crypto: add RemoveInternalEntries function (#6616)

This commit adds a function for removing crypto-specific internal entries from the object metadata. See #6604
6 years ago · 8a6c3aa3cd
parent 62b560510b
commit 8a6c3aa3cd
3 changed files with 63 additions and 7 deletions
--- a/cmd/crypto/metadata.go
+++ b/cmd/crypto/metadata.go
@ -40,6 +40,18 @@ func RemoveSensitiveEntries(metadata map[string]string) { // The functions is te
 	delete(metadata, SSECopyKey)
 }
 // RemoveInternalEntries removes all crypto-specific internal
 // metadata entries from the metadata map.
 func RemoveInternalEntries(metadata map[string]string) {
 	delete(metadata, SSEMultipart)
 	delete(metadata, SSEIV)
 	delete(metadata, SSESealAlgorithm)
 	delete(metadata, SSECSealedKey)
 	delete(metadata, S3SealedKey)
 	delete(metadata, S3KMSKeyID)
 	delete(metadata, S3KMSSealedKey)
 }
 // IsEncrypted returns true if the object metadata indicates
 // that it was uploaded using some form of server-side-encryption.
 //
--- a/cmd/crypto/metadata_test.go
+++ b/cmd/crypto/metadata_test.go
@ -387,3 +387,53 @@ func TestIsETagSealed(t *testing.T) {
 		}
 	}
 }
 var removeInternalEntriesTests = []struct {
 	Metadata, Expected map[string]string
 }{
 	{ // 0
 		Metadata: map[string]string{
 			SSEMultipart:     "",
 			SSEIV:            "",
 			SSESealAlgorithm: "",
 			SSECSealedKey:    "",
 			S3SealedKey:      "",
 			S3KMSKeyID:       "",
 			S3KMSSealedKey:   "",
 		},
 		Expected: map[string]string{},
 	},
 	{ // 1
 		Metadata: map[string]string{
 			SSEMultipart:         "",
 			SSEIV:                "",
 			"X-Amz-Meta-A":       "X",
 			"X-Minio-Internal-B": "Y",
 		},
 		Expected: map[string]string{
 			"X-Amz-Meta-A":       "X",
 			"X-Minio-Internal-B": "Y",
 		},
 	},
 }
 func TestRemoveInternalEntries(t *testing.T) {
 	isEqual := func(x, y map[string]string) bool {
 		if len(x) != len(y) {
 			return false
 		}
 		for k, v := range x {
 			if u, ok := y[k]; !ok || v != u {
 				return false
 			}
 		}
 		return true
 	}
 	for i, test := range removeInternalEntriesTests {
 		RemoveInternalEntries(test.Metadata)
 		if !isEqual(test.Metadata, test.Expected) {
 			t.Errorf("Test %d: got %v - want %v", i, test.Metadata, test.Expected)
 		}
 	}
 }
--- a/cmd/object-handlers.go
+++ b/cmd/object-handlers.go
@ -890,13 +890,7 @@ func (api objectAPIHandlers) CopyObjectHandler(w http.ResponseWriter, r *http.Re
 			if isSourceEncrypted {
 				// Remove all source encrypted related metadata to
 				// avoid copying them in target object.
-				delete(srcInfo.UserDefined, crypto.SSEIV)
+				crypto.RemoveInternalEntries(srcInfo.UserDefined)
 				delete(srcInfo.UserDefined, crypto.SSESealAlgorithm)
 				delete(srcInfo.UserDefined, crypto.SSECSealedKey)
 				delete(srcInfo.UserDefined, crypto.SSEMultipart)
 				delete(srcInfo.UserDefined, crypto.S3SealedKey)
 				delete(srcInfo.UserDefined, crypto.S3KMSSealedKey)
 				delete(srcInfo.UserDefined, crypto.S3KMSKeyID)
 			}
 			srcInfo.Reader, err = hash.NewReader(reader, targetSize, "", "", targetSize) // do not try to verify encrypted content