github.com/minio/minio@v0.0.0-20240328213742-3f72439b8a27/cmd/bucket-encryption.go (about) 1 // Copyright (c) 2015-2021 MinIO, Inc. 2 // 3 // This file is part of MinIO Object Storage stack 4 // 5 // This program is free software: you can redistribute it and/or modify 6 // it under the terms of the GNU Affero General Public License as published by 7 // the Free Software Foundation, either version 3 of the License, or 8 // (at your option) any later version. 9 // 10 // This program is distributed in the hope that it will be useful 11 // but WITHOUT ANY WARRANTY; without even the implied warranty of 12 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13 // GNU Affero General Public License for more details. 14 // 15 // You should have received a copy of the GNU Affero General Public License 16 // along with this program. If not, see <http://www.gnu.org/licenses/>. 17 18 package cmd 19 20 import ( 21 "errors" 22 "io" 23 24 sse "github.com/minio/minio/internal/bucket/encryption" 25 ) 26 27 // BucketSSEConfigSys - in-memory cache of bucket encryption config 28 type BucketSSEConfigSys struct{} 29 30 // NewBucketSSEConfigSys - Creates an empty in-memory bucket encryption configuration cache 31 func NewBucketSSEConfigSys() *BucketSSEConfigSys { 32 return &BucketSSEConfigSys{} 33 } 34 35 // Get - gets bucket encryption config for the given bucket. 36 func (sys *BucketSSEConfigSys) Get(bucket string) (*sse.BucketSSEConfig, error) { 37 sseCfg, _, err := globalBucketMetadataSys.GetSSEConfig(bucket) 38 return sseCfg, err 39 } 40 41 // validateBucketSSEConfig parses bucket encryption configuration and validates if it is supported by MinIO. 42 func validateBucketSSEConfig(r io.Reader) (*sse.BucketSSEConfig, error) { 43 encConfig, err := sse.ParseBucketSSEConfig(r) 44 if err != nil { 45 return nil, err 46 } 47 48 if len(encConfig.Rules) == 1 { 49 return encConfig, nil 50 } 51 52 return nil, errors.New("Unsupported bucket encryption configuration") 53 }