-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit 1264d3e
Showing
5 changed files
with
571 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
/build | ||
/tests | ||
/build.sh | ||
/upload.sh | ||
/setup.sh | ||
/initialize.sh | ||
/*.toml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
# S3 Encrypt Wrapper | ||
|
||
Simple and Easy-to-Use Auto Encryption/Decryption S3 Middleware Service. | ||
|
||
Automatically encrypts upload streams and decrypts download streams using AES-256-CTR, with support for HTTP Range. | ||
|
||
Compatible with all cloud storage services that support the S3 protocol. | ||
|
||
# ⚠️ WARNING | ||
|
||
Do not use in production without thorough testing. | ||
|
||
|
||
|
||
# Usage Example | ||
|
||
## Upload | ||
|
||
Automatically encrypt a file using AES-256-CTR during upload. | ||
|
||
```shell | ||
curl -F 'file=@/location/file.dat' -F 'filepath=/path/file' http://localhost:8000/upload | ||
``` | ||
|
||
## Download | ||
|
||
Automatically decrypt files during download. | ||
|
||
```shell | ||
curl --output file.dat http://localhost:8000/path/file | ||
``` | ||
|
||
### Partial download | ||
|
||
Supports HTTP Range for partial downloads. Classic use cases include streaming media playback or parallel download. | ||
|
||
```shell | ||
curl -H "Range: bytes=1-2" http://localhost:8000/path/file.txt | ||
``` | ||
|
||
# Configuration | ||
|
||
Use `toml` | ||
|
||
## AWS S3 | ||
|
||
```toml | ||
[server] | ||
addr=":8000" | ||
key="11111111111111111111111111111111" # must be 32 characters | ||
[storage] | ||
access_id="your access key id" | ||
secret="your access secret key" | ||
bucket="your bucket name" | ||
region="your region" | ||
``` | ||
|
||
## Cloudflare R2 | ||
|
||
```toml | ||
[server] | ||
addr=":8000" | ||
key="11111111111111111111111111111111" # must be 32 characters | ||
[storage] | ||
enpoint="https://<your_account_id_in_cloudfalre_r2_dashboard>.r2.cloudflarestorage.com/" | ||
access_id="your access key id" | ||
secret="your access secret key" | ||
bucket="your bucket name" | ||
region="auto" # must be "auto" | ||
``` | ||
|
||
## Alibabacloud (Aliyun) OSS | ||
|
||
```toml | ||
[server] | ||
addr=":8000" | ||
key="11111111111111111111111111111111" # must be 32 characters | ||
[storage] | ||
enpoint="http://<region>.aliyuncs.com" | ||
access_id="your access key id" | ||
secret="your access secret key" | ||
bucket="your bucket name" | ||
region="<region>" # example: oss-cn-hangzhou | ||
``` | ||
|
||
# Donation | ||
|
||
XMR: 4Ay7eEeA13R82Ff11EN6WXA6wHsZcD15u71at1RGyzhhPqhj4Hd2sQKiKWc3UVXECxLpugirRgE2YfWTmsJPCdY3DJjYqym | ||
|
||
BTC: bc1qmdae24nwg5ckeh4xlmtzh88gjygcrynqs8sz0j |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,90 @@ | ||
# S3 加密中间件 | ||
|
||
简单易用的自动加解密S3上传下载流量 | ||
|
||
使用AES-256-CTR算法,自动加密上传流量,自动解密下载流量。支持HTTP分块请求 | ||
|
||
|
||
# ⚠️ 警告 | ||
|
||
未经充分测试请勿用于生产环境 | ||
|
||
|
||
|
||
# 使用示范 | ||
|
||
## 上传 | ||
|
||
自动加密一个文件并上传到S3 使用AES-256-CTR加密算法 | ||
|
||
```shell | ||
curl -F 'file=@/location/file.dat' -F 'filepath=/path/file' http://localhost:8000/upload | ||
``` | ||
|
||
## 下载 | ||
|
||
自动下载一个加密文件,在下载的过程中自动解密 | ||
|
||
```shell | ||
curl --output file.dat http://localhost:8000/path/file | ||
``` | ||
|
||
### 分块下载 | ||
|
||
支持 HTTP Range 请求,通常用于音视频播放、并行下载等场景 | ||
|
||
```shell | ||
curl -H "Range: bytes=1-2" http://localhost:8000/path/file.txt | ||
``` | ||
|
||
# 配置 | ||
|
||
使用 `toml` | ||
|
||
## 亚马逊S3 | ||
|
||
```toml | ||
[server] | ||
addr=":8000" | ||
key="11111111111111111111111111111111" # 加密密钥 必须是32个字符 | ||
[storage] | ||
access_id="你的accessid" | ||
secret="你的密钥" | ||
bucket="你的Bucket名字" | ||
region="你的bucket区域" | ||
``` | ||
|
||
## Cloudflare R2 | ||
|
||
```toml | ||
[server] | ||
addr=":8000" | ||
key="11111111111111111111111111111111" # 必须是32个字符 | ||
[storage] | ||
enpoint="https://<你的accountid在cloudfalre的R2控制面板可查看到>.r2.cloudflarestorage.com/" | ||
access_id="你的R2访问key" | ||
secret="你的R2访问密钥" | ||
bucket="你的存储桶名称" | ||
region="auto" # 必须是 auto | ||
``` | ||
|
||
## 阿里云 OSS | ||
|
||
```toml | ||
[server] | ||
addr=":8000" | ||
key="11111111111111111111111111111111" # must be 32 characters | ||
[storage] | ||
enpoint="http://<region>.aliyuncs.com" | ||
access_id="your access key id" | ||
secret="your access secret key" | ||
bucket="your bucket name" | ||
region="<region>" # 比如: oss-cn-hangzhou | ||
``` | ||
|
||
|
||
# 捐助 | ||
|
||
XMR: 4Ay7eEeA13R82Ff11EN6WXA6wHsZcD15u71at1RGyzhhPqhj4Hd2sQKiKWc3UVXECxLpugirRgE2YfWTmsJPCdY3DJjYqym | ||
|
||
BTC: bc1qmdae24nwg5ckeh4xlmtzh88gjygcrynqs8sz0j |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
module s3-wrapper | ||
|
||
go 1.21 | ||
|
||
require ( | ||
github.com/aws/aws-sdk-go v1.55.5 | ||
github.com/labstack/echo/v4 v4.12.0 | ||
) | ||
|
||
require ( | ||
github.com/BurntSushi/toml v1.4.0 // indirect | ||
github.com/golang-jwt/jwt v3.2.2+incompatible // indirect | ||
github.com/jmespath/go-jmespath v0.4.0 // indirect | ||
github.com/labstack/gommon v0.4.2 // indirect | ||
github.com/mattn/go-colorable v0.1.13 // indirect | ||
github.com/mattn/go-isatty v0.0.20 // indirect | ||
github.com/valyala/bytebufferpool v1.0.0 // indirect | ||
github.com/valyala/fasttemplate v1.2.2 // indirect | ||
golang.org/x/crypto v0.22.0 // indirect | ||
golang.org/x/net v0.24.0 // indirect | ||
golang.org/x/sys v0.19.0 // indirect | ||
golang.org/x/text v0.14.0 // indirect | ||
golang.org/x/time v0.5.0 // indirect | ||
) |
Oops, something went wrong.