github.com/minio/minio@v0.0.0-20240328213742-3f72439b8a27/internal/crypto/error.go

github.com/minio/minio@v0.0.0-20240328213742-3f72439b8a27/internal/crypto/error.go (about)

     1  // Copyright (c) 2015-2021 MinIO, Inc.
     2  //
     3  // This file is part of MinIO Object Storage stack
     4  //
     5  // This program is free software: you can redistribute it and/or modify
     6  // it under the terms of the GNU Affero General Public License as published by
     7  // the Free Software Foundation, either version 3 of the License, or
     8  // (at your option) any later version.
     9  //
    10  // This program is distributed in the hope that it will be useful
    11  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    12  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    13  // GNU Affero General Public License for more details.
    14  //
    15  // You should have received a copy of the GNU Affero General Public License
    16  // along with this program.  If not, see <http://www.gnu.org/licenses/>.
    17  
    18  package crypto
    19  
    20  import (
    21  	"errors"
    22  	"fmt"
    23  )
    24  
    25  // Error is the generic type for any error happening during decrypting
    26  // an object. It indicates that the object itself or its metadata was
    27  // modified accidentally or maliciously.
    28  type Error struct {
    29  	msg   string
    30  	cause error
    31  }
    32  
    33  // Errorf - formats according to a format specifier and returns
    34  // the string as a value that satisfies error of type crypto.Error
    35  func Errorf(format string, a ...interface{}) error {
    36  	e := fmt.Errorf(format, a...)
    37  	ee := Error{}
    38  	ee.msg = e.Error()
    39  	ee.cause = errors.Unwrap(e)
    40  	return ee
    41  }
    42  
    43  // Unwrap the internal error.
    44  func (e Error) Unwrap() error { return e.cause }
    45  
    46  // Error 'error' compatible method.
    47  func (e Error) Error() string {
    48  	if e.msg == "" {
    49  		return "crypto: cause <nil>"
    50  	}
    51  	return e.msg
    52  }
    53  
    54  var (
    55  	// ErrInvalidEncryptionMethod indicates that the specified SSE encryption method
    56  	// is not supported.
    57  	ErrInvalidEncryptionMethod = Errorf("The encryption method is not supported")
    58  
    59  	// ErrInvalidCustomerAlgorithm indicates that the specified SSE-C algorithm
    60  	// is not supported.
    61  	ErrInvalidCustomerAlgorithm = Errorf("The SSE-C algorithm is not supported")
    62  
    63  	// ErrMissingCustomerKey indicates that the HTTP headers contains no SSE-C client key.
    64  	ErrMissingCustomerKey = Errorf("The SSE-C request is missing the customer key")
    65  
    66  	// ErrMissingCustomerKeyMD5 indicates that the HTTP headers contains no SSE-C client key
    67  	// MD5 checksum.
    68  	ErrMissingCustomerKeyMD5 = Errorf("The SSE-C request is missing the customer key MD5")
    69  
    70  	// ErrInvalidCustomerKey indicates that the SSE-C client key is not valid - e.g. not a
    71  	// base64-encoded string or not 256 bits long.
    72  	ErrInvalidCustomerKey = Errorf("The SSE-C client key is invalid")
    73  
    74  	// ErrSecretKeyMismatch indicates that the provided secret key (SSE-C client key / SSE-S3 KMS key)
    75  	// does not match the secret key used during encrypting the object.
    76  	ErrSecretKeyMismatch = Errorf("The secret key does not match the secret key used during upload")
    77  
    78  	// ErrCustomerKeyMD5Mismatch indicates that the SSE-C key MD5 does not match the
    79  	// computed MD5 sum. This means that the client provided either the wrong key for
    80  	// a certain MD5 checksum or the wrong MD5 for a certain key.
    81  	ErrCustomerKeyMD5Mismatch = Errorf("The provided SSE-C key MD5 does not match the computed MD5 of the SSE-C key")
    82  	// ErrIncompatibleEncryptionMethod indicates that both SSE-C headers and SSE-S3 headers were specified, and are incompatible
    83  	// The client needs to remove the SSE-S3 header or the SSE-C headers
    84  	ErrIncompatibleEncryptionMethod = Errorf("Server side encryption specified with both SSE-C and SSE-S3 headers")
    85  	// ErrIncompatibleEncryptionWithCompression indicates that both data compression and SSE-C not allowed at the same time
    86  	ErrIncompatibleEncryptionWithCompression = Errorf("Server side encryption specified with SSE-C with compression not allowed")
    87  
    88  	// ErrInvalidEncryptionKeyID returns error when KMS key id contains invalid characters
    89  	ErrInvalidEncryptionKeyID = Errorf("KMS KeyID contains unsupported characters")
    90  )
    91  
    92  var (
    93  	errMissingInternalIV            = Errorf("The object metadata is missing the internal encryption IV")
    94  	errMissingInternalSealAlgorithm = Errorf("The object metadata is missing the internal seal algorithm")
    95  
    96  	errInvalidInternalIV            = Errorf("The internal encryption IV is malformed")
    97  	errInvalidInternalSealAlgorithm = Errorf("The internal seal algorithm is invalid and not supported")
    98  )
    99  
   100  // errOutOfEntropy indicates that the a source of randomness (PRNG) wasn't able
   101  // to produce enough random data. This is fatal error and should cause a panic.
   102  var errOutOfEntropy = Errorf("Unable to read enough randomness from the system")