Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pass server-side encryption option to minio.StatObject call #142

Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

Pass server-side encryption option to minio.StatObject call #142

wants to merge 9 commits into from

Conversation

jabbrwcky
Copy link

@jabbrwcky jabbrwcky commented Sep 26, 2024
edited
Loading

Adds missing encryption data passed to minio.StatObject() calls, causing client methods Exists() and Attributes() to fail with a 400 Bad Request error.

This may only affects encryption using SSE-C because here it is the callers responsibility to send the encryption key along with the request. In contrast SSE-KMS and SSE-S3 are handled transparently (if the user has permissions to use the key in the casse of SSE-KMS)

Fixes #141

  • I added CHANGELOG entry for this change.
  • Change is not relevant to the end user.

Changes

  • Add SSE-C configuration to Bucket.Exists()
  • Add SSE-C configuration to Bucket.Attributes()

Verification

Added E2E-Test that uploads, checks for existence and downloads a file using SSE-C

@jabbrwcky jabbrwcky mentioned this pull request Sep 26, 2024
Open
@jabbrwcky jabbrwcky force-pushed the main branch 3 times, most recently from e8ae58b to 1957544 Compare September 30, 2024 07:15
@toporek3112
Copy link

Any updates on this one?

@dagobertdocker
Copy link

Thanks for this PR! I'd love for this to be merged, my provider is using SSE-C and I cannot use Thanos because of the underlying issue.

jabbrwcky and others added 6 commits October 28, 2024 10:58
@jabbrwcky
Pass server-side encryption option to minio.StatObject call
e9f91a1 
Signed-off-by: Jens Hausherr <jens@hausherr.net>
@jabbrwcky
Add CHANGELOG entry
cb5f527 
Signed-off-by: Jens Hausherr <jens@hausherr.net>
@jabbrwcky
Add end-to-end test for SSE-C encryption
dd4f480 
Signed-off-by: Jens Hausherr <jens@hausherr.net>
@jabbrwcky
Use const access key/ secret key defined for minio
1f51931 
Signed-off-by: Jens Hausherr <jens@hausherr.net>
@jabbrwcky
Remove duplicate upload
a32a5ca 
Signed-off-by: Jens Hausherr <jens@hausherr.net>
@jabbrwcky
Added required parameter to s3.NewBucketWithConfig()
5464cd5 
Signed-off-by: Jens Hausherr <jens@hausherr.net>
@jabbrwcky
Merge branch 'main' into main
ddc166c 
Signed-off-by: Jens Hausherr <jens@hausherr.net>
JoaoBraveCoding
JoaoBraveCoding approved these changes Nov 28, 2024
View reviewed changes
Copy link
Collaborator

@JoaoBraveCoding JoaoBraveCoding left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JoaoBraveCoding JoaoBraveCoding JoaoBraveCoding approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

SSE-C encryption broken for Exists/Attributes call
4 participants
@jabbrwcky @toporek3112 @dagobertdocker @JoaoBraveCoding