| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354 |
- package s3
- import (
- "crypto/md5"
- "encoding/base64"
- "github.com/aws/aws-sdk-go/aws/awserr"
- "github.com/aws/aws-sdk-go/aws/request"
- )
- var errSSERequiresSSL = awserr.New("ConfigError", "cannot send SSE keys over HTTP.", nil)
- func validateSSERequiresSSL(r *request.Request) {
- if r.HTTPRequest.URL.Scheme == "https" {
- return
- }
- if iface, ok := r.Params.(sseCustomerKeyGetter); ok {
- if len(iface.getSSECustomerKey()) > 0 {
- r.Error = errSSERequiresSSL
- return
- }
- }
- if iface, ok := r.Params.(copySourceSSECustomerKeyGetter); ok {
- if len(iface.getCopySourceSSECustomerKey()) > 0 {
- r.Error = errSSERequiresSSL
- return
- }
- }
- }
- func computeSSEKeys(r *request.Request) {
- headers := []string{
- "x-amz-server-side-encryption-customer-key",
- "x-amz-copy-source-server-side-encryption-customer-key",
- }
- for _, h := range headers {
- md5h := h + "-md5"
- if key := r.HTTPRequest.Header.Get(h); key != "" {
- // Base64-encode the value
- b64v := base64.StdEncoding.EncodeToString([]byte(key))
- r.HTTPRequest.Header.Set(h, b64v)
- // Add MD5 if it wasn't computed
- if r.HTTPRequest.Header.Get(md5h) == "" {
- sum := md5.Sum([]byte(key))
- b64sum := base64.StdEncoding.EncodeToString(sum[:])
- r.HTTPRequest.Header.Set(md5h, b64sum)
- }
- }
- }
- }
|
