diff options
| author | Rahul Dev Parashar <rahul.dev@flipkart.com> | 2021-07-19 09:18:14 +0200 |
|---|---|---|
| committer | Rahul Dev Parashar <rahul.dev@flipkart.com> | 2021-07-19 09:18:14 +0200 |
| commit | 95acefb2f5e5b1a930b263bbc7d18857d476653c (patch) | |
| tree | a1e7beae60734213b5f35217788727b9f03d9e8e /src/rgw/rgw_bucket_encryption.cc | |
| parent | Merge pull request #42176 from tchaikov/wip-doc-option (diff) | |
| download | ceph-95acefb2f5e5b1a930b263bbc7d18857d476653c.tar.xz ceph-95acefb2f5e5b1a930b263bbc7d18857d476653c.zip | |
rgw: Introduce BucketEncryption APIs to support SSE-S3 feature
This patch introduces support for 3 new BucketEncryption APIs which are listed
below and are helpful in supporting AWS SSE-S3 encryption mode.
PutBucketEncryption: https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html
GetBucketEncryption: https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html
DeleteBucketEncryption: https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html
The user provided parameters are parsed and stored in the bucket's extended
attributes RGW_ATTR_BUCKET_ENCRYPTION and
RGW_ATTR_BUCKET_ENCRYPTION_SSE_S3_KEY_ID.
Signed-off-by: Rahul Dev Parashar <rahul.dev@flipkart.com>
Diffstat (limited to 'src/rgw/rgw_bucket_encryption.cc')
| -rw-r--r-- | src/rgw/rgw_bucket_encryption.cc | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/src/rgw/rgw_bucket_encryption.cc b/src/rgw/rgw_bucket_encryption.cc new file mode 100644 index 00000000000..2913ce8a0ed --- /dev/null +++ b/src/rgw/rgw_bucket_encryption.cc @@ -0,0 +1,34 @@ +// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- +// vim: ts=8 sw=2 smarttab ft=cpp +// +#include "rgw_bucket_encryption.h" +#include "rgw_xml.h" + +void ApplyServerSideEncryptionByDefault::decode_xml(XMLObj *obj) { + RGWXMLDecoder::decode_xml("KMSMasterKeyID", kmsMasterKeyID, obj, false); + RGWXMLDecoder::decode_xml("SSEAlgorithm", sseAlgorithm, obj, false); +} + +void ApplyServerSideEncryptionByDefault::dump_xml(Formatter *f) const { + encode_xml("SSEAlgorithm", sseAlgorithm, f); +} + +void ServerSideEncryptionConfiguration::decode_xml(XMLObj *obj) { + RGWXMLDecoder::decode_xml("ApplyServerSideEncryptionByDefault", applyServerSideEncryptionByDefault, obj, true); + RGWXMLDecoder::decode_xml("BucketKeyEnabled", bucketKeyEnabled, obj, false); +} + +void ServerSideEncryptionConfiguration::dump_xml(Formatter *f) const { + encode_xml("ApplyServerSideEncryptionByDefault", applyServerSideEncryptionByDefault, f); +} + +void RGWBucketEncryptionConfig::decode_xml(XMLObj *obj) { + rule_exist = RGWXMLDecoder::decode_xml("Rule", rule, obj); + if(!rule_exist) { + throw RGWXMLDecoder::err("rule must be present in XML"); + } +} + +void RGWBucketEncryptionConfig::dump_xml(Formatter *f) const { + encode_xml("Rule", rule, f); +} |