chore: add net examples

.github/workflows/examples.yml

@@ -26,21 +26,21 @@ jobs:
           ref: fire-egg-dev
           path: all-examples/cpp/aws-sdk-cpp/
 
-      - name: Checkout .NET V2 code
+      - name: Checkout .NET V3 code
         uses: actions/checkout@v5
         with:
           token: ${{ secrets.PAT_FOR_DOTNET }}
           repository: aws/private-amazon-s3-encryption-client-dotnet-staging
-          ref: v3sdk-development 
-          path: test-server/net-v2-v3-server/s3ec-net-v2/
+          ref: rishav/key-commitment 
+          path: all-examples/net/v3/s3ec-v3-local
 
-      - name: Checkout .NET V3 code
+      - name: Checkout .NET V4 code
         uses: actions/checkout@v5
         with:
           token: ${{ secrets.PAT_FOR_DOTNET }}
           repository: aws/private-amazon-s3-encryption-client-dotnet-staging
-          ref: s3ec-v3
-          path: test-server/net-v2-v3-server/s3ec-net-v3
+          ref: s3ec-v4-WIP
+          path: all-examples/net/v4/s3ec-v4-local
 
       - name: Set up Python
         uses: actions/setup-python@v5

.gitmodules

@@ -56,3 +56,11 @@
 	path = test-server/net-v3-transition-server/s3ec-v3-transition-branch
 	url = https://github.com/aws/private-amazon-s3-encryption-client-dotnet-staging.git
 	branch = rishav/key-commitment
+[submodule "all-examples/net/v4/s3ec-v4-local"]
+	path = all-examples/net/v4/s3ec-v4-local
+	url = https://github.com/aws/private-amazon-s3-encryption-client-dotnet-staging.git
+	branch = s3ec-v4-WIP
+[submodule "all-examples/net/v3/s3ec-v3-local"]
+	path = all-examples/net/v3/s3ec-v3-local
+	url = https://github.com/aws/private-amazon-s3-encryption-client-dotnet-staging.git
+	branch = rishav/key-commitment

all-examples/README.md

@@ -9,7 +9,7 @@ Each language has subdirectories for different major versions of the S3 Encrypti
 - `cpp/` - C++ examples
   - `v2/` - S3EC C++ v2 example (transitional)
   - `v3/` - S3EC C++ v3 example (improved)
-- `dotnet/` - .NET examples
+- `net/` - .NET examples
   - `v3/` - S3EC .NET v3 example (transitional)
   - `v4/` - S3EC .NET v4 example (improved)
 - `go/` - Go examples

all-examples/net/.gitignore

@@ -0,0 +1,19 @@
+# Build results
+bin/
+obj/
+
+# User-specific files
+*.user
+*.suo
+*.userosscache
+*.sln.docstates
+
+# Visual Studio
+.vs/
+
+# Rider
+.idea/
+
+# NuGet packages
+packages/
+*.nupkg

all-examples/net/v3/Makefile

@@ -0,0 +1,66 @@
+# Makefile for S3 Encryption Client .NET v3 Example
+
+# Default target
+.PHONY: all install clean run help
+
+# Default arguments for running the example
+# Override these when calling make run
+BUCKET_NAME ?= avp-21638
+OBJECT_KEY ?= s3ec-dotnet-v3
+KMS_KEY_ID ?= arn:aws:kms:us-east-2:648638458147:key/a47079da-17e4-45a5-b82e-2bac101cad01
+AWS_REGION ?= us-east-2
+
+all: install
+
+# Install dependencies using .NET modules
+install:
+	@echo "[NET V3] Installing .NET dependencies..."
+	dotnet restore
+	@echo "[NET V3] Dependencies installed successfully!"
+
+# Clean .NET artifacts
+clean:
+	@echo "[NET V3] Cleaning .NET artifacts..."
+	dotnet clean
+	@echo "[NET V3] Clean completed!"
+
+# Run the example with default arguments
+run: install
+	@echo "[NET V3] Running S3 Encryption Client v3 .NET example..."
+	@echo "[NET V3] Bucket: $(BUCKET_NAME)"
+	@echo "[NET V3] Object Key: $(OBJECT_KEY)"
+	@echo "[NET V3] KMS Key ID: $(KMS_KEY_ID)"
+	@echo "[NET V3] Region: $(AWS_REGION)"
+	@echo ""
+	@dotnet run -- $(BUCKET_NAME) $(OBJECT_KEY) $(KMS_KEY_ID) $(AWS_REGION)
+
+# Run with custom arguments
+# Usage: make run-custom BUCKET_NAME=my-bucket OBJECT_KEY=my-key KMS_KEY_ID=my-kms-key AWS_REGION=my-region
+run-custom: install
+	@dotnet run -- $(BUCKET_NAME) $(OBJECT_KEY) $(KMS_KEY_ID) $(AWS_REGION)
+
+# Show help
+help:
+	@echo "S3 Encryption Client .NET v3 Example Makefile"
+	@echo ""
+	@echo "Available targets:"
+	@echo "  install    - Install .NET dependencies using .NET modules"
+	@echo "  run        - Install dependencies and run the example with default parameters"
+	@echo "  run-custom - Install dependencies and run with custom parameters"
+	@echo "  clean      - Remove .NET artifacts"
+	@echo "  help       - Show this help message"
+	@echo ""
+	@echo "Default parameters:"
+	@echo "  BUCKET_NAME = $(BUCKET_NAME)"
+	@echo "  OBJECT_KEY  = $(OBJECT_KEY)"
+	@echo "  KMS_KEY_ID  = $(KMS_KEY_ID)"
+	@echo "  AWS_REGION  = $(AWS_REGION)"
+	@echo ""
+	@echo "To run with custom parameters:"
+	@echo "  make run BUCKET_NAME=your-bucket OBJECT_KEY=your-key KMS_KEY_ID=your-kms-key AWS_REGION=your-region"
+	@echo ""
+	@echo "Prerequisites:"
+	@echo "  - Supported .NET framework installed on the system. See https://www.nuget.org/packages/Amazon.Extensions.S3.Encryption for supported one."
+	@echo "  - AWS credentials configured (AWS CLI, environment variables, or IAM role)"
+	@echo "  - Valid S3 bucket and KMS key with appropriate permissions"
+	@echo "  - S3 Encryption Client v3 .NET SDK (included in s3ec-v3-local)"

all-examples/net/v3/Program.cs

@@ -0,0 +1,76 @@
+using Amazon;
+using Amazon.Extensions.S3.Encryption;
+using Amazon.Extensions.S3.Encryption.Primitives;
+using Amazon.S3;
+using Amazon.S3.Model;
+
+using Amazon.Extensions.S3.Encryption;
+using Amazon.Extensions.S3.Encryption.Primitives;
+using Amazon.S3;
+using Amazon.S3.Model;
+
+namespace S3EncryptionClientV3Example
+{
+    class Program
+    {
+        static async Task Main(string[] args)
+        {
+            if (args.Length != 4)
+            {
+                Console.WriteLine("[NET V3] Usage: dotnet run <bucket-name> <object-key> <kms-key-id> <region>");
+                Environment.Exit(1);
+            }
+
+            var (bucketName, objectKey, kmsKeyId, region) = (args[0], args[1], args[2], args[3]);
+            var testData = "Hello, World! This is a test message for S3 encryption client v3 in .NET.";
+
+            Console.WriteLine("=== S3 Encryption Client v3 Example (.NET) ===");
+
+            try
+            {
+                var s3Client = CreateS3ECWithKms(kmsKeyId, region);
+
+                await s3Client.PutObjectAsync(new PutObjectRequest
+                {
+                    BucketName = bucketName,
+                    Key = objectKey,
+                    ContentBody = testData
+                });
+
+                var getResponse = await s3Client.GetObjectAsync(bucketName, objectKey);
+                using var reader = new StreamReader(getResponse.ResponseStream);
+                var decryptedData = await reader.ReadToEndAsync();
+
+                if (decryptedData != testData)
+                {
+                    Console.WriteLine("[NET V3] ERROR: Roundtrip failed - data mismatch");
+                    Environment.Exit(1);
+                }
+
+                Console.WriteLine("[NET V3] SUCCESS: Roundtrip encryption/decryption completed successfully!");
+            }
+            catch (Exception ex)
+            {
+                Console.WriteLine($"[NET V3] Error: {ex.Message}");
+                Environment.Exit(1);
+            }
+        }
+
+        private static AmazonS3Client CreateS3ECWithKms(string kmsKeyId, string region)
+        {
+            var encryptionContextPerClient = new Dictionary<string, string>
+            {
+                ["purpose"] = "example",
+                ["version"] = "v3",
+                ["language"] = "dotnet"
+            };
+
+            var encryptionMaterial = new EncryptionMaterialsV2(kmsKeyId, KmsType.KmsContext, encryptionContextPerClient);
+            var configuration = new AmazonS3CryptoConfigurationV2(SecurityProfile.V2, CommitmentPolicy.ForbidEncryptAllowDecrypt, ContentEncryptionAlgorithm.AesGcm)
+            {
+                RegionEndpoint = RegionEndpoint.GetBySystemName(region)
+            };
+            return new AmazonS3EncryptionClientV2(configuration, encryptionMaterial);
+        }
+    }
+}

all-examples/net/v3/v3.csproj

@@ -0,0 +1,19 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+    <EnableDefaultCompileItems>false</EnableDefaultCompileItems>
+  </PropertyGroup>
+
+  <ItemGroup>
+    <Compile Include="**/*.cs" Exclude="s3ec-v3-local/**/*.cs" />
+  </ItemGroup>
+
+  <ItemGroup>
+    <ProjectReference Include="s3ec-v3-local/src/Amazon.Extensions.S3.Encryption.csproj"/>
+  </ItemGroup>
+
+</Project>

all-examples/net/v4/Makefile

@@ -0,0 +1,66 @@
+# Makefile for S3 Encryption Client .NET v4 Example
+
+# Default target
+.PHONY: all install clean run help
+
+# Default arguments for running the example
+# Override these when calling make run
+BUCKET_NAME ?= avp-21638
+OBJECT_KEY ?= s3ec-dotnet-v4
+KMS_KEY_ID ?= arn:aws:kms:us-east-2:648638458147:key/a47079da-17e4-45a5-b82e-2bac101cad01
+AWS_REGION ?= us-east-2
+
+all: install
+
+# Install dependencies using .NET modules
+install:
+	@echo "[NET V4] Installing .NET dependencies..."
+	dotnet restore
+	@echo "[NET V4] Dependencies installed successfully!"
+
+# Clean .NET artifacts
+clean:
+	@echo "[NET V4] Cleaning .NET artifacts..."
+	dotnet clean
+	@echo "[NET V4] Clean completed!"
+
+# Run the example with default arguments
+run: install
+	@echo "[NET V4] Running S3 Encryption Client v4 .NET example..."
+	@echo "[NET V4] Bucket: $(BUCKET_NAME)"
+	@echo "[NET V4] Object Key: $(OBJECT_KEY)"
+	@echo "[NET V4] KMS Key ID: $(KMS_KEY_ID)"
+	@echo "[NET V4] Region: $(AWS_REGION)"
+	@echo ""
+	@dotnet run -- $(BUCKET_NAME) $(OBJECT_KEY) $(KMS_KEY_ID) $(AWS_REGION)
+
+# Run with custom arguments
+# Usage: make run-custom BUCKET_NAME=my-bucket OBJECT_KEY=my-key KMS_KEY_ID=my-kms-key AWS_REGION=my-region
+run-custom: install
+	@dotnet run -- $(BUCKET_NAME) $(OBJECT_KEY) $(KMS_KEY_ID) $(AWS_REGION)
+
+# Show help
+help:
+	@echo "S3 Encryption Client .NET v4 Example Makefile"
+	@echo ""
+	@echo "Available targets:"
+	@echo "  install    - Install .NET dependencies using .NET modules"
+	@echo "  run        - Install dependencies and run the example with default parameters"
+	@echo "  run-custom - Install dependencies and run with custom parameters"
+	@echo "  clean      - Remove .NET artifacts"
+	@echo "  help       - Show this help message"
+	@echo ""
+	@echo "Default parameters:"
+	@echo "  BUCKET_NAME = $(BUCKET_NAME)"
+	@echo "  OBJECT_KEY  = $(OBJECT_KEY)"
+	@echo "  KMS_KEY_ID  = $(KMS_KEY_ID)"
+	@echo "  AWS_REGION  = $(AWS_REGION)"
+	@echo ""
+	@echo "To run with custom parameters:"
+	@echo "  make run BUCKET_NAME=your-bucket OBJECT_KEY=your-key KMS_KEY_ID=your-kms-key AWS_REGION=your-region"
+	@echo ""
+	@echo "Prerequisites:"
+	@echo "  - Supported .NET framework installed on the system. See https://www.nuget.org/packages/Amazon.Extensions.S3.Encryption for supported one."
+	@echo "  - AWS credentials configured (AWS CLI, environment variables, or IAM role)"
+	@echo "  - Valid S3 bucket and KMS key with appropriate permissions"
+	@echo "  - S3 Encryption Client v4 .NET SDK (included in s3ec-v4-local)"

all-examples/net/v4/Program.cs

@@ -0,0 +1,76 @@
+using Amazon;
+using Amazon.Extensions.S3.Encryption;
+using Amazon.Extensions.S3.Encryption.Primitives;
+using Amazon.S3;
+using Amazon.S3.Model;
+
+using Amazon.Extensions.S3.Encryption;
+using Amazon.Extensions.S3.Encryption.Primitives;
+using Amazon.S3;
+using Amazon.S3.Model;
+
+namespace S3EncryptionClientV4Example
+{
+    class Program
+    {
+        static async Task Main(string[] args)
+        {
+            if (args.Length != 4)
+            {
+                Console.WriteLine("[NET V4] Usage: dotnet run <bucket-name> <object-key> <kms-key-id> <region>");
+                Environment.Exit(1);
+            }
+
+            var (bucketName, objectKey, kmsKeyId, region) = (args[0], args[1], args[2], args[3]);
+            var testData = "Hello, World! This is a test message for S3 encryption client v4 in .NET.";
+
+            Console.WriteLine("=== S3 Encryption Client v4 Example (.NET) ===");
+
+            try
+            {
+                var s3Client = CreateS3ECWithKms(kmsKeyId, region);
+
+                await s3Client.PutObjectAsync(new PutObjectRequest
+                {
+                    BucketName = bucketName,
+                    Key = objectKey,
+                    ContentBody = testData
+                });
+
+                var getResponse = await s3Client.GetObjectAsync(bucketName, objectKey);
+                using var reader = new StreamReader(getResponse.ResponseStream);
+                var decryptedData = await reader.ReadToEndAsync();
+
+                if (decryptedData != testData)
+                {
+                    Console.WriteLine("[NET V4] ERROR: Roundtrip failed - data mismatch");
+                    Environment.Exit(1);
+                }
+
+                Console.WriteLine("[NET V4] SUCCESS: Roundtrip encryption/decryption completed successfully!");
+            }
+            catch (Exception ex)
+            {
+                Console.WriteLine($"[NET V4] Error: {ex.Message}");
+                Environment.Exit(1);
+            }
+        }
+
+        private static AmazonS3Client CreateS3ECWithKms(string kmsKeyId, string region)
+        {
+            var encryptionContextPerClient = new Dictionary<string, string>
+            {
+                ["purpose"] = "example",
+                ["version"] = "v4",
+                ["language"] = "dotnet"
+            };
+
+            var encryptionMaterial = new EncryptionMaterialsV4(kmsKeyId, KmsType.KmsContext, encryptionContextPerClient);
+            var configuration = new AmazonS3CryptoConfigurationV4(SecurityProfile.V4, CommitmentPolicy.RequireEncryptRequireDecrypt, ContentEncryptionAlgorithm.AesGcmWithCommitment)
+            {
+                RegionEndpoint = RegionEndpoint.GetBySystemName(region)
+            };
+            return new AmazonS3EncryptionClientV4(configuration, encryptionMaterial);
+        }
+    }
+}