Subscribe to PHP Freaks RSS

AWS Developer Blog: Using Client-Side Encryption for Amazon S3 in the AWS SDK for PHP

syndicated from www.phpdeveloper.org on November 10, 2017

On the AWS Developer blog they've posted a new tutorial showing you how to use client-side encryption in the AWS PHP SDK for interactions with the AWS S3 service.

The AWS SDK for PHP released an S3EncryptionClient in version 3.38.0. With client-side encryption, data is encrypted and decrypted directly in your environment. This means that this data is encrypted before it’s transferred to Amazon S3, and you don’t rely on an external service to handle encryption for you.

The AWS SDK for PHP implements envelope encryption and uses OpenSSL for its encrypting and decrypting. The implementation is interoperable with other SDKs that match its feature support. It’s also compatible with the SDK’s promise-based asynchronous workflow.

The tutorial then walks you through the setup of a new S3EncryptionClient instance and how to use the putObject method to push the file contents up to S3 automagically using the encryption. It also includes a code example of pulling the file contents down and decrypting the contents via a getObject call.