mirror of https://github.com/minio/minio.git
b9d1698d74
This commit adds two new functions to the internal `etag` package: - `ETag.Format` - `Decrypt` The `Decrypt` function decrypts an encrypted ETag using a decryption key. It returns not encrypted / multipart ETags unmodified. The `Decrypt` function is mainly used when handling SSE-S3 encrypted single-part objects. In particular, the ETag of an SSE-S3 encrypted single-part object needs to be decrypted since S3 clients expect that this ETag is equal to the content MD5. The `ETag.Format` method also covers SSE ETag handling. MinIO encrypts all ETags of SSE single part objects. However, only the ETag of SSE-S3 encrypted single part objects needs to be decrypted. The ETag of an SSE-C or SSE-KMS single part object does not correspond to its content MD5 and can be a random value. The `ETag.Format` function formats an ETag such that it is an AWS S3 compliant ETag. In particular, it returns non-encrypted ETags (single / multipart) unmodified. However, for encrypted ETags it returns the trailing 16 bytes as ETag. For encrypted ETags the last 16 bytes will be a random value. The main purpose of `Format` is to format ETags such that clients accept them as well-formed AWS S3 ETags. It differs from the `String` method since `String` will return string representations for encrypted ETags that are not AWS S3 compliant. Signed-off-by: Andreas Auernhammer <hi@aead.dev> |
||
|---|---|---|
| .. | ||
| arn | ||
| auth | ||
| bpool | ||
| bucket | ||
| color | ||
| config | ||
| crypto | ||
| disk | ||
| dsync | ||
| etag | ||
| event | ||
| fips | ||
| handlers | ||
| hash | ||
| http | ||
| init | ||
| ioutil | ||
| jwt | ||
| kernel | ||
| kms | ||
| lock | ||
| logger | ||
| lsync | ||
| mountinfo | ||
| pubsub | ||
| rest | ||
| s3select | ||
| smart | ||
| sync/errgroup | ||