AWS SDK for Ruby
Developer Guide

Creating Public and Private Asymmetric Keys

The following example uses the PKey class to create a public and private keys. Use the public key to encrypt objects on the client before you upload them to an Amazon S3 bucket. Use the private key and pass phrase to decrypt objects on the client after you download them from an Amazon S3 bucket. The Encrypting an Amazon S3 Bucket Object with a Public Key and Decrypting an Amazon S3 Bucket Object with a Private Key examples use public and private keys, respectively.

Choose Copy to save the code locally.

Create the file create_rsa_keys.rb.

Add the required OpenSSL gem.

require 'openssl'

Get the pass phrase, which is used to seed and create the key, from the command line.

if ARGV.empty?() puts 'You must supply a pass phrase' exit 1 end pass_phrase = ARGV[0]

Create the RSA key pairs. Save the public key as public_key.pem and the private key as private_secure_key.pem.

key = OpenSSL::PKey::RSA.new 2048 # Files to store public and private keys public_key_file = 'public_key.pem' private_key_file = 'private_secure_key.pem' open public_key_file, 'w' do |io| io.write key.public_key.to_pem end cipher = OpenSSL::Cipher.new 'AES-128-CBC' key_secure = key.export cipher, pass_phrase open private_key_file, 'w' do |io| io.write key_secure end

Display the names of the key files and the pass phrase.

puts 'The public key is in ' + public_key_file puts 'The private key is in ' + private_key_file + ' using the pass phrase:' puts '"' + pass_phrase + '"'

See the complete example on GitHub.