root
/
minio
mirror of https://github.com/minio/minio.git
1
0
Fork 0
Code Issues Actions 1 Packages Projects Releases Wiki Activity
minio/cmd/crypto/key.go

180 lines
6.3 KiB
Go
Raw Normal View History

update license change for MinIO Signed-off-by: Harshavardhana <harsha@minio.io>
2021-04-19 03:41:13 +08:00
// Copyright (c) 2015-2021 MinIO, Inc.
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
//
update license change for MinIO Signed-off-by: Harshavardhana <harsha@minio.io>
2021-04-19 03:41:13 +08:00
// This file is part of MinIO Object Storage stack
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
//
update license change for MinIO Signed-off-by: Harshavardhana <harsha@minio.io>
2021-04-19 03:41:13 +08:00
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
//
update license change for MinIO Signed-off-by: Harshavardhana <harsha@minio.io>
2021-04-19 03:41:13 +08:00
// This program is distributed in the hope that it will be useful
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
package crypto
import (
"bytes"
"context"
"crypto/hmac"
"crypto/rand"
use crypto/sha256 for FIPS 140-2 compliance (#11623) This commit replaces the usage of github.com/minio/sha256-simd with crypto/sha256 of the standard library in all non-performance critical paths. This is necessary for FIPS 140-2 compliance which requires that all crypto. primitives are implemented by a FIPS-validated module. Go can use the Google FIPS module. The boringcrypto branch of the Go standard library uses the BoringSSL FIPS module to implement crypto. primitives like AES or SHA256. We only keep github.com/minio/sha256-simd when computing the content-SHA256 of an object. Therefore, this commit relies on a build tag `fips`. When MinIO is compiled without the `fips` flag it will use github.com/minio/sha256-simd. When MinIO is compiled with the fips flag (go build --tags "fips") then MinIO uses crypto/sha256 to compute the content-SHA256.
2021-02-25 01:00:15 +08:00
"crypto/sha256"
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
"encoding/binary"
"errors"
"io"
crypto: update SSE-S3 and SSE-C key derivation (#6152) This commit updates the key derivation to reflect the latest change of crypto/doc.go. This includes handling the insecure legacy KDF. Since #6064 is fixed, the 3. test case for object key generation is enabled again.
2018-07-16 22:49:50 +08:00
"path"
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
"github.com/minio/minio/cmd/logger"
add new pkg/fips for FIPS 140-2 (#12051) This commit introduces a new package `pkg/fips` that bundles functionality to handle and configure cryptographic protocols in case of FIPS 140. If it is compiled with `--tags=fips` it assumes that a FIPS 140-2 cryptographic module is used to implement all FIPS compliant cryptographic primitives - like AES, SHA-256, ... In "FIPS mode" it excludes all non-FIPS compliant cryptographic primitives from the protocol parameters.
2021-04-14 23:29:56 +08:00
"github.com/minio/minio/pkg/fips"
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
"github.com/minio/sio"
)
// ObjectKey is a 256 bit secret key used to encrypt the object.
// It must never be stored in plaintext.
type ObjectKey [32]byte
// GenerateKey generates a unique ObjectKey from a 256 bit external key
crypto: add `GenerateIV` from random IV generation (#6215) This commit adds a `GenerateIV` function to simplify the generation of random IVs. It adds some unit tests for `GenerateIV` in key_test.go
2018-08-01 16:02:07 +08:00
// and a source of randomness. If random is nil the default PRNG of the
// system (crypto/rand) is used.
introduce new package pkg/kms (#12019) This commit introduces a new package `pkg/kms`. It contains basic types and functions to interact with various KMS implementations. This commit also moves KMS-related code from `cmd/crypto` to `pkg/kms`. Now, it is possible to implement a KMS-based config data encryption in the `pkg/config` package.
2021-04-15 23:47:33 +08:00
func GenerateKey(extKey []byte, random io.Reader) (key ObjectKey) {
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
if random == nil {
random = rand.Reader
}
kms: encrypt IAM/config data with the KMS (#12041) This commit changes the config/IAM encryption process. Instead of encrypting config data (users, policies etc.) with the root credentials MinIO now encrypts this data with a KMS - if configured. Therefore, this PR moves the MinIO-KMS configuration (via env. variables) to a "top-level" configuration. The KMS configuration cannot be stored in the config file since it is used to decrypt the config file in the first place. As a consequence, this commit also removes support for Hashicorp Vault - which has been deprecated anyway. Signed-off-by: Andreas Auernhammer <aead@mail.de>
2021-04-22 23:45:30 +08:00
if len(extKey) != 32 { // safety check
logger.CriticalIf(context.Background(), errors.New("crypto: invalid key length"))
}
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
var nonce [32]byte
if _, err := io.ReadFull(random, nonce[:]); err != nil {
crypto: add a basic KMS implementation (#6161) This commit adds a basic KMS implementation for an operator-specified SSE-S3 master key. The master key is wrapped as KMS such that using SSE-S3 with master key and SSE-S3 with KMS can use the same code. Bindings for a remote / true KMS (like hashicorp vault) will be added later on.
2018-07-18 13:40:34 +08:00
logger.CriticalIf(context.Background(), errOutOfEntropy)
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
}
sha := sha256.New()
introduce new package pkg/kms (#12019) This commit introduces a new package `pkg/kms`. It contains basic types and functions to interact with various KMS implementations. This commit also moves KMS-related code from `cmd/crypto` to `pkg/kms`. Now, it is possible to implement a KMS-based config data encryption in the `pkg/config` package.
2021-04-15 23:47:33 +08:00
sha.Write(extKey)
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
sha.Write(nonce[:])
sha.Sum(key[:0])
crypto: add a basic KMS implementation (#6161) This commit adds a basic KMS implementation for an operator-specified SSE-S3 master key. The master key is wrapped as KMS such that using SSE-S3 with master key and SSE-S3 with KMS can use the same code. Bindings for a remote / true KMS (like hashicorp vault) will be added later on.
2018-07-18 13:40:34 +08:00
return key
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
}
crypto: add `GenerateIV` from random IV generation (#6215) This commit adds a `GenerateIV` function to simplify the generation of random IVs. It adds some unit tests for `GenerateIV` in key_test.go
2018-08-01 16:02:07 +08:00
// GenerateIV generates a new random 256 bit IV from the provided source
// of randomness. If random is nil the default PRNG of the system
// (crypto/rand) is used.
func GenerateIV(random io.Reader) (iv [32]byte) {
if random == nil {
random = rand.Reader
}
if _, err := io.ReadFull(random, iv[:]); err != nil {
logger.CriticalIf(context.Background(), errOutOfEntropy)
}
return iv
}
crypto: update SSE-S3 and SSE-C key derivation (#6152) This commit updates the key derivation to reflect the latest change of crypto/doc.go. This includes handling the insecure legacy KDF. Since #6064 is fixed, the 3. test case for object key generation is enabled again.
2018-07-16 22:49:50 +08:00
// SealedKey represents a sealed object key. It can be stored
// at an untrusted location.
type SealedKey struct {
Key [64]byte // The encrypted and authenticted object-key.
IV [32]byte // The random IV used to encrypt the object-key.
Algorithm string // The sealing algorithm used to encrypt the object key.
}
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
// Seal encrypts the ObjectKey using the 256 bit external key and IV. The sealed
crypto: update SSE-S3 and SSE-C key derivation (#6152) This commit updates the key derivation to reflect the latest change of crypto/doc.go. This includes handling the insecure legacy KDF. Since #6064 is fixed, the 3. test case for object key generation is enabled again.
2018-07-16 22:49:50 +08:00
// key is also cryptographically bound to the object's path (bucket/object) and the
// domain (SSE-C or SSE-S3).
introduce new package pkg/kms (#12019) This commit introduces a new package `pkg/kms`. It contains basic types and functions to interact with various KMS implementations. This commit also moves KMS-related code from `cmd/crypto` to `pkg/kms`. Now, it is possible to implement a KMS-based config data encryption in the `pkg/config` package.
2021-04-15 23:47:33 +08:00
func (key ObjectKey) Seal(extKey []byte, iv [32]byte, domain, bucket, object string) SealedKey {
kms: encrypt IAM/config data with the KMS (#12041) This commit changes the config/IAM encryption process. Instead of encrypting config data (users, policies etc.) with the root credentials MinIO now encrypts this data with a KMS - if configured. Therefore, this PR moves the MinIO-KMS configuration (via env. variables) to a "top-level" configuration. The KMS configuration cannot be stored in the config file since it is used to decrypt the config file in the first place. As a consequence, this commit also removes support for Hashicorp Vault - which has been deprecated anyway. Signed-off-by: Andreas Auernhammer <aead@mail.de>
2021-04-22 23:45:30 +08:00
if len(extKey) != 32 {
logger.CriticalIf(context.Background(), errors.New("crypto: invalid key length"))
}
crypto: update SSE-S3 and SSE-C key derivation (#6152) This commit updates the key derivation to reflect the latest change of crypto/doc.go. This includes handling the insecure legacy KDF. Since #6064 is fixed, the 3. test case for object key generation is enabled again.
2018-07-16 22:49:50 +08:00
var (
sealingKey [32]byte
encryptedKey bytes.Buffer
)
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
mac := hmac.New(sha256.New, extKey[:])
mac.Write(iv[:])
crypto: update SSE-S3 and SSE-C key derivation (#6152) This commit updates the key derivation to reflect the latest change of crypto/doc.go. This includes handling the insecure legacy KDF. Since #6064 is fixed, the 3. test case for object key generation is enabled again.
2018-07-16 22:49:50 +08:00
mac.Write([]byte(domain))
mac.Write([]byte(SealAlgorithm))
mac.Write([]byte(path.Join(bucket, object))) // use path.Join for canonical 'bucket/object'
mac.Sum(sealingKey[:0])
add new pkg/fips for FIPS 140-2 (#12051) This commit introduces a new package `pkg/fips` that bundles functionality to handle and configure cryptographic protocols in case of FIPS 140. If it is compiled with `--tags=fips` it assumes that a FIPS 140-2 cryptographic module is used to implement all FIPS compliant cryptographic primitives - like AES, SHA-256, ... In "FIPS mode" it excludes all non-FIPS compliant cryptographic primitives from the protocol parameters.
2021-04-14 23:29:56 +08:00
if n, err := sio.Encrypt(&encryptedKey, bytes.NewReader(key[:]), sio.Config{Key: sealingKey[:], CipherSuites: fips.CipherSuitesDARE()}); n != 64 || err != nil {
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
logger.CriticalIf(context.Background(), errors.New("Unable to generate sealed key"))
}
crypto: update SSE-S3 and SSE-C key derivation (#6152) This commit updates the key derivation to reflect the latest change of crypto/doc.go. This includes handling the insecure legacy KDF. Since #6064 is fixed, the 3. test case for object key generation is enabled again.
2018-07-16 22:49:50 +08:00
sealedKey := SealedKey{
IV: iv,
Algorithm: SealAlgorithm,
}
copy(sealedKey.Key[:], encryptedKey.Bytes())
return sealedKey
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
}
crypto: update SSE-S3 and SSE-C key derivation (#6152) This commit updates the key derivation to reflect the latest change of crypto/doc.go. This includes handling the insecure legacy KDF. Since #6064 is fixed, the 3. test case for object key generation is enabled again.
2018-07-16 22:49:50 +08:00
// Unseal decrypts a sealed key using the 256 bit external key. Since the sealed key
// may be cryptographically bound to the object's path the same bucket/object as during sealing
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
// must be provided. On success the ObjectKey contains the decrypted sealed key.
introduce new package pkg/kms (#12019) This commit introduces a new package `pkg/kms`. It contains basic types and functions to interact with various KMS implementations. This commit also moves KMS-related code from `cmd/crypto` to `pkg/kms`. Now, it is possible to implement a KMS-based config data encryption in the `pkg/config` package.
2021-04-15 23:47:33 +08:00
func (key *ObjectKey) Unseal(extKey []byte, sealedKey SealedKey, domain, bucket, object string) error {
crypto: update SSE-S3 and SSE-C key derivation (#6152) This commit updates the key derivation to reflect the latest change of crypto/doc.go. This includes handling the insecure legacy KDF. Since #6064 is fixed, the 3. test case for object key generation is enabled again.
2018-07-16 22:49:50 +08:00
var (
unsealConfig sio.Config
)
switch sealedKey.Algorithm {
default:
Add crypto context errors (#8740) Currently when connections to vault fail, client perpetually retries this leads to assumptions that the server has issues and masks the problem. Re-purpose *crypto.Error* type to send appropriate errors back to the client.
2020-01-07 08:15:22 +08:00
return Errorf("The sealing algorithm '%s' is not supported", sealedKey.Algorithm)
crypto: update SSE-S3 and SSE-C key derivation (#6152) This commit updates the key derivation to reflect the latest change of crypto/doc.go. This includes handling the insecure legacy KDF. Since #6064 is fixed, the 3. test case for object key generation is enabled again.
2018-07-16 22:49:50 +08:00
case SealAlgorithm:
mac := hmac.New(sha256.New, extKey[:])
mac.Write(sealedKey.IV[:])
mac.Write([]byte(domain))
mac.Write([]byte(SealAlgorithm))
mac.Write([]byte(path.Join(bucket, object))) // use path.Join for canonical 'bucket/object'
add new pkg/fips for FIPS 140-2 (#12051) This commit introduces a new package `pkg/fips` that bundles functionality to handle and configure cryptographic protocols in case of FIPS 140. If it is compiled with `--tags=fips` it assumes that a FIPS 140-2 cryptographic module is used to implement all FIPS compliant cryptographic primitives - like AES, SHA-256, ... In "FIPS mode" it excludes all non-FIPS compliant cryptographic primitives from the protocol parameters.
2021-04-14 23:29:56 +08:00
unsealConfig = sio.Config{MinVersion: sio.Version20, Key: mac.Sum(nil), CipherSuites: fips.CipherSuitesDARE()}
crypto: update SSE-S3 and SSE-C key derivation (#6152) This commit updates the key derivation to reflect the latest change of crypto/doc.go. This includes handling the insecure legacy KDF. Since #6064 is fixed, the 3. test case for object key generation is enabled again.
2018-07-16 22:49:50 +08:00
case InsecureSealAlgorithm:
sha := sha256.New()
sha.Write(extKey[:])
sha.Write(sealedKey.IV[:])
add new pkg/fips for FIPS 140-2 (#12051) This commit introduces a new package `pkg/fips` that bundles functionality to handle and configure cryptographic protocols in case of FIPS 140. If it is compiled with `--tags=fips` it assumes that a FIPS 140-2 cryptographic module is used to implement all FIPS compliant cryptographic primitives - like AES, SHA-256, ... In "FIPS mode" it excludes all non-FIPS compliant cryptographic primitives from the protocol parameters.
2021-04-14 23:29:56 +08:00
unsealConfig = sio.Config{MinVersion: sio.Version10, Key: sha.Sum(nil), CipherSuites: fips.CipherSuitesDARE()}
crypto: update SSE-S3 and SSE-C key derivation (#6152) This commit updates the key derivation to reflect the latest change of crypto/doc.go. This includes handling the insecure legacy KDF. Since #6064 is fixed, the 3. test case for object key generation is enabled again.
2018-07-16 22:49:50 +08:00
}
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
Optimize decryptObjectInfo (#10726) `decryptObjectInfo` is a significant bottleneck when listing objects. Reduce the allocations for a significant speedup. https://github.com/minio/sio/pull/40 ``` λ benchcmp before.txt after.txt benchmark old ns/op new ns/op delta Benchmark_decryptObjectInfo-32 24260928 808656 -96.67% benchmark old MB/s new MB/s speedup Benchmark_decryptObjectInfo-32 0.04 1.24 31.00x benchmark old allocs new allocs delta Benchmark_decryptObjectInfo-32 75112 48996 -34.77% benchmark old bytes new bytes delta Benchmark_decryptObjectInfo-32 287694772 4228076 -98.53% ```
2020-10-30 00:34:20 +08:00
if out, err := sio.DecryptBuffer(key[:0], sealedKey.Key[:], unsealConfig); len(out) != 32 || err != nil {
return `Access Denied` for invalid SSE keys (#6432) This commit fixes are regression in the server regarding handling SSE requests with wrong SSE-C keys. The server now returns an AWS S3 compatable API error (access denied) in case of the SSE key does not match the secret key used during upload. Fixes #6431
2018-09-07 03:31:12 +08:00
return ErrSecretKeyMismatch
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
}
return nil
}
// DerivePartKey derives an unique 256 bit key from an ObjectKey and the part index.
func (key ObjectKey) DerivePartKey(id uint32) (partKey [32]byte) {
var bin [4]byte
binary.LittleEndian.PutUint32(bin[:], id)
mac := hmac.New(sha256.New, key[:])
mac.Write(bin[:])
mac.Sum(partKey[:0])
crypto: add a basic KMS implementation (#6161) This commit adds a basic KMS implementation for an operator-specified SSE-S3 master key. The master key is wrapped as KMS such that using SSE-S3 with master key and SSE-S3 with KMS can use the same code. Bindings for a remote / true KMS (like hashicorp vault) will be added later on.
2018-07-18 13:40:34 +08:00
return partKey
new package: cmd/crypto (#6062) This commit introduces a new crypto package providing AWS S3 related cryptographic building blocks to implement SSE-S3 (master key or KMS) and SSE-C. This change only adds some basic functionallity esp. related to SSE-S3 and documents the general approach for SSE-S3 and SSE-C.
2018-06-29 03:47:42 +08:00
}
crypto: add functions for sealing/unsealing the etag for SSE (#6618) This commit adds two functions for sealing/unsealing the etag (a.k.a. content MD5) in case of SSE single-part upload. Sealing the ETag is neccessary in case of SSE-S3 to preserve the security guarantees. In case of SSE-S3 AWS returns the content-MD5 of the plaintext object as ETag. However, we must not store the MD5 of the plaintext for encrypted objects. Otherwise it becomes possible for an attacker to detect equal/non-equal encrypted objects. Therefore we encrypt the ETag before storing on the backend. But we only need to encrypt the ETag (content-MD5) if the client send it - otherwise the client cannot verify it anyway.
2018-10-17 01:02:19 +08:00
// SealETag seals the etag using the object key.
// It does not encrypt empty ETags because such ETags indicate
// that the S3 client hasn't sent an ETag = MD5(object) and
// the backend can pick an ETag value.
func (key ObjectKey) SealETag(etag []byte) []byte {
if len(etag) == 0 { // don't encrypt empty ETag - only if client sent ETag = MD5(object)
return etag
}
var buffer bytes.Buffer
mac := hmac.New(sha256.New, key[:])
mac.Write([]byte("SSE-etag"))
add new pkg/fips for FIPS 140-2 (#12051) This commit introduces a new package `pkg/fips` that bundles functionality to handle and configure cryptographic protocols in case of FIPS 140. If it is compiled with `--tags=fips` it assumes that a FIPS 140-2 cryptographic module is used to implement all FIPS compliant cryptographic primitives - like AES, SHA-256, ... In "FIPS mode" it excludes all non-FIPS compliant cryptographic primitives from the protocol parameters.
2021-04-14 23:29:56 +08:00
if _, err := sio.Encrypt(&buffer, bytes.NewReader(etag), sio.Config{Key: mac.Sum(nil), CipherSuites: fips.CipherSuitesDARE()}); err != nil {
crypto: add functions for sealing/unsealing the etag for SSE (#6618) This commit adds two functions for sealing/unsealing the etag (a.k.a. content MD5) in case of SSE single-part upload. Sealing the ETag is neccessary in case of SSE-S3 to preserve the security guarantees. In case of SSE-S3 AWS returns the content-MD5 of the plaintext object as ETag. However, we must not store the MD5 of the plaintext for encrypted objects. Otherwise it becomes possible for an attacker to detect equal/non-equal encrypted objects. Therefore we encrypt the ETag before storing on the backend. But we only need to encrypt the ETag (content-MD5) if the client send it - otherwise the client cannot verify it anyway.
2018-10-17 01:02:19 +08:00
logger.CriticalIf(context.Background(), errors.New("Unable to encrypt ETag using object key"))
}
return buffer.Bytes()
}
// UnsealETag unseals the etag using the provided object key.
// It does not try to decrypt the ETag if len(etag) == 16
// because such ETags indicate that the S3 client hasn't sent
// an ETag = MD5(object) and the backend has picked an ETag value.
func (key ObjectKey) UnsealETag(etag []byte) ([]byte, error) {
if !IsETagSealed(etag) {
return etag, nil
}
mac := hmac.New(sha256.New, key[:])
mac.Write([]byte("SSE-etag"))
add new pkg/fips for FIPS 140-2 (#12051) This commit introduces a new package `pkg/fips` that bundles functionality to handle and configure cryptographic protocols in case of FIPS 140. If it is compiled with `--tags=fips` it assumes that a FIPS 140-2 cryptographic module is used to implement all FIPS compliant cryptographic primitives - like AES, SHA-256, ... In "FIPS mode" it excludes all non-FIPS compliant cryptographic primitives from the protocol parameters.
2021-04-14 23:29:56 +08:00
return sio.DecryptBuffer(make([]byte, 0, len(etag)), etag, sio.Config{Key: mac.Sum(nil), CipherSuites: fips.CipherSuitesDARE()})
crypto: add functions for sealing/unsealing the etag for SSE (#6618) This commit adds two functions for sealing/unsealing the etag (a.k.a. content MD5) in case of SSE single-part upload. Sealing the ETag is neccessary in case of SSE-S3 to preserve the security guarantees. In case of SSE-S3 AWS returns the content-MD5 of the plaintext object as ETag. However, we must not store the MD5 of the plaintext for encrypted objects. Otherwise it becomes possible for an attacker to detect equal/non-equal encrypted objects. Therefore we encrypt the ETag before storing on the backend. But we only need to encrypt the ETag (content-MD5) if the client send it - otherwise the client cannot verify it anyway.
2018-10-17 01:02:19 +08:00
}