forked from TrueCloudLab/frostfs-s3-gw
[#595] Add SSE with customer key
Signed-off-by: Denis Kirillov <denis@nspcc.ru>
This commit is contained in:
Denis Kirillov
Kirillov Denis
parent
c0de8f41fc
commit
87c05eb514
22 changed files with 1248 additions and 70 deletions
|
|
@ -83,9 +83,10 @@ func objectInfoFromMeta(bkt *data.BucketInfo, meta *object.Object) *data.ObjectI
|
|||
objID, _ := meta.ID()
|
||||
payloadChecksum, _ := meta.PayloadChecksum()
|
||||
return &data.ObjectInfo{
|
||||
ID: objID,
|
||||
CID: bkt.CID,
|
||||
IsDir: false,
|
||||
ID: objID,
|
||||
CID: bkt.CID,
|
||||
IsDir: false,
|
||||
EncryptionInfo: formEncryptionInfo(headers),
|
||||
|
||||
Bucket: bkt.Name,
|
||||
Name: filenameFromObject(meta),
|
||||
|
|
@ -98,6 +99,28 @@ func objectInfoFromMeta(bkt *data.BucketInfo, meta *object.Object) *data.ObjectI
|
|||
}
|
||||
}
|
||||
|
||||
func formEncryptionInfo(headers map[string]string) data.EncryptionInfo {
|
||||
algorithm := headers[AttributeEncryptionAlgorithm]
|
||||
return data.EncryptionInfo{
|
||||
Enabled: len(algorithm) > 0,
|
||||
Algorithm: algorithm,
|
||||
HMACKey: headers[AttributeHMACKey],
|
||||
HMACSalt: headers[AttributeHMACSalt],
|
||||
}
|
||||
}
|
||||
|
||||
func addEncryptionHeaders(meta map[string]string, enc EncryptionParams) error {
|
||||
meta[AttributeEncryptionAlgorithm] = AESEncryptionAlgorithm
|
||||
hmacKey, hmacSalt, err := enc.HMAC()
|
||||
if err != nil {
|
||||
return fmt.Errorf("get hmac: %w", err)
|
||||
}
|
||||
meta[AttributeHMACKey] = hex.EncodeToString(hmacKey)
|
||||
meta[AttributeHMACSalt] = hex.EncodeToString(hmacSalt)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
// processObjectInfoName fixes name in objectInfo structure based on prefix and
|
||||
// delimiter from user request. If name does not contain prefix, nil value is
|
||||
// returned. If name should be modified, then function returns copy of objectInfo
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue