mirror of
https://github.com/minio/minio.git
synced 2024-12-25 06:35:56 -05:00
062f3ea43a
This commit fixes a subtle bug in the ETag `IsEncrypted` implementation. An encrypted ETag may contain random bytes, i.e. some randomness used for encryption. This random value can contain a '-' byte simple due to being randomly generated. Before, the `IsEncrypted` implementation incorrectly assumed that an encrypted ETag cannot contain a '-' since it would be a multipart ETag. Multipart ETags have a 16 byte value followed by a '-' and the part number. For example: ``` 059ba80b807c3c776fb3bcf3f33e11ae-2 ``` However, the following encrypted ETag ``` 20000f00db2d90a7b40782d4cff2b41a7799fc1e7ead25972db65150118dfbe2ba76a3c002da28f85c840cd2001a28a9 ``` also contains a '-' byte but is not a multipart ETag. This commit fixes the `IsEncrypted` implementation simply by checking whether the ETag is at least 32 bytes long. A valid multipart ETag is never 32 bytes long since a part number must be <= 10000. However, an encrypted ETag must be at least 32 bytes long. It contains the encrypted ETag bytes (16 bytes) and the authentication tag added by the AEAD cipher (again 16 bytes). Signed-off-by: Andreas Auernhammer <hi@aead.dev> |
||
---|---|---|
.. | ||
etag_test.go | ||
etag.go | ||
reader.go |