From e637deef247700353a2de870c50a718ada1da2b4 Mon Sep 17 00:00:00 2001 From: wangyingbin Date: Tue, 31 May 2022 16:21:37 +0800 Subject: [PATCH] rgw: The error reported in the "rgw_s3_prepare_decrypt" function is unreasonable When decrypting the data encrypted with the "SSE-KMS" method, the "InvalidAccessKeyId" error is reported when the KMS key is unavailable, which is unreasonable.So we replaced it with EINVAL Fixes: https://tracker.ceph.com/issues/55799 Signed-off-by: wangyingbin --- src/rgw/rgw_crypt.cc | 4 ++-- src/rgw/rgw_kms.cc | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/rgw/rgw_crypt.cc b/src/rgw/rgw_crypt.cc index 515a5ba78c0..a740431fb8d 100644 --- a/src/rgw/rgw_crypt.cc +++ b/src/rgw/rgw_crypt.cc @@ -1387,7 +1387,7 @@ int rgw_s3_prepare_decrypt(struct req_state* s, ldpp_dout(s, 0) << "ERROR: key obtained from key_id:" << key_id << " is not 256 bit size" << dendl; s->err.message = "KMS provided an invalid key for the given kms-keyid."; - return -ERR_INVALID_ACCESS_KEY; + return -EINVAL; } auto aes = std::unique_ptr(new AES_256_CBC(s, s->cct)); @@ -1457,7 +1457,7 @@ int rgw_s3_prepare_decrypt(struct req_state* s, ldpp_dout(s, 0) << "ERROR: key obtained " << "is not 256 bit size" << dendl; s->err.message = "SSE-S3 provided an invalid key for the given keyid."; - return -ERR_INVALID_ACCESS_KEY; + return -EINVAL; } auto aes = std::unique_ptr(new AES_256_CBC(s, s->cct)); diff --git a/src/rgw/rgw_kms.cc b/src/rgw/rgw_kms.cc index 8d11a3248e0..eec5d80daab 100644 --- a/src/rgw/rgw_kms.cc +++ b/src/rgw/rgw_kms.cc @@ -873,7 +873,7 @@ static int get_actual_key_from_conf(const DoutPrefixProvider* dpp, map::iterator it = str_map.find(std::string(key_id)); if (it == str_map.end()) - return -ERR_INVALID_ACCESS_KEY; + return -EINVAL; std::string master_key; try { -- 2.39.5