![Page 1: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/1.jpg)
On The Fly Encryption,
Compression, Upload To S3And Back
connettiva.eu/rubyday2015
![Page 2: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/2.jpg)
connettiva.eu/rubyday2015
![Page 3: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/3.jpg)
file
connettiva.eu/rubyday2015
![Page 4: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/4.jpg)
file
connettiva.eu/rubyday2015
![Page 5: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/5.jpg)
file
original compressed
connettiva.eu/rubyday2015
file.gz
![Page 6: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/6.jpg)
filefile.gz.enc
original compressed encrypted
connettiva.eu/rubyday2015
file.gz
![Page 7: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/7.jpg)
filefile.gz.enc
S3
original compressed encrypted
connettiva.eu/rubyday2015
file.gz file.gz.enc
![Page 8: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/8.jpg)
filefile.gz.enc
S3
original compressed encrypted with random symmetric key
connettiva.eu/rubyday2015
symmetric key
file.gz file.gz.enc
initializationvector
symmetric key
initializationvector
![Page 9: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/9.jpg)
filefile.gz.enc
S3
original compressed encrypted with random symmetric key
connettiva.eu/rubyday2015
symmetric key
file.gz file.gz.enc
Encrypted withasymmetric key initialization
vector
symmetric key
initializationvector
![Page 10: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/10.jpg)
tar.gz
filefile.gz.enc
S3
original compressed encrypted with random symmetric key
connettiva.eu/rubyday2015
symmetric key
file.gz file.gz.enc
Encrypted withasymmetric key initialization
vector
symmetric key
initializationvector
tar.gz
![Page 11: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/11.jpg)
tar.gz
filefile.gz.enc
S3OpenSSL::Cipher.new("aes-256-cbc")
OpenSSL::Pkey::RSA
SecureRandom.uuid
Digest::SHA256.hexdigest
File.read("file") Zlib::Deflate Gem::Package::TarWriter Aws::S3::Client
Zlib::GzipWriter
connettiva.eu/rubyday2015
symmetric key
file.gz file.gz.enc
initializationvector
symmetric key
initializationvector
tar.gz
![Page 12: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/12.jpg)
$ irb
require "openssl"
key = OpenSSL::PKey::RSA.new 4096
open 'private_key.pem', 'w' do |io| io.write key.to_pemend
open 'public_key.pem', 'w' do |io| io.write key.public_key.to_pemend
connettiva.eu/rubyday2015
![Page 13: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/13.jpg)
Using environmental variables to make itsafe for production (Rails)
$ export PUBLIC_KEY=public_key.pem
$ export PRIVATE_KEY=private_key.pem
$ export BUCKET_NAME=your-amazon-bucket
# Gemfile or$ gem install "aws-sdk" -v '~> 2'
connettiva.eu/rubyday2015
![Page 14: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/14.jpg)
$ irb
require "./safe_s3"
s3 = SafeS3.new
key = s3.upload("sensitive data")
=> "272ab006-c0be-4b79-97dd-8fb895af6d85...
s3.download(key)
=> "sensitive data"
s3.delete(key)
connettiva.eu/rubyday2015
![Page 15: On The Fly Encryption, Compression, Upload To Amazon S3](https://reader030.vdocuments.mx/reader030/viewer/2022020301/58f1773b1a28ab7f328b45cf/html5/thumbnails/15.jpg)
$ irb
require "./safe_s3"
s3 = SafeS3.new
key = s3.upload("sensitive data")
=> "272ab006-c0be-4b79-97dd-8fb895af6d85...
s3.download(key)
=> "sensitive data"
s3.delete(key)
connettiva.eu/rubyday2015