SSE‐KMS SSE‐S3 SSE‐C encryption tests - allanrogerr/public GitHub Wiki

https://min.io/docs/minio/macos/administration/server-side-encryption.html

SSE-KMS
mc/mc mb minio-client/sse-kms --insecure
mc/mc encrypt set sse-kms minio-key minio-client/sse-kms --insecure

mc/mc cp \
/home/ubuntu/public.crt minio-client/sse-kms/public.crt \
--insecure

mc/mc stat minio-client/sse-kms/public.crt \
--insecure

mc/mc stat minio-client/sse-kms/public.crt \
--insecure
Name      : public.crt
Date      : 2024-01-18 17:34:47 UTC 
Size      : 485 B  
ETag      : a70238a54f2d29c5e78ce43c2ad1e81d 
Type      : file 
Encryption: SSE-KMS (arn:aws:kms:minio-key)
Metadata  :
  Content-Type: application/x-x509-ca-cert 




SSE-S3
mc/mc mb minio-client/sse-s3 --insecure
mc/mc encrypt set sse-s3 minio-client/sse-s3 --insecure

mc/mc cp \
/home/ubuntu/public.crt minio-client/sse-s3/public.crt \
--insecure

mc/mc stat minio-client/sse-s3/public.crt \
--insecure
Name      : public.crt
Date      : 2024-01-18 17:36:13 UTC 
Size      : 485 B  
ETag      : 4c12f4db18f058585d9a849bd44e4e45 
Type      : file 
Encryption: SSE-S3
Metadata  :
  Content-Type: application/x-x509-ca-cert 
  


SSE-C - single
mc/mc mb minio-client/sse-c/single --insecure

mc/mc cp \
/home/ubuntu/public.crt minio-client/sse-c/single/public-unencrypted.crt \
--insecure

mc/mc stat minio-client/sse-c/single/public-unencrypted.crt --insecure
Name      : public-unencrypted.crt
Date      : 2024-01-18 17:41:35 UTC 
Size      : 485 B  
ETag      : 4c12f4db18f058585d9a849bd44e4e45 
Type      : file 
Metadata  :
  Content-Type: application/x-x509-ca-cert

mc/mc cp \
/home/ubuntu/public.crt minio-client/sse-c/single/public-encrypted.crt \
--encrypt-key "minio-client/sse-c/single/=c2VjcmV0ZW5jcnlwdGlvbmtleWNoYW5nZW1lMTIzNAo=" \
--insecure

mc/mc stat minio-client/sse-c/single/public-encrypted.crt --insecure
mc: <ERROR> Unable to stat `minio-client/sse-c/single/public.crt`. The object was stored using a form of Server Side Encryption. The correct parameters must be provided to retrieve the object.

mc/mc stat minio-client/sse-c/single/public-encrypted.crt \
--encrypt-key "minio-client/sse-c/single/=c2VjcmV0ZW5jcnlwdGlvbmtleWNoYW5nZW1lMTIzNAx=" \
--insecure
mc: <ERROR> Unable to stat `minio-client/sse-c/single/public.crt`. Insufficient permissions to access this path `https://kes-client.lab.min.dev:9000/sse-c/single/public.crt`.

mc/mc stat minio-client/sse-c/single/public-encrypted.crt \
--encrypt-key "minio-client/sse-c/single/=c2VjcmV0ZW5jcnlwdGlvbmtleWNoYW5nZW1lMTIzNAox=" \
--insecure
mc: <ERROR> Unable to parse encryption keys. Encryption key should be 32 bytes plain text key or 44 bytes base64 encoded key.

mc/mc stat minio-client/sse-c/single/public-encrypted.crt \
--encrypt-key "minio-client/sse-c/single/=c2VjcmV0ZW5jcnlwdGlvbmtleWNoYW5nZW1lMTIzNAo=" \
--insecure
Name      : public-encrypted.crt
Date      : 2024-01-18 17:45:22 UTC 
Size      : 485 B  
ETag      : ef2fc2df104ba372216a9a87e7131672 
Type      : file 
Encryption: SSE-C
Metadata  :
  Content-Type: application/x-x509-ca-cert


SSE-C - bucket
mc/mc mb minio-client/sse-c/all --insecure

mc/mc cp \
--recursive \
/home/ubuntu/ minio-client/sse-c/all \
--encrypt-key "minio-client/sse-c/all/=c2VjcmV0ZW5jcnlwdGlvbmtleWNoYW5nZW1lMTIzNAo=" \
--insecure

Copy in place

mc/mc mb minio-client/encrypt1

mc/mc cp \
--recursive \
/home/ubuntu/ minio-client/encrypt1

mc/mc ls -r minio-client/encrypt1
mc/mc stat -r minio-client/encrypt1

mc/mc encrypt set sse-kms minio-key minio-client/encrypt1

mc/mc cp \
--recursive \
minio-client/encrypt1/ minio-client/encrypt1/

mc/mc ls -r minio-client/encrypt1

mc/mc stat minio-client/encrypt1
mc/mc stat -r minio-client/encrypt1
⚠️ **GitHub.com Fallback** ⚠️