Help Center> Object Storage Service> SDK Reference> iOS> Server-Side Encryption> Example of Encryption

Example of Encryption

Encrypting an Object to Be Uploaded

Sample code:

SSE-C encryption

static OBSClient *client;
NSString *endPoint = @"your-endpoint";
NSString *SK = @"*** Provide your Secret Key ***";
NSString *AK = @"*** Provide your Access Key ***";

    
// Initialize identity authentication.
OBSStaticCredentialProvider *credentialProvider = [[OBSStaticCredentialProvider alloc] initWithAccessKey:AK secretKey:SK];
    
//Initialize service configuration.
OBSServiceConfiguration *conf = [[OBSServiceConfiguration alloc] initWithURLString:endPoint credentialProvider:credentialProvider];
    
// Initialize an instance of OBSClient.
client = [[OBSClient alloc] initWithConfiguration:conf];
    
// Use the SSE-C algorithm to upload an object.
NSData *uploadData = [NSData dataWithContentsOfFile:_imagePath];
OBSPutObjectWithDataRequest *request = [[OBSPutObjectWithDataRequest alloc]initWithBucketName:@"bucketname" objectKey:@"test/image1" uploadData:uploadData];
    
 // Encrypt the object.
request.encryption = [[OBSEncryptionTypeCustomer alloc]initWithAlgorithm:@"AES256" key:@"K7QkYpBkM5+hcs27fsNkUnNVaobncnLht/rCB2o/9Cw=" keyMD5:@"4XvB3tbNTN+tIEVa0/fGaQ=="];
    
request.uploadProgressBlock = ^(int64_t bytesSent, int64_t totalBytesSent, int64_t totalBytesExpectedToSend) {
    NSLog(@"%0.1f%%",(float)totalBytesSent*100/(float)totalBytesExpectedToSend);
};
[client putObject:request completionHandler:^(OBSPutObjectResponse *response, NSError *error){
    NSLog(@"%@",response);
}] ;

key: generated through AES256.
keyMD5: base64-encoded MD5 value of the key.

SSE-KMS encryption

static OBSClient *client;
NSString *endPoint = @"your-endpoint";
NSString *SK = @"*** Provide your Secret Key ***";
NSString *AK = @"*** Provide your Access Key ***";
    
// Initialize identity authentication.
OBSStaticCredentialProvider *credentialProvider = [[OBSStaticCredentialProvider alloc] initWithAccessKey:AK secretKey:SK];
    
//Initialize service configuration.
OBSServiceConfiguration *conf = [[OBSServiceConfiguration alloc] initWithURLString:endPoint credentialProvider:credentialProvider];
    
// Initialize an instance of OBSClient.
client = [[OBSClient alloc] initWithConfiguration:conf];
    
// Use the SSE-KMS algorithm to upload an object.
OBSPutObjectWithFileRequest *request = [[OBSPutObjectWithFileRequest alloc]initWithBucketName:@"bucketname" objectKey:@"objectname" uploadFilePath:_imagePath];
    
// SSE-KMS encryption
request.encryption = [[OBSEncryptionTypeKMS alloc]initWithKeyID:nil];
    
request.uploadProgressBlock = ^(int64_t bytesSent, int64_t totalBytesSent, int64_t totalBytesExpectedToSend) {
    NSLog(@"%0.1f%%",(float)floor(totalBytesSent*10000/totalBytesExpectedToSend)/100);
};
    
[client putObject:request completionHandler:^(OBSPutObjectResponse *response, NSError *error){
    NSLog(@"%@",response.etag);
}];

Decrypting a Downloaded Object

Sample code:

static OBSClient *client;
NSString *endPoint = @"your-endpoint";
NSString *SK = @"*** Provide your Secret Key ***";
NSString *AK = @"*** Provide your Access Key ***";
    
// Initialize identity authentication.
OBSStaticCredentialProvider *credentialProvider = [[OBSStaticCredentialProvider alloc] initWithAccessKey:AK secretKey:SK];
    
//Initialize service configuration.
OBSServiceConfiguration *conf = [[OBSServiceConfiguration alloc] initWithURLString:endPoint credentialProvider:credentialProvider];
    
// Initialize an instance of OBSClient.
client = [[OBSClient alloc] initWithConfiguration:conf];
    
// Decrypt the downloaded object.
NSString * outfilePath = [NSTemporaryDirectory() stringByAppendingString:@"test.png"];
OBSGetObjectToFileRequest *request = [[OBSGetObjectToFileRequest alloc]initWithBucketName:@"bbucketname" objectKey:@"objectname" downloadFilePath:outfilePath];
    
// Enter the key and keyMD5 used for encrypting the object during the object upload.
request.encryption = [[OBSEncryptionTypeCustomer alloc]initWithAlgorithm:@"AES256" key:@"K7QkYpBkM5+hcs27fsNkUnNVaobncnLht/rCB2o/9Cw=" keyMD5:@"4XvB3tbNTN+tIEVa0/fGaQ=="];
request.downloadProgressBlock = ^(int64_t bytesWritten, int64_t totalBytesWritten, int64_t totalBytesExpectedToWrite) {
    NSLog(@"%0.1f%%",(float)floor(totalBytesWritten*10000/totalBytesExpectedToWrite)/100);
};
[client getObject:request completionHandler:^(OBSGetObjectResponse *response, NSError *error){
    NSLog(@"%@",response.etag);
}];

Parent topic: Server-Side Encryption

Last Article: Encryption Description

Next Article: Troubleshooting

Did this article solve your problem?

Thank you for your score！Your feedback would help us improve the website.

Products

Compute

Application

Dedicated Cloud

Storage

Management & Deployment

Migration

Network

Enterprise Intelligence

Video

Database

Edge Cloud Services

DevCloud

Security

Cloud Communications

Internet of Things

Solutions

Industry-Specific Solutions

General-Purpose Solutions

Security

DevOps

Enterprise Intelligence

Essential Platform

Big Data

Visual Cognition

Speech and Semantics

Support

Help Center

Customer Services

Developers

Console

语言 - Language

中国站 - 简体中文

中国站 - English

International - 简体中文

International - English

Help Center

Example of Encryption

Encrypting an Object to Be Uploaded

Decrypting a Downloaded Object