projects / github / fretlink / terraform-provider-statuscake.git / blame
| Commit | Line | Data |
|---|---|---|
| bae9f6d2 JC |
1 | package s3 |
| 2 | ||
| 3 | import ( | |
| 4 | "crypto/md5" | |
| 5 | "encoding/base64" | |
| 863486a6 | 6 | "net/http" |
| bae9f6d2 JC |
7 | |
| 8 | "github.com/aws/aws-sdk-go/aws/awserr" | |
| bae9f6d2 JC |
9 | "github.com/aws/aws-sdk-go/aws/request" |
| 10 | ) | |
| 11 | ||
| 12 | var errSSERequiresSSL = awserr.New("ConfigError", "cannot send SSE keys over HTTP.", nil) | |
| 13 | ||
| 14 | func validateSSERequiresSSL(r *request.Request) { | |
| 15c0b25d AP |
15 | if r.HTTPRequest.URL.Scheme == "https" { |
| 16 | return | |
| 17 | } | |
| 18 | ||
| 19 | if iface, ok := r.Params.(sseCustomerKeyGetter); ok { | |
| 20 | if len(iface.getSSECustomerKey()) > 0 { | |
| 21 | r.Error = errSSERequiresSSL | |
| 22 | return | |
| 23 | } | |
| 24 | } | |
| 25 | ||
| 26 | if iface, ok := r.Params.(copySourceSSECustomerKeyGetter); ok { | |
| 27 | if len(iface.getCopySourceSSECustomerKey()) > 0 { | |
| bae9f6d2 | 28 | r.Error = errSSERequiresSSL |
| 15c0b25d | 29 | return |
| bae9f6d2 JC |
30 | } |
| 31 | } | |
| 32 | } | |
| 33 | ||
| 863486a6 AG |
34 | const ( |
| 35 | sseKeyHeader = "x-amz-server-side-encryption-customer-key" | |
| 36 | sseKeyMD5Header = sseKeyHeader + "-md5" | |
| 37 | ) | |
| 38 | ||
| 39 | func computeSSEKeyMD5(r *request.Request) { | |
| 40 | var key string | |
| 41 | if g, ok := r.Params.(sseCustomerKeyGetter); ok { | |
| 42 | key = g.getSSECustomerKey() | |
| 43 | } | |
| 44 | ||
| 45 | computeKeyMD5(sseKeyHeader, sseKeyMD5Header, key, r.HTTPRequest) | |
| 46 | } | |
| 47 | ||
| 48 | const ( | |
| 49 | copySrcSSEKeyHeader = "x-amz-copy-source-server-side-encryption-customer-key" | |
| 50 | copySrcSSEKeyMD5Header = copySrcSSEKeyHeader + "-md5" | |
| 51 | ) | |
| 52 | ||
| 53 | func computeCopySourceSSEKeyMD5(r *request.Request) { | |
| 54 | var key string | |
| 55 | if g, ok := r.Params.(copySourceSSECustomerKeyGetter); ok { | |
| 56 | key = g.getCopySourceSSECustomerKey() | |
| bae9f6d2 JC |
57 | } |
| 58 | ||
| 863486a6 AG |
59 | computeKeyMD5(copySrcSSEKeyHeader, copySrcSSEKeyMD5Header, key, r.HTTPRequest) |
| 60 | } | |
| 61 | ||
| 62 | func computeKeyMD5(keyHeader, keyMD5Header, key string, r *http.Request) { | |
| 63 | if len(key) == 0 { | |
| 64 | // Backwards compatiablity where user just set the header value instead | |
| 65 | // of using the API parameter, or setting the header value for an | |
| 66 | // operation without the parameters modeled. | |
| 67 | key = r.Header.Get(keyHeader) | |
| 68 | if len(key) == 0 { | |
| 69 | return | |
| bae9f6d2 | 70 | } |
| 863486a6 AG |
71 | |
| 72 | // In backwards compatiable, the header's value is not base64 encoded, | |
| 73 | // and needs to be encoded and updated by the SDK's customizations. | |
| 74 | b64Key := base64.StdEncoding.EncodeToString([]byte(key)) | |
| 75 | r.Header.Set(keyHeader, b64Key) | |
| 76 | } | |
| 77 | ||
| 78 | // Only update Key's MD5 if not already set. | |
| 79 | if len(r.Header.Get(keyMD5Header)) == 0 { | |
| 80 | sum := md5.Sum([]byte(key)) | |
| 81 | keyMD5 := base64.StdEncoding.EncodeToString(sum[:]) | |
| 82 | r.Header.Set(keyMD5Header, keyMD5) | |
| bae9f6d2 JC |
83 | } |
| 84 | } |