From eada6b4636fbd9e73ddd85a95021fdcd60a40253 Mon Sep 17 00:00:00 2001 From: wangyingbin Date: Wed, 16 Sep 2020 15:15:45 +0800 Subject: [PATCH] rgw:When KMS encryption is used and the key does not exist, we should not throw ERR_ INVALID_ ACCESS_ Key error code. When kms encryption is used, the key_id is null or the actual_key size is wrong, we should not throw "ERR_INVALID_ACCESS_KEY " error code, instead of "EINVAL"error code, is used to indicate parameter error. Signed-off-by: wangyingbin (cherry picked from commit 40dbc29984d67a3f4946a0b30d53f3db19952bf0) --- src/rgw/rgw_crypt.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/rgw/rgw_crypt.cc b/src/rgw/rgw_crypt.cc index 2c4275a948015..08837d39ef2aa 100644 --- a/src/rgw/rgw_crypt.cc +++ b/src/rgw/rgw_crypt.cc @@ -1035,7 +1035,7 @@ int rgw_s3_prepare_encrypt(struct req_state* s, ldpp_dout(s, 5) << "ERROR: not provide a valid key id" << dendl; s->err.message = "Server Side Encryption with KMS managed key requires " "HTTP header x-amz-server-side-encryption-aws-kms-key-id"; - return -ERR_INVALID_ACCESS_KEY; + return -EINVAL; } /* try to retrieve actual key */ std::string key_selector = create_random_key_selector(s->cct); @@ -1054,7 +1054,7 @@ int rgw_s3_prepare_encrypt(struct req_state* s, ldpp_dout(s, 5) << "ERROR: key obtained from key_id:" << key_id << " is not 256 bit size" << dendl; s->err.message = "KMS provided an invalid key for the given kms-keyid."; - return -ERR_INVALID_ACCESS_KEY; + return -EINVAL; } if (block_crypt) { -- 2.39.5