diff options
| author | Chris Lu <chrislusf@users.noreply.github.com> | 2025-08-19 08:19:30 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-08-19 08:19:30 -0700 |
| commit | 2714b70955750090edfa6097bf53b6d50c241d07 (patch) | |
| tree | b2fc20d4a56704d7f3d13753fc21512e3315c87f /weed/s3api/s3err/s3api_errors.go | |
| parent | 6e56cac9e52e18a5f20ea48e0d15384f955b4275 (diff) | |
| download | seaweedfs-2714b70955750090edfa6097bf53b6d50c241d07.tar.xz seaweedfs-2714b70955750090edfa6097bf53b6d50c241d07.zip | |
S3 API: Add SSE-C (#7143)
* implement sse-c
* fix Content-Range
* adding tests
* Update s3_sse_c_test.go
* copy sse-c objects
* adding tests
* refactor
* multi reader
* remove extra write header call
* refactor
* SSE-C encrypted objects do not support HTTP Range requests
* robust
* fix server starts
* Update Makefile
* Update Makefile
* ci: remove SSE-C integration tests and workflows; delete test/s3/encryption/
* s3: SSE-C MD5 must be base64 (case-sensitive); fix validation, comparisons, metadata storage; update tests
* minor
* base64
* Update SSE-C_IMPLEMENTATION.md
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
* Update weed/s3api/s3api_object_handlers.go
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
* Update SSE-C_IMPLEMENTATION.md
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
* address comments
* fix test
* fix compilation
---------
Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Diffstat (limited to 'weed/s3api/s3err/s3api_errors.go')
| -rw-r--r-- | weed/s3api/s3err/s3api_errors.go | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/weed/s3api/s3err/s3api_errors.go b/weed/s3api/s3err/s3api_errors.go index 4bb63d67f..6833a498a 100644 --- a/weed/s3api/s3err/s3api_errors.go +++ b/weed/s3api/s3err/s3api_errors.go @@ -116,6 +116,13 @@ const ( ErrInvalidRetentionPeriod ErrObjectLockConfigurationNotFoundError ErrInvalidUnorderedWithDelimiter + + // SSE-C related errors + ErrInvalidEncryptionAlgorithm + ErrInvalidEncryptionKey + ErrSSECustomerKeyMD5Mismatch + ErrSSECustomerKeyMissing + ErrSSECustomerKeyNotNeeded ) // Error message constants for checksum validation @@ -471,6 +478,33 @@ var errorCodeResponse = map[ErrorCode]APIError{ Description: "Unordered listing cannot be used with delimiter", HTTPStatusCode: http.StatusBadRequest, }, + + // SSE-C related error mappings + ErrInvalidEncryptionAlgorithm: { + Code: "InvalidEncryptionAlgorithmError", + Description: "The encryption algorithm specified is not valid.", + HTTPStatusCode: http.StatusBadRequest, + }, + ErrInvalidEncryptionKey: { + Code: "InvalidArgument", + Description: "Invalid encryption key. Encryption key must be 256-bit AES256.", + HTTPStatusCode: http.StatusBadRequest, + }, + ErrSSECustomerKeyMD5Mismatch: { + Code: "InvalidArgument", + Description: "The provided customer encryption key MD5 does not match the key.", + HTTPStatusCode: http.StatusBadRequest, + }, + ErrSSECustomerKeyMissing: { + Code: "InvalidArgument", + Description: "Requests specifying Server Side Encryption with Customer provided keys must provide the customer key.", + HTTPStatusCode: http.StatusBadRequest, + }, + ErrSSECustomerKeyNotNeeded: { + Code: "InvalidArgument", + Description: "The object was not encrypted with customer provided keys.", + HTTPStatusCode: http.StatusBadRequest, + }, } // GetAPIError provides API Error for input API error code. |