aws · ShubhamChaturvedi7 · Dec 11, 2025
diff --git a/all-examples/net/v2/Makefile b/all-examples/net/v2/Makefile
@@ -0,0 +1,66 @@
+# Makefile for S3 Encryption Client .NET v2 Example
+
+# Default target
+.PHONY: all install clean run help
+
+# Default arguments for running the example
+# Override these when calling make run
+BUCKET_NAME ?= avp-21638
+OBJECT_KEY ?= s3ec-dotnet-v2
+KMS_KEY_ID ?= arn:aws:kms:us-east-2:648638458147:key/a47079da-17e4-45a5-b82e-2bac101cad01
+AWS_REGION ?= us-east-2
+
+all: install
+
+# Install dependencies using .NET modules
+install:
+	@echo "[NET V2] Installing .NET dependencies..."
+	dotnet restore
+	@echo "[NET V2] Dependencies installed successfully!"
+
+# Clean .NET artifacts
+clean:
+	@echo "[NET V2] Cleaning .NET artifacts..."
+	dotnet clean
+	@echo "[NET V2] Clean completed!"
+
+# Run the example with default arguments
+run: install
+	@echo "[NET V2] Running S3 Encryption Client v2 .NET example..."
+	@echo "[NET V2] Bucket: $(BUCKET_NAME)"
+	@echo "[NET V2] Object Key: $(OBJECT_KEY)"
+	@echo "[NET V2] KMS Key ID: $(KMS_KEY_ID)"
+	@echo "[NET V2] Region: $(AWS_REGION)"
+	@echo ""
+	@dotnet run -- $(BUCKET_NAME) $(OBJECT_KEY) $(KMS_KEY_ID) $(AWS_REGION)
+
+# Run with custom arguments
+# Usage: make run-custom BUCKET_NAME=my-bucket OBJECT_KEY=my-key KMS_KEY_ID=my-kms-key AWS_REGION=my-region
+run-custom: install
+	@dotnet run -- $(BUCKET_NAME) $(OBJECT_KEY) $(KMS_KEY_ID) $(AWS_REGION)
+
+# Show help
+help:
+	@echo "S3 Encryption Client .NET v2 Example Makefile"
+	@echo ""
+	@echo "Available targets:"
+	@echo "  install    - Install .NET dependencies using .NET modules"
+	@echo "  run        - Install dependencies and run the example with default parameters"
+	@echo "  run-custom - Install dependencies and run with custom parameters"
+	@echo "  clean      - Remove .NET artifacts"
+	@echo "  help       - Show this help message"
+	@echo ""
+	@echo "Default parameters:"
+	@echo "  BUCKET_NAME = $(BUCKET_NAME)"
+	@echo "  OBJECT_KEY  = $(OBJECT_KEY)"
+	@echo "  KMS_KEY_ID  = $(KMS_KEY_ID)"
+	@echo "  AWS_REGION  = $(AWS_REGION)"
+	@echo ""
+	@echo "To run with custom parameters:"
+	@echo "  make run BUCKET_NAME=your-bucket OBJECT_KEY=your-key KMS_KEY_ID=your-kms-key AWS_REGION=your-region"
+	@echo ""
+	@echo "Prerequisites:"
+	@echo "  - Supported .NET framework installed on the system. See https://www.nuget.org/packages/Amazon.Extensions.S3.Encryption for supported one."
+	@echo "  - AWS credentials configured (AWS CLI, environment variables, or IAM role)"
+	@echo "  - Valid S3 bucket and KMS key with appropriate permissions"
+	@echo "  - S3 Encryption Client v2 .NET SDK (included in s3ec-v2-local)"
diff --git a/all-examples/net/v2/Program.cs b/all-examples/net/v2/Program.cs
@@ -0,0 +1,76 @@
+using Amazon;
+using Amazon.Extensions.S3.Encryption;
+using Amazon.Extensions.S3.Encryption.Primitives;
+using Amazon.S3;
+using Amazon.S3.Model;
+
+using Amazon.Extensions.S3.Encryption;
+using Amazon.Extensions.S3.Encryption.Primitives;
+using Amazon.S3;
+using Amazon.S3.Model;
+
+namespace S3EncryptionClientV2Example
+{
+    class Program
+    {
+        static async Task Main(string[] args)
+        {
+            if (args.Length != 4)
+            {
+                Console.WriteLine("[NET V2] Usage: dotnet run <bucket-name> <object-key> <kms-key-id> <region>");
+                Environment.Exit(1);
+            }
+
+            var (bucketName, objectKey, kmsKeyId, region) = (args[0], args[1], args[2], args[3]);
+            var testData = "Hello, World! This is a test message for S3 encryption client v2 in .NET.";
+
+            Console.WriteLine("=== S3 Encryption Client v2 Example (.NET) ===");
+
+            try
+            {
+                var s3Client = CreateS3ECWithKms(kmsKeyId, region);
+
+                await s3Client.PutObjectAsync(new PutObjectRequest
+                {
+                    BucketName = bucketName,
+                    Key = objectKey,
+                    ContentBody = testData
+                });
+
+                var getResponse = await s3Client.GetObjectAsync(bucketName, objectKey);
+                using var reader = new StreamReader(getResponse.ResponseStream);
+                var decryptedData = await reader.ReadToEndAsync();
+
+                if (decryptedData != testData)
+                {
+                    Console.WriteLine("[NET V2] ERROR: Roundtrip failed - data mismatch");
+                    Environment.Exit(1);
+                }
+
+                Console.WriteLine("[NET V2] SUCCESS: Roundtrip encryption/decryption completed successfully!");
+            }
+            catch (Exception ex)
+            {
+                Console.WriteLine($"[NET V2] Error: {ex.Message}");
+                Environment.Exit(1);
+            }
+        }
+
+        private static AmazonS3Client CreateS3ECWithKms(string kmsKeyId, string region)
+        {
+            var encryptionContextPerClient = new Dictionary<string, string>
+            {
+                ["purpose"] = "example",
+                ["version"] = "v2",
+                ["language"] = "dotnet"
+            };
+
+            var encryptionMaterial = new EncryptionMaterialsV2(kmsKeyId, KmsType.KmsContext, encryptionContextPerClient);
+            var configuration = new AmazonS3CryptoConfigurationV2(SecurityProfile.V2, CommitmentPolicy.ForbidEncryptAllowDecrypt, ContentEncryptionAlgorithm.AesGcm)
+            {
+                RegionEndpoint = RegionEndpoint.GetBySystemName(region)
+            };
+            return new AmazonS3EncryptionClientV2(configuration, encryptionMaterial);
+        }
+    }
+}
diff --git a/all-examples/net/v2/s3ec-v2-local b/all-examples/net/v2/s3ec-v2-local
@@ -0,0 +1 @@
+/Volumes/workplace/amazon-s3-encryption-client-python/test-server/net-v2-transition-server/s3ec-v2-transition-branch
diff --git a/all-examples/net/v2/v2.csproj b/all-examples/net/v2/v2.csproj
@@ -0,0 +1,19 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <EnableDefaultCompileItems>false</EnableDefaultCompileItems>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <Compile Include="**/*.cs" Exclude="s3ec-v2-local/**/*.cs" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="s3ec-v2-local/src/Amazon.Extensions.S3.Encryption.csproj"/>
+  </ItemGroup>
+
+</Project>
diff --git a/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java b/test-server/java-tests/src/it/java/software/amazon/encryption/s3/TestUtils.java
@@ -121,7 +121,7 @@ public class TestUtils {
 
     public static final Set<String> RAW_RSA_SUPPORTED =
       Set.of(JAVA_V3_CURRENT, JAVA_V3_TRANSITION, JAVA_V4
-        , NET_V2_CURRENT, NET_V3_CURRENT, NET_V3_TRANSITION, NET_V4
+        , NET_V2_CURRENT, NET_V2_TRANSITION, NET_V3_CURRENT, NET_V3_TRANSITION, NET_V4
         , RUBY_V2_TRANSITION, RUBY_V3
       );
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		/Volumes/workplace/amazon-s3-encryption-client-python/test-server/net-v2-transition-server/s3ec-v2-transition-branch