <Binary String>// The data to encrypt. }; kms.encrypt(params, function(err, data) { if (err) console.log(err, err.stack); // an error occurred else console.log(data); // successful response /* data = { CiphertextBlob: <Binary String>, // The encrypted data (ciphertext). KeyId: "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"// The ARN of the CMK that was used to encrypt the data. } */ }); var params = { CiphertextBlob: <Binary String>// The encrypted data (ciphertext). }; kms.decrypt(params, function(err, data) { if (err) console.log(err, err.stack); // an error occurred else console.log(data); // successful response /* data = { KeyId: "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab", // The Amazon Resource Name (ARN) of the CMK that was used to decrypt the data. Plaintext: <Binary String>// The decrypted (plaintext) data. } */ }); 这是NPM上的aws-sdk包的链接。 这里是主要AWS SDK for Javascript文档页面的链接 。
希望这可以帮助!