storj.io/minio@v0.0.0-20230509071714-0cbc90f649b1/cmd/bucket-encryption.go (about) 1 /* 2 * MinIO Cloud Storage, (C) 2020 MinIO, Inc. 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 package cmd 18 19 import ( 20 "errors" 21 "io" 22 23 bucketsse "storj.io/minio/pkg/bucket/encryption" 24 ) 25 26 // BucketSSEConfigSys - in-memory cache of bucket encryption config 27 type BucketSSEConfigSys struct{} 28 29 // NewBucketSSEConfigSys - Creates an empty in-memory bucket encryption configuration cache 30 func NewBucketSSEConfigSys() *BucketSSEConfigSys { 31 return &BucketSSEConfigSys{} 32 } 33 34 // Get - gets bucket encryption config for the given bucket. 35 func (sys *BucketSSEConfigSys) Get(bucket string) (*bucketsse.BucketSSEConfig, error) { 36 if GlobalIsGateway { 37 objAPI := newObjectLayerFn() 38 if objAPI == nil { 39 return nil, errServerNotInitialized 40 } 41 42 return nil, BucketSSEConfigNotFound{Bucket: bucket} 43 } 44 45 return globalBucketMetadataSys.GetSSEConfig(bucket) 46 } 47 48 // validateBucketSSEConfig parses bucket encryption configuration and validates if it is supported by MinIO. 49 func validateBucketSSEConfig(r io.Reader) (*bucketsse.BucketSSEConfig, error) { 50 encConfig, err := bucketsse.ParseBucketSSEConfig(r) 51 if err != nil { 52 return nil, err 53 } 54 55 if len(encConfig.Rules) == 1 && encConfig.Rules[0].DefaultEncryptionAction.Algorithm == bucketsse.AES256 { 56 return encConfig, nil 57 } 58 59 return nil, errors.New("Unsupported bucket encryption configuration") 60 }