UnsealObjectKey - Code Search

internal/crypto/sse.go

		return
	}
	return unsealObjectKey(clientKey[:], metadata, bucket, object)
}

// unsealObjectKey decrypts and returns the sealed object key
// from the metadata using the SSE-C client key.
func unsealObjectKey(clientKey []byte, metadata map[string]string, bucket, object string) (key ObjectKey, err error) {
	sealedKey, err := SSEC.ParseMetadata(metadata)
	if err != nil {
		return
	}

Registered: Sun Nov 03 19:28:11 UTC 2024

- Last Modified: Tue Aug 30 15:26:43 UTC 2022

- 4.4K bytes

- Viewed (0)

github.com/minio/minio

internal/crypto/sse-c.go

		return key, ErrCustomerKeyMD5Mismatch
	}
	copy(key[:], clientKey)
	return key, nil
}

// UnsealObjectKey extracts and decrypts the sealed object key
// from the metadata using the SSE-C client key of the HTTP headers
// and returns the decrypted object key.
func (s3 ssec) UnsealObjectKey(h http.Header, metadata map[string]string, bucket, object string) (key ObjectKey, err error) {
	clientKey, err := s3.ParseHTTP(h)

Registered: Sun Nov 03 19:28:11 UTC 2024

- Last Modified: Thu Jan 18 07:03:17 UTC 2024

- 5.2K bytes

- Viewed (0)

github.com/minio/minio

internal/crypto/sse-s3.go

	if _, ok := metadata[MetaSealedKeyS3]; ok {
		return true
	}
	return false
}

// UnsealObjectKey extracts and decrypts the sealed object key
// from the metadata using KMS and returns the decrypted object
// key.
func (s3 sses3) UnsealObjectKey(k *kms.KMS, metadata map[string]string, bucket, object string) (key ObjectKey, err error) {
	if k == nil {
		return key, Errorf("KMS not configured")

Registered: Sun Nov 03 19:28:11 UTC 2024

- Last Modified: Tue May 07 23:55:37 UTC 2024

- 7.6K bytes

- Viewed (0)

github.com/minio/minio

internal/crypto/sse_test.go

		},
		ExpectedErr: ErrMissingCustomerKeyMD5,
	},
}

func TestSSECUnsealObjectKey(t *testing.T) {
	for i, test := range ssecUnsealObjectKeyTests {
		if _, err := SSEC.UnsealObjectKey(test.Headers, test.Metadata, test.Bucket, test.Object); err != test.ExpectedErr {
			t.Errorf("Test %d: got: %v - want: %v", i, err, test.ExpectedErr)
		}
	}
}

var sseCopyUnsealObjectKeyTests = []struct {

Registered: Sun Nov 03 19:28:11 UTC 2024

- Last Modified: Tue Jun 01 21:59:40 UTC 2021

- 8.4K bytes

- Viewed (0)

github.com/minio/minio

internal/crypto/sse-kms.go

	if _, ok := metadata[MetaSealedKeyKMS]; ok {
		return true
	}
	return false
}

// UnsealObjectKey extracts and decrypts the sealed object key
// from the metadata using KMS and returns the decrypted object
// key.
func (s3 ssekms) UnsealObjectKey(k *kms.KMS, metadata map[string]string, bucket, object string) (key ObjectKey, err error) {
	if k == nil {
		return key, Errorf("KMS not configured")

Registered: Sun Nov 03 19:28:11 UTC 2024

- Last Modified: Tue May 07 23:55:37 UTC 2024

- 8.5K bytes

- Viewed (0)

github.com/minio/minio

cmd/encryption-v1.go

			return nil, errKMSNotConfigured
		}
		objectKey, err := crypto.S3.UnsealObjectKey(GlobalKMS, metadata, bucket, object)
		if err != nil {
			return nil, err
		}
		return objectKey[:], nil
	case crypto.S3KMS:
		if GlobalKMS == nil {
			return nil, errKMSNotConfigured
		}
		objectKey, err := crypto.S3KMS.UnsealObjectKey(GlobalKMS, metadata, bucket, object)
		if err != nil {
			return nil, err
		}

Registered: Sun Nov 03 19:28:11 UTC 2024

- Last Modified: Sun Oct 13 13:06:08 UTC 2024

- 37.2K bytes

- Viewed (0)

github.com/minio/minio

cmd/object-handlers.go

			w.Header().Set(xhttp.AmzServerSideEncryptionKmsContext, kmsCtx)
		}
	case crypto.SSEC:
		// Validate the SSE-C Key set in the header.
		if _, err = crypto.SSEC.UnsealObjectKey(r.Header, objInfo.UserDefined, bucket, object); err != nil {
			writeErrorResponse(ctx, w, toAPIError(ctx, err), r.URL)
			return
		}

Registered: Sun Nov 03 19:28:11 UTC 2024

- Last Modified: Sat Oct 05 05:16:15 UTC 2024

- 117.4K bytes

- Viewed (0)

Search Options

internal/crypto/sse.go

internal/crypto/sse-c.go

internal/crypto/sse-s3.go

internal/crypto/sse_test.go

internal/crypto/sse-kms.go

cmd/encryption-v1.go

cmd/object-handlers.go