refactor cmd/crypto code for SSE handling and parsing (#11045)

This commit refactors the code in `cmd/crypto` and separates SSE-S3, SSE-C and SSE-KMS. This commit should not cause any behavior change except for: - `IsRequested(http.Header)` which now returns the requested type {SSE-C, SSE-S3, SSE-KMS} and does not consider SSE-C copy headers. However, SSE-C copy headers alone are anyway not valid.
2025-11-20 18:06:10 -05:00 · 2020-12-22 18:19:32 +01:00
parent 35fafb837b
commit 8cdf2106b0
21 changed files with 861 additions and 646 deletions
--- a/cmd/object-api-utils.go
+++ b/cmd/object-api-utils.go
@@ -439,7 +439,9 @@ func isCompressible(header http.Header, object string) bool {
 	globalCompressConfigMu.Lock()
 	cfg := globalCompressConfig
 	globalCompressConfigMu.Unlock()
-	if !cfg.Enabled || crypto.IsRequested(header) || excludeForCompression(header, object, cfg) {
+
+	_, ok := crypto.IsRequested(header)
+	if !cfg.Enabled || ok || excludeForCompression(header, object, cfg) {
 		return false
 	}
 	return true
@@ -628,7 +630,7 @@ func NewGetObjectReader(rs *HTTPRangeSpec, oi ObjectInfo, opts ObjectOptions, cl
 		// encrypted bytes. The header parameter is used to
 		// provide encryption parameters.
 		fn = func(inputReader io.Reader, h http.Header, pcfn CheckPreconditionFn, cFns ...func()) (r *GetObjectReader, err error) {
-			copySource := h.Get(crypto.SSECopyAlgorithm) != ""
+			copySource := h.Get(xhttp.AmzServerSideEncryptionCopyCustomerAlgorithm) != ""

 			cFns = append(cleanUpFns, cFns...)
 			// Attach decrypter on inputReader