• Your recent searches
Amazon-S3
3 results

 view release on metacpan or  search on metacpan

ChangeLog  view on Meta::CPAN 

Thu Jul 20 07:47:36 2023  Rob Lauer  <rlauer6@comcast.net>

	[0.64 - get_location_constraint() ]:
	* VERSION: bump
	* NEWS.md: updated
	* src/main/perl/lib/Amazon/S3/Bucket.pm.in
	(get_location_constraint): content already decoded

Mon Apr 17 08:07:13 2023  Rob Lauer  <rlauer6@comcast.net>

	[0.63 - pass -key to Crypt::CBC]:
	* src/mai/perl/lib/Amazon/S3.pm.in
	(_decrypt): pass encryption key as -key and -pass

Fri Apr 14 08:29:32 2023  Rob Lauer  <rlauer6@comcast.net>

	[0.62 - list_bucket, buckets]:
	* VERSION: bump
	* NEWS.md: updated
	* README.md: generated
	* src/main/perl/lib/Amazon/S3.pm.in

ChangeLog  view on Meta::CPAN 

	* NEWS.md: updated
	* README-TESTING.md: more documentation
	* Makefile.am: rpm, not rpmbuild directory
	* src/main/perl/Makefile.am: comments re: testing
	* src/main/perl/t/04-list-buckets.t
	- enable debug mode if $ENV{DEBUG}
	- dump response if error
	* src/main/perl/lib/Amazon/S3.pm.in
	- pod tweaks
	(new)
	- set -key and -pass  for legacy Crypt::CBC
	(buckets): avoid return explicit undef
	(list_bucket)
	- remove undefined hash members from input
	(_make_request)
	- use URI to set path, host, port if domain bucket ame
	* src/main/perl/lib/Amazon/S3/Bucket.pm.in
	(last_response): typo, should be last_response(), not last_reponse()
	(_uri): minor refactoring for clarity
	(add_key): likewise, return a return code
	(_add_key): minor refactoring

README.md  view on Meta::CPAN 

    credentials in plaintext is also going to expose your credentials when
    someone dumps the class._

- 3. Pass credentials, set `cache_signer` to a false value.

    Unfortunately, while this will prevent [Net::Amazon::Signature::V4](https://metacpan.org/pod/Net%3A%3AAmazon%3A%3ASignature%3A%3AV4)
    from hanging on to your credentials, you credentials will be stored in
    the `Amazon::S3` object.

    Starting with version 0.55 of this module, if you have installed
    [Crypt::CBC](https://metacpan.org/pod/Crypt%3A%3ACBC) and [Crypt::Blowfish](https://metacpan.org/pod/Crypt%3A%3ABlowfish), your credentials will be
    encrypted using a random key created when the class is
    instantiated. While this is more secure than leaving them in
    plaintext, if the key is discovered (the key however is not stored in
    the object's hash) and the object is dumped, your _encrypted_
    credentials can be exposed.

- 4. Use very granular credentials for bucket access only.

    Use credentials that only allow access to a bucket or portions of a
    bucket required for your application. This will at least limit the

lib/Amazon/S3.pm  view on Meta::CPAN 

  sub _encrypt {
########################################################################
    my ($text) = @_;

    return $text if !$text;

    if ( !defined $encryption_key ) {
      $encryption_key = eval {
        if ( !defined $encryption_key ) {
          require Crypt::Blowfish;
          require Crypt::CBC;

          return md5_hex( rand $PID );
        }
      };

      return $text if $EVAL_ERROR;
    }

    return $text if !$encryption_key;

    my $cipher = Crypt::CBC->new(
      -pass        => $encryption_key,
      -key         => $encryption_key,
      -cipher      => 'Crypt::Blowfish',
      -nodeprecate => $TRUE,
    );

    return $cipher->encrypt($text);
  }

########################################################################
  sub _decrypt {
########################################################################
    my ($secret) = @_;

    return $secret
      if !$secret || !$encryption_key;

    my $cipher = Crypt::CBC->new(
      -pass   => $encryption_key,
      -key    => $encryption_key,
      -cipher => 'Crypt::Blowfish',
    );

    return $cipher->decrypt($secret);
  }

}

lib/Amazon/S3.pm  view on Meta::CPAN 

credentials in plaintext is also going to expose your credentials when
someone dumps the class.>

=item 3. Pass credentials, set C<cache_signer> to a false value.

Unfortunately, while this will prevent L<Net::Amazon::Signature::V4>
from hanging on to your credentials, you credentials will be stored in
the C<Amazon::S3> object.

Starting with version 0.55 of this module, if you have installed
L<Crypt::CBC> and L<Crypt::Blowfish>, your credentials will be
encrypted using a random key created when the class is
instantiated. While this is more secure than leaving them in
plaintext, if the key is discovered (the key however is not stored in
the object's hash) and the object is dumped, your I<encrypted>
credentials can be exposed.

=item 4. Use very granular credentials for bucket access only.

Use credentials that only allow access to a bucket or portions of a
bucket required for your application. This will at least limit the



( run in 0.788 second using v1.01-cache-2.11-cpan-df04353d9ac )