Closed
Description
I'm having same issue as #376 when trying to decrypt object directly from S3 stream.
NodeJS: v12.18.3
aws-crypto/client-node: 1.0.5
Using pipeline()
import {decryptStream, KmsKeyringNode} from '@aws-crypto/client-node';
import {S3} from 'aws-sdk';
import {createWriteStream} from 'fs';
import {pipeline} from 'stream';
const generatorKeyId = 'kms-arn';
const Bucket = 'bucket';
const Key = 'encrypted.file';
const keyring = new KmsKeyringNode({generatorKeyId});
const s3 = new S3();
const context = {
action: 'cli-encrypt',
};
const s3ObjectStream = s3.getObject({Bucket, Key}).createReadStream().on('end', () => {
console.log(`S3 object read`);
}).once('error', (err) => {
console.log(`S3 object error: ${err.message}`);
});
const transformStream = decryptStream(keyring)
.on('MessageHeader', ({encryptionContext}) => {
Object.entries(context).forEach(([key, value]) => {
if (encryptionContext[key] !== value)
throw new Error('Encryption Context does not match expected values');
});
}).on('end', () => {
console.log(`Decrypt done`);
}).once('error', (err) => {
console.log(`Decrypt error: ${err.message}`);
});;
const writeStream = createWriteStream('./datafiles/decrypted.file').on('finish', () => {
console.log(`Decrypted!`);
}).once('error', (err) => {
console.log(`Error: ${err.message}`);
});
pipeline(
s3ObjectStream,
transformStream,
writeStream,
(err) => {
if (err) {
console.log(`Error: ${err.message}`);
} else {
console.log(`Decrypted!`);
}
}
);I've tried using s3ObjectStream.pipe(transformStream).pipe(writeStream) and got the same error.
Note that this problem does not occur (successfully decrypted) if I stream the file straight from local storage datafile = fs.createReadStream('encrypted.file);.
Any help would be appreciated.
Metadata
Metadata
Assignees
Labels
No labels