github.com/treeverse/lakefs@v1.24.1-0.20240520134607-95648127bfb0/pkg/block/s3/extract_sse.go

github.com/treeverse/lakefs@v1.24.1-0.20240520134607-95648127bfb0/pkg/block/s3/extract_sse.go (about)

     1  package s3
     2  
     3  import (
     4  	"net/http"
     5  
     6  	"github.com/aws/aws-sdk-go-v2/service/s3"
     7  )
     8  
     9  // extractSSHeaderUploadPart extracts the x-amz-server-side-* headers from the given
    10  // UploadPartOutput response.
    11  func extractSSHeaderUploadPart(resp *s3.UploadPartOutput) http.Header {
    12  	// x-amz-server-side-* headers
    13  	headers := make(http.Header)
    14  	if resp.SSECustomerAlgorithm != nil {
    15  		headers.Set("X-Amz-Server-Side-Encryption-Customer-Algorithm", *resp.SSECustomerAlgorithm)
    16  	}
    17  	if resp.SSECustomerKeyMD5 != nil {
    18  		headers.Set("X-Amz-Server-Side-Encryption-Customer-Key-Md5", *resp.SSECustomerKeyMD5)
    19  	}
    20  	if resp.SSEKMSKeyId != nil {
    21  		headers.Set("X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id", *resp.SSEKMSKeyId)
    22  	}
    23  	if resp.ServerSideEncryption != "" {
    24  		headers.Set("X-Amz-Server-Side-Encryption", string(resp.ServerSideEncryption))
    25  	}
    26  	return headers
    27  }
    28  
    29  // extractSSHeaderUploadPartCopy extracts the x-amz-server-side-* headers from the given
    30  // UploadPartCopyOutput response.
    31  func extractSSHeaderUploadPartCopy(resp *s3.UploadPartCopyOutput) http.Header {
    32  	// x-amz-server-side-* headers
    33  	headers := make(http.Header)
    34  	if resp.SSECustomerAlgorithm != nil {
    35  		headers.Set("X-Amz-Server-Side-Encryption-Customer-Algorithm", *resp.SSECustomerAlgorithm)
    36  	}
    37  	if resp.SSECustomerKeyMD5 != nil {
    38  		headers.Set("X-Amz-Server-Side-Encryption-Customer-Key-Md5", *resp.SSECustomerKeyMD5)
    39  	}
    40  	if resp.SSEKMSKeyId != nil {
    41  		headers.Set("X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id", *resp.SSEKMSKeyId)
    42  	}
    43  	if resp.ServerSideEncryption != "" {
    44  		headers.Set("X-Amz-Server-Side-Encryption", string(resp.ServerSideEncryption))
    45  	}
    46  	return headers
    47  }
    48  
    49  // extractSSHeaderCreateMultipartUpload extracts the x-amz-server-side-* headers from the given
    50  // CreateMultipartUploadOutput response.
    51  func extractSSHeaderCreateMultipartUpload(resp *s3.CreateMultipartUploadOutput) http.Header {
    52  	// x-amz-server-side-* headers
    53  	headers := make(http.Header)
    54  	if resp.SSECustomerAlgorithm != nil {
    55  		headers.Set("X-Amz-Server-Side-Encryption-Customer-Algorithm", *resp.SSECustomerAlgorithm)
    56  	}
    57  	if resp.SSECustomerKeyMD5 != nil {
    58  		headers.Set("X-Amz-Server-Side-Encryption-Customer-Key-Md5", *resp.SSECustomerKeyMD5)
    59  	}
    60  	if resp.SSEKMSKeyId != nil {
    61  		headers.Set("X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id", *resp.SSEKMSKeyId)
    62  	}
    63  	if resp.ServerSideEncryption != "" {
    64  		headers.Set("X-Amz-Server-Side-Encryption", string(resp.ServerSideEncryption))
    65  	}
    66  	if resp.SSEKMSEncryptionContext != nil {
    67  		headers.Set("X-Amz-Server-Side-Encryption-Context", *resp.SSEKMSEncryptionContext)
    68  	}
    69  	return headers
    70  }
    71  
    72  // extractSSHeaderCompleteMultipartUpload extracts the x-amz-server-side-* headers from the given
    73  // CompleteMultipartUploadOutput response.
    74  func extractSSHeaderCompleteMultipartUpload(resp *s3.CompleteMultipartUploadOutput) http.Header {
    75  	// x-amz-server-side-* headers
    76  	headers := make(http.Header)
    77  	if resp.SSEKMSKeyId != nil {
    78  		headers.Set("X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id", *resp.SSEKMSKeyId)
    79  	}
    80  	if resp.ServerSideEncryption != "" {
    81  		headers.Set("X-Amz-Server-Side-Encryption", string(resp.ServerSideEncryption))
    82  	}
    83  	return headers
    84  }