SSEC - Code Search

docs/site-replication/run-ssec-object-replication.sh

	exit_1
fi

repcount4=$(./mc ls minio2/test-bucket/custpartsize --insecure | wc -l)
if [ "${repcount4}" -ne 1 ]; then
	echo "BUG: object test-bucket/custpartsize not replicated"
	exit_1
fi

# Stat the SSEC objects from source site
echo "Stat minio1/test-bucket/encrypted"
./mc stat --no-list minio1/test-bucket/encrypted --enc-c "minio1/test-bucket/encrypted=${TEST_MINIO_ENC_KEY}" --insecure --json

Created: Sun Dec 28 19:28:13 GMT 2025

- Last Modified: Tue Sep 24 08:03:58 GMT 2024

- 9.9K bytes

- Click Count (0)

github.com/minio/minio

internal/crypto/sse-c.go

	"github.com/minio/minio/internal/logger"
)

type ssec struct{}

var (
	// SSEC represents AWS SSE-C. It provides functionality to handle
	// SSE-C requests.
	SSEC = ssec{}

	_ Type = SSEC
)

// String returns the SSE domain as string. For SSE-C the
// domain is "SSE-C".
func (ssec) String() string { return "SSE-C" }

// IsRequested returns true if the HTTP headers contains

Created: Sun Dec 28 19:28:13 GMT 2025

- Last Modified: Sun Sep 28 20:59:21 GMT 2025

- 5.2K bytes

- Click Count (0)

github.com/minio/minio

internal/bucket/encryption/bucket-sse-config_test.go

				t.Errorf("Test case %d: Expected %s but got %s", i+1, tc.expectedErr, err)
			}
			continue
		}

		if tc.keyID != "" && tc.keyID != ssec.KeyID() {
			t.Errorf("Test case %d: Expected bucket encryption KeyID %s but got %s", i+1, tc.keyID, ssec.KeyID())
		}

		if expectedXML, err := xml.Marshal(tc.expectedConfig); err != nil || !bytes.Equal(expectedXML, []byte(tc.inputXML)) {

Created: Sun Dec 28 19:28:13 GMT 2025

- Last Modified: Tue Aug 16 18:28:30 GMT 2022

- 6.1K bytes

- Click Count (0)

github.com/minio/minio

cmd/object-multipart-handlers.go

	var objectEncryptionKey crypto.ObjectKey
	if isEncrypted {
		if !crypto.SSEC.IsRequested(r.Header) && crypto.SSEC.IsEncrypted(mi.UserDefined) {
			writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrSSEMultipartEncrypted), r.URL)
			return
		}
		if crypto.S3.IsEncrypted(mi.UserDefined) && crypto.SSEC.IsRequested(r.Header) {
			writeErrorResponse(ctx, w, errorCodes.ToAPIErr(ErrSSEMultipartEncrypted), r.URL)

Created: Sun Dec 28 19:28:13 GMT 2025

- Last Modified: Sun Sep 07 16:13:09 GMT 2025

- 39.5K bytes

- Click Count (1)

github.com/minio/minio

internal/crypto/metadata.go

func IsEncrypted(metadata map[string]string) (Type, bool) {
	if S3KMS.IsEncrypted(metadata) {
		return S3KMS, true
	}
	if S3.IsEncrypted(metadata) {
		return S3, true
	}
	if SSEC.IsEncrypted(metadata) {
		return SSEC, true
	}
	if IsMultiPart(metadata) {
		return nil, true
	}
	if _, ok := metadata[MetaIV]; ok {
		return nil, true
	}
	if _, ok := metadata[MetaAlgorithm]; ok {
		return nil, true

Created: Sun Dec 28 19:28:13 GMT 2025

- Last Modified: Mon Jun 10 17:40:33 GMT 2024

- 6.4K bytes

- Click Count (0)

github.com/minio/minio

internal/crypto/metadata_test.go

func TestSSECCreateMetadata(t *testing.T) {
	defer func(l bool) { logger.DisableLog = l }(logger.DisableLog)
	logger.DisableLog = true
	for i, test := range ssecCreateMetadataTests {
		metadata := SSEC.CreateMetadata(nil, test.SealedKey)
		sealedKey, err := SSEC.ParseMetadata(metadata)
		if err != nil {
			t.Errorf("Test %d: failed to parse metadata: %v", i, err)
			continue
		}
		if sealedKey.Algorithm != test.SealedKey.Algorithm {

Created: Sun Dec 28 19:28:13 GMT 2025

- Last Modified: Fri Jul 12 20:51:54 GMT 2024

- 18.7K bytes

- Click Count (0)

github.com/minio/minio

internal/crypto/sse_test.go

	if domain := S3.String(); domain != Domain {
		t.Errorf("S3's string method returns wrong domain: got '%s' - want '%s'", domain, Domain)
	}
}

func TestSSECString(t *testing.T) {
	const Domain = "SSE-C"
	if domain := SSEC.String(); domain != Domain {
		t.Errorf("SSEC's string method returns wrong domain: got '%s' - want '%s'", domain, Domain)
	}
}

var ssecUnsealObjectKeyTests = []struct {
	Headers        http.Header

Created: Sun Dec 28 19:28:13 GMT 2025

- Last Modified: Tue Jun 01 21:59:40 GMT 2021

- 8.4K bytes

- Click Count (0)

github.com/minio/minio

internal/crypto/header_test.go

		_, got := IsRequested(test.Header)
		if Requested(test.Header) != got {
			// Test if result matches.
			t.Errorf("Requested mismatch, want %v, got %v", Requested(test.Header), got)
		}
		got = got && SSEC.IsRequested(test.Header)
		if got != test.Expected {
			t.Errorf("SSE-C: Test %d: Wanted %v but got %v", i, test.Expected, got)
		}
	}
}

var kmsIsRequestedTests = []struct {
	Header   http.Header

Created: Sun Dec 28 19:28:13 GMT 2025

- Last Modified: Wed Jul 13 14:52:15 GMT 2022

- 21.4K bytes

- Click Count (0)

github.com/minio/minio

cmd/bucket-replication.go

		Dsc:                  dsc,
		TargetStatuses:       tgtStatuses,
		TargetPurgeStatuses:  purgeStatuses,
		ReplicationTimestamp: tm,
		SSEC:                 crypto.SSEC.IsEncrypted(oi.UserDefined),
		UserTags:             oi.UserTags,
	}
	if ri.SSEC {
		ri.Checksum = oi.Checksum
	}
	if dsc.Synchronous() {
		replicateObject(ctx, ri, o)
	} else {

Created: Sun Dec 28 19:28:13 GMT 2025

- Last Modified: Sun Sep 28 20:59:21 GMT 2025

- 118.2K bytes

- Click Count (0)

github.com/minio/minio

cmd/object-handlers.go

	sseCopyC := crypto.SSEC.IsEncrypted(srcInfo.UserDefined) && crypto.SSECopy.IsRequested(r.Header)
	sseC := crypto.SSEC.IsRequested(r.Header)
	sseS3 := crypto.S3.IsRequested(r.Header)
	sseKMS := crypto.S3KMS.IsRequested(r.Header)

	isSourceEncrypted := sseCopyC || sseCopyS3 || sseCopyKMS
	isTargetEncrypted := sseC || sseS3 || sseKMS

	if sseC {
		newKey, err = ParseSSECustomerRequest(r)

Created: Sun Dec 28 19:28:13 GMT 2025

- Last Modified: Sun Sep 28 20:59:21 GMT 2025

- 120.6K bytes

- Click Count (0)

Search Options