From 62b560510bdddcab96060c78337a64a494416509 Mon Sep 17 00:00:00 2001 From: Harshavardhana Date: Fri, 19 Oct 2018 10:41:13 -0700 Subject: [PATCH] Fix SSE-C source decryption handling (#6671) Without this fix we have room for two different type of errors. - Source is encrypted and we didn't provide any source encryption keys This results in Incomplete body error to be returned back to the client since source is encrypted and we gave the reader as is to the object layer which was of a decrypted value leading to "IncompleteBody" - Source is not encrypted and we provided source encryption keys. This results in a corrupted object on the destination which is considered encrypted but cannot be read by the server and returns the following error. ``` XMinioObjectTamperedThe requested object was modified and may be compromised/id-platform-gamma/ 155EDC3E86BFD4DA3L137 ``` --- cmd/object-handlers.go | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/cmd/object-handlers.go b/cmd/object-handlers.go index 9837e4f59..5a5339d27 100644 --- a/cmd/object-handlers.go +++ b/cmd/object-handlers.go @@ -808,9 +808,21 @@ func (api objectAPIHandlers) CopyObjectHandler(w http.ResponseWriter, r *http.Re var encMetadata = make(map[string]string) if objectAPI.IsEncryptionSupported() && !srcInfo.IsCompressed() { + // Encryption parameters not applicable for this object. + if !crypto.IsEncrypted(srcInfo.UserDefined) && crypto.SSECopy.IsRequested(r.Header) { + writeErrorResponse(w, toAPIErrorCode(errInvalidEncryptionParameters), r.URL) + return + } + + // Encryption parameters not present for this object. + if crypto.SSEC.IsEncrypted(srcInfo.UserDefined) && !crypto.SSECopy.IsRequested(r.Header) { + writeErrorResponse(w, ErrInvalidSSECustomerAlgorithm, r.URL) + return + } + var oldKey, newKey []byte sseCopyS3 := crypto.S3.IsEncrypted(srcInfo.UserDefined) - sseCopyC := crypto.SSECopy.IsRequested(r.Header) + sseCopyC := crypto.SSEC.IsEncrypted(srcInfo.UserDefined) && crypto.SSECopy.IsRequested(r.Header) sseC := crypto.SSEC.IsRequested(r.Header) sseS3 := crypto.S3.IsRequested(r.Header)