MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-07 12:52:58 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat: Encrypt s3zip file index (#16179)

Browse Source
This commit is contained in:
Klaus Post
2022-12-07 23:56:07 +01:00
committed by GitHub
parent 12fd6678ee
commit ebe395788b
4 changed files with 79 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
cmd/s3-zip-handlers.go
View File

@@ -38,6 +38,7 @@ import (
const (
archiveType = "zip"
archiveTypeEnc = "zip-enc"
archiveExt = "." + archiveType // ".zip"
archiveSeparator = "/"
archivePattern = archiveExt + archiveSeparator // ".zip/"
@@ -152,6 +153,12 @@ func (api objectAPIHandlers) getObjectInArchiveFileHandler(ctx context.Context,
zipInfo := zipObjInfo.ArchiveInfo()
if len(zipInfo) == 0 {
opts.EncryptFn, err = zipObjInfo.metadataEncryptFn(r.Header)
if err != nil {
writeErrorResponse(ctx, w, toAPIError(ctx, err), r.URL)
return
}
zipInfo, err = updateObjectMetadataWithZipInfo(ctx, objectAPI, bucket, zipPath, opts)
}
if err != nil {
@@ -451,6 +458,11 @@ func (api objectAPIHandlers) headObjectInArchiveFileHandler(ctx context.Context,
zipInfo := zipObjInfo.ArchiveInfo()
if len(zipInfo) == 0 {
opts.EncryptFn, err = zipObjInfo.metadataEncryptFn(r.Header)
if err != nil {
writeErrorResponse(ctx, w, toAPIError(ctx, err), r.URL)
return
}
zipInfo, err = updateObjectMetadataWithZipInfo(ctx, objectAPI, bucket, zipPath, opts)
}
if err != nil {
@@ -491,7 +503,8 @@ func (api objectAPIHandlers) headObjectInArchiveFileHandler(ctx context.Context,
w.WriteHeader(http.StatusOK)
}
// Update the passed zip object metadata with the zip contents info, file name, modtime, size, etc..
// Update the passed zip object metadata with the zip contents info, file name, modtime, size, etc.
// The returned zip index will de decrypted.
func updateObjectMetadataWithZipInfo(ctx context.Context, objectAPI ObjectLayer, bucket, object string, opts ObjectOptions) ([]byte, error) {
files, srcInfo, err := getFilesListFromZIPObject(ctx, objectAPI, bucket, object, opts)
if err != nil {
@@ -502,14 +515,18 @@ func updateObjectMetadataWithZipInfo(ctx context.Context, objectAPI ObjectLayer,
if err != nil {
return nil, err
}
srcInfo.UserDefined[archiveTypeMetadataKey] = archiveType
at := archiveType
zipInfoStr := string(zipInfo)
if opts.EncryptFn != nil {
at = archiveTypeEnc
zipInfoStr = string(opts.EncryptFn(archiveTypeEnc, zipInfo))
}
srcInfo.UserDefined[archiveTypeMetadataKey] = at
popts := ObjectOptions{
MTime: srcInfo.ModTime,
VersionID: srcInfo.VersionID,
EvalMetadataFn: func(oi *ObjectInfo) error {
oi.UserDefined[archiveTypeMetadataKey] = archiveType
oi.UserDefined[archiveTypeMetadataKey] = at
oi.UserDefined[archiveInfoMetadataKey] = zipInfoStr
return nil
},