7 "github.com/aws/aws-sdk-go/aws/awserr"
8 "github.com/aws/aws-sdk-go/aws/request"
11 var errSSERequiresSSL = awserr.New("ConfigError", "cannot send SSE keys over HTTP.", nil)
13 func validateSSERequiresSSL(r *request.Request) {
14 if r.HTTPRequest.URL.Scheme == "https" {
18 if iface, ok := r.Params.(sseCustomerKeyGetter); ok {
19 if len(iface.getSSECustomerKey()) > 0 {
20 r.Error = errSSERequiresSSL
25 if iface, ok := r.Params.(copySourceSSECustomerKeyGetter); ok {
26 if len(iface.getCopySourceSSECustomerKey()) > 0 {
27 r.Error = errSSERequiresSSL
33 func computeSSEKeys(r *request.Request) {
35 "x-amz-server-side-encryption-customer-key",
36 "x-amz-copy-source-server-side-encryption-customer-key",
39 for _, h := range headers {
41 if key := r.HTTPRequest.Header.Get(h); key != "" {
42 // Base64-encode the value
43 b64v := base64.StdEncoding.EncodeToString([]byte(key))
44 r.HTTPRequest.Header.Set(h, b64v)
46 // Add MD5 if it wasn't computed
47 if r.HTTPRequest.Header.Get(md5h) == "" {
48 sum := md5.Sum([]byte(key))
49 b64sum := base64.StdEncoding.EncodeToString(sum[:])
50 r.HTTPRequest.Header.Set(md5h, b64sum)