11 changed files with 40 additions and 68 deletions
--- a/api/handler/attributes.go
+++ b/api/handler/attributes.go
@ -73,7 +73,7 @@ func (h *handler) GetObjectAttributesHandler(w http.ResponseWriter, r *http.Requ
 	ctx := r.Context()
 	reqInfo := middleware.GetReqInfo(ctx)

-	params, err := parseGetObjectAttributeArgs(r, h.reqLogger(ctx))
+	params, err := parseGetObjectAttributeArgs(r)
 	if err != nil {
 		h.logAndSendError(ctx, w, "invalid request", reqInfo, err)
 		return
@ -145,7 +145,7 @@ func writeAttributesHeaders(h http.Header, info *data.ExtendedObjectInfo, isBuck
 	// x-amz-request-charged
 }

-func parseGetObjectAttributeArgs(r *http.Request, log *zap.Logger) (*GetObjectAttributesArgs, error) {
+func parseGetObjectAttributeArgs(r *http.Request) (*GetObjectAttributesArgs, error) {
 	res := &GetObjectAttributesArgs{
 		VersionID: r.URL.Query().Get(api.QueryVersionID),
 	}
@ -178,8 +178,8 @@ func parseGetObjectAttributeArgs(r *http.Request, log *zap.Logger) (*GetObjectAt
 		}
 	}

-	res.Conditional = parseConditionalHeaders(r.Header, log)
-	return res, nil
+	res.Conditional, err = parseConditionalHeaders(r.Header)
+	return res, err
 }

 func encodeToObjectAttributesResponse(info *data.ObjectInfo, p *GetObjectAttributesArgs, md5Enabled bool) (*GetObjectAttributesResponse, error) {
--- a/api/handler/encryption_test.go
+++ b/api/handler/encryption_test.go
@ -46,10 +46,6 @@ func TestSimpleGetEncrypted(t *testing.T) {

 	response, _ := getEncryptedObject(tc, bktName, objName)
 	require.Equal(t, content, string(response))
-
-	result := listVersions(t, tc, bktName)
-	require.Len(t, result.Version, 1)
-	require.Equal(t, uint64(len(content)), result.Version[0].Size)
 }

 func TestMD5HeaderBadOrEmpty(t *testing.T) {
@ -373,10 +369,6 @@ func TestMultipartEncrypted(t *testing.T) {

 	part2Range := getEncryptedObjectRange(t, hc, bktName, objName, len(part1), len(part1)+len(part2)-1)
 	require.Equal(t, part2[0:], part2Range)
-
-	result := listVersions(t, hc, bktName)
-	require.Len(t, result.Version, 1)
-	require.EqualValues(t, uint64(partSize+5), result.Version[0].Size)
 }

 func putEncryptedObject(t *testing.T, tc *handlerContext, bktName, objName, content string) {
--- a/api/handler/get.go
+++ b/api/handler/get.go
@ -13,7 +13,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
 	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
 	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/middleware"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/logs"
 	"go.uber.org/zap"
 )

@ -155,7 +154,11 @@ func (h *handler) GetObjectHandler(w http.ResponseWriter, r *http.Request) {
 		reqInfo = middleware.GetReqInfo(ctx)
 	)

-	conditional := parseConditionalHeaders(r.Header, h.reqLogger(ctx))
+	conditional, err := parseConditionalHeaders(r.Header)
+	if err != nil {
+		h.logAndSendError(ctx, w, "could not parse request params", reqInfo, err)
+		return
+	}

 	bktInfo, err := h.getBucketAndCheckOwner(r, reqInfo.BucketName)
 	if err != nil {
@ -287,24 +290,21 @@ func checkPreconditions(info *data.ObjectInfo, args *conditionalArgs, md5Enabled
 	return nil
 }

-func parseConditionalHeaders(headers http.Header, log *zap.Logger) *conditionalArgs {
+func parseConditionalHeaders(headers http.Header) (*conditionalArgs, error) {
+	var err error
 	args := &conditionalArgs{
 		IfMatch:     data.UnQuote(headers.Get(api.IfMatch)),
 		IfNoneMatch: data.UnQuote(headers.Get(api.IfNoneMatch)),
 	}

-	if httpTime, err := parseHTTPTime(headers.Get(api.IfModifiedSince)); err == nil {
-		args.IfModifiedSince = httpTime
-	} else {
-		log.Warn(logs.FailedToParseHTTPTime, zap.String(api.IfModifiedSince, headers.Get(api.IfModifiedSince)), zap.Error(err))
+	if args.IfModifiedSince, err = parseHTTPTime(headers.Get(api.IfModifiedSince)); err != nil {
+		return nil, err
 	}
-	if httpTime, err := parseHTTPTime(headers.Get(api.IfUnmodifiedSince)); err == nil {
-		args.IfUnmodifiedSince = httpTime
-	} else {
-		log.Warn(logs.FailedToParseHTTPTime, zap.String(api.IfUnmodifiedSince, headers.Get(api.IfUnmodifiedSince)), zap.Error(err))
+	if args.IfUnmodifiedSince, err = parseHTTPTime(headers.Get(api.IfUnmodifiedSince)); err != nil {
+		return nil, err
 	}

-	return args
+	return args, nil
 }

 func parseHTTPTime(data string) (*time.Time, error) {
--- a/api/handler/head.go
+++ b/api/handler/head.go
@ -36,7 +36,11 @@ func (h *handler) HeadObjectHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	conditional := parseConditionalHeaders(r.Header, h.reqLogger(ctx))
+	conditional, err := parseConditionalHeaders(r.Header)
+	if err != nil {
+		h.logAndSendError(ctx, w, "could not parse request params", reqInfo, err)
+		return
+	}

 	p := &layer.HeadObjectParams{
 		BktInfo:   bktInfo,
--- a/api/handler/head_test.go
+++ b/api/handler/head_test.go
@ -68,16 +68,6 @@ func TestConditionalHead(t *testing.T) {
 		api.IfModifiedSince: zeroTime.UTC().Format(http.TimeFormat),
 	}
 	headObject(t, tc, bktName, objName, headers, http.StatusNotModified)
-
-	headers = map[string]string{
-		api.IfUnmodifiedSince: zeroTime.UTC().Format(time.RFC3339), // invalid format, header is ignored
-	}
-	headObject(t, tc, bktName, objName, headers, http.StatusOK)
-
-	headers = map[string]string{
-		api.IfModifiedSince: objInfo.Created.Add(time.Minute).Format(time.RFC3339), // invalid format, header is ignored
-	}
-	headObject(t, tc, bktName, objName, headers, http.StatusOK)
 }

 func headObject(t *testing.T, tc *handlerContext, bktName, objName string, headers map[string]string, status int) {
--- a/api/handler/multipart_upload_test.go
+++ b/api/handler/multipart_upload_test.go
@ -382,10 +382,6 @@ func TestMultipartUploadSize(t *testing.T) {
 		attr := getObjectAttributes(hc, newBucket, newObjName, objectParts)
 		require.Equal(t, 1, attr.ObjectParts.PartsCount)
 		require.Equal(t, srcObjInfo.Headers[layer.AttributeDecryptedSize], strconv.Itoa(attr.ObjectParts.Parts[0].Size))
-
-		result := listVersions(t, hc, bktName)
-		require.Len(t, result.Version, 1)
-		require.EqualValues(t, objLen, result.Version[0].Size)
 	})
 }

--- a/api/handler/patch.go
+++ b/api/handler/patch.go
@ -12,7 +12,6 @@ import (
 	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/errors"
 	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/layer"
 	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/api/middleware"
-	"git.frostfs.info/TrueCloudLab/frostfs-s3-gw/internal/logs"
 	"go.uber.org/zap"
 )

@ -32,7 +31,11 @@ func (h *handler) PatchObjectHandler(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	conditional := parsePatchConditionalHeaders(r.Header, h.reqLogger(ctx))
+	conditional, err := parsePatchConditionalHeaders(r.Header)
+	if err != nil {
+		h.logAndSendError(ctx, w, "could not parse conditional headers", reqInfo, err)
+		return
+	}

 	bktInfo, err := h.getBucketAndCheckOwner(r, reqInfo.BucketName)
 	if err != nil {
@ -134,18 +137,17 @@ func (h *handler) PatchObjectHandler(w http.ResponseWriter, r *http.Request) {
 	}
 }

-func parsePatchConditionalHeaders(headers http.Header, log *zap.Logger) *conditionalArgs {
+func parsePatchConditionalHeaders(headers http.Header) (*conditionalArgs, error) {
+	var err error
 	args := &conditionalArgs{
 		IfMatch: data.UnQuote(headers.Get(api.IfMatch)),
 	}

-	if httpTime, err := parseHTTPTime(headers.Get(api.IfUnmodifiedSince)); err == nil {
-		args.IfUnmodifiedSince = httpTime
-	} else {
-		log.Warn(logs.FailedToParseHTTPTime, zap.String(api.IfUnmodifiedSince, headers.Get(api.IfUnmodifiedSince)), zap.Error(err))
+	if args.IfUnmodifiedSince, err = parseHTTPTime(headers.Get(api.IfUnmodifiedSince)); err != nil {
+		return nil, err
 	}

-	return args
+	return args, nil
 }

 func parsePatchByteRange(rangeStr string, objSize uint64) (*layer.RangeParams, error) {
--- a/api/handler/patch_test.go
+++ b/api/handler/patch_test.go
@ -60,13 +60,6 @@ func TestPatch(t *testing.T) {
 				api.IfMatch:           etag,
 			},
 		},
-		{
-			name: "If-Unmodified-Since invalid format, header is ignored",
-			rng:  "bytes 0-2/*",
-			headers: map[string]string{
-				api.IfUnmodifiedSince: created.Add(-24 * time.Hour).Format(time.RFC3339),
-			},
-		},
 		{
 			name: "invalid range syntax",
 			rng:  "bytes 0-2",
--- a/api/layer/multipart_upload.go
+++ b/api/layer/multipart_upload.go
@ -224,12 +224,8 @@ func (n *Layer) uploadPart(ctx context.Context, multipartInfo *data.MultipartInf
 	}

 	decSize := p.Size
-	md5Hash := md5.New()
 	if p.Info.Encryption.Enabled() {
-		rr := wrapReader(p.Reader, 64*1024, func(buf []byte) {
-			md5Hash.Write(buf)
-		})
-		r, encSize, err := encryptionReader(rr, p.Size, p.Info.Encryption.Key())
+		r, encSize, err := encryptionReader(p.Reader, p.Size, p.Info.Encryption.Key())
 		if err != nil {
 			return nil, fmt.Errorf("failed to create ecnrypted reader: %w", err)
 		}
@ -250,12 +246,7 @@ func (n *Layer) uploadPart(ctx context.Context, multipartInfo *data.MultipartInf
 		if err != nil {
 			return nil, apierr.GetAPIError(apierr.ErrInvalidDigest)
 		}
-
-		match := bytes.Equal(hashBytes, createdObj.MD5Sum)
-		if p.Info.Encryption.Enabled() {
-			match = bytes.Equal(hashBytes, md5Hash.Sum(nil))
-		}
-		if !match {
+		if hex.EncodeToString(hashBytes) != hex.EncodeToString(createdObj.MD5Sum) {
 			prm := frostfs.PrmObjectDelete{
 				Object:    createdObj.ID,
 				Container: bktInfo.CID,
@ -397,6 +388,7 @@ func (n *Layer) CompleteMultipartUpload(ctx context.Context, p *CompleteMultipar
 	}

 	var multipartObjetSize uint64
+	var encMultipartObjectSize uint64
 	parts := make([]*data.PartInfoExtended, 0, len(p.Parts))

 	var completedPartsHeader strings.Builder
@ -415,10 +407,11 @@ func (n *Layer) CompleteMultipartUpload(ctx context.Context, p *CompleteMultipar
 		multipartObjetSize += partInfo.Size // even if encryption is enabled size is actual (decrypted)

 		if encInfo.Enabled {
-			_, err := sio.EncryptedSize(partInfo.Size)
+			encPartSize, err := sio.EncryptedSize(partInfo.Size)
 			if err != nil {
 				return nil, nil, fmt.Errorf("compute encrypted size: %w", err)
 			}
+			encMultipartObjectSize += encPartSize
 		}

 		partInfoStr := partInfo.ToHeaderString()
@ -456,6 +449,7 @@ func (n *Layer) CompleteMultipartUpload(ctx context.Context, p *CompleteMultipar
 		initMetadata[AttributeHMACKey] = encInfo.HMACKey
 		initMetadata[AttributeHMACSalt] = encInfo.HMACSalt
 		initMetadata[AttributeDecryptedSize] = strconv.FormatUint(multipartObjetSize, 10)
+		multipartObjetSize = encMultipartObjectSize
 	}

 	partsData, err := json.Marshal(parts)
--- a/api/layer/object.go
+++ b/api/layer/object.go
@ -243,9 +243,11 @@ func (n *Layer) PutObject(ctx context.Context, p *PutObjectParams) (*data.Extend
 			return nil, fmt.Errorf("add encryption header: %w", err)
 		}

-		if r, _, err = encryptionReader(p.Reader, size, p.Encryption.Key()); err != nil {
+		var encSize uint64
+		if r, encSize, err = encryptionReader(p.Reader, size, p.Encryption.Key()); err != nil {
 			return nil, fmt.Errorf("create encrypter: %w", err)
 		}
+		p.Size = &encSize
 	}

 	if r != nil {
--- a/internal/logs/logs.go
+++ b/internal/logs/logs.go
@ -177,5 +177,4 @@ const (
 	MultinetConfigWontBeUpdated                          = "multinet config won't be updated"
 	MultinetDialSuccess                                  = "multinet dial successful"
 	MultinetDialFail                                     = "multinet dial failed"
-	FailedToParseHTTPTime                                = "failed to parse http time, header is ignored"
 )