lhrslsshahi
asked on
Linux MD5 Hash
I am trying to generate an encryption key and its MD5 hash on a Centos 7
https://sprightlysoft.com/blog/?p=209
The following is an example of the S3 Sync RequestHeaders parameter for using SSE-C.
-RequestHeaders “x-amz-server-side-encrypt ion-custom er-algorit hm:AES256| x-amz-serv er-side-en cryption-c ustomer-ke y:abcdefgh ijklmnopqr stuvwxyz01 23456789AB CDEFG=|x-a mz-server- side-encry ption-cust omer-key-M D5:abcdefg hijklmnopq rstuv==”
The x-amz-server-side-encr yption-cus tomer-algo rithm section says you will be using the AES 256 encryption method on S3. The x-amz-server-side-encr yption-cus tomer-key section is the encryption key. The x-amz-server-side-encr yption-cus tomer-key- MD5 section is the MD5 hash of the encryption key. Amazon will store the x-amz-server-side-encr yption-cus tomer-key- MD5 value with the file but not the x-amz-server-side-encr yption-cus tomer-key value.
https://sprightlysoft.com/blog/?p=209
The following is an example of the S3 Sync RequestHeaders parameter for using SSE-C.
-RequestHeaders “x-amz-server-side-encrypt
The x-amz-server-side-encr
ASKER
/usr/bin/aws s3 sync /da03/live/ s3://blob-portal-data/ --sse-c AES256 --sse-c-key ABCDEF0123456789ABCDEF0123 456789ABCD EF01234567 89ABCDEF01 23456789
upload failed: ../da03/live/5/test-aes256 to s3://blob-portal-data/5/te st-aes256 An error occurred (InvalidArgument) when calling the PutObject operation: The secret key was invalid for the specified algorithm.
I have used the following command to generate AES256 32bit code
openssl enc -d -a -md sha1 -aes-256-cbc -nosalt -p
upload failed: ../da03/live/5/test-aes256
I have used the following command to generate AES256 32bit code
openssl enc -d -a -md sha1 -aes-256-cbc -nosalt -p
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks will take on board what you have said.
How do I generate a AES256 32 character encryption key that complies with AWS requirements.
From what I'm reading, it sounds like S3 is just asking for an encryption key/password to use for encryption. Your "--sse-c-key " parameter is 64 characters long - try using a 32-character (256-bit) key instead.
How do I generate a AES256 32 character encryption key that complies with AWS requirements.
From what I'm reading, it sounds like S3 is just asking for an encryption key/password to use for encryption. Your "--sse-c-key " parameter is 64 characters long - try using a 32-character (256-bit) key instead.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks have created a 32 character password using http://www.cryptool-online.org/index.php?option=com_cto&view=tool&Itemid=136&lang=en
ASKER
--sse-c (string) Specifies server-side encryption using customer provided keys of the the object in S3. AES256 is the only valid value. If the parameter is specified but no value is provided, AES256 is used. If you provide this value, --sse-c-key must be specified as well.
--sse-c-key (string) The customer-provided encryption key to use to server-side encrypt the object in S3. If you provide this value, --sse-c must be specified as well. The key provided should not be base64 encoded.