From f8c4be8a8943096217d89f7c5abd129fa2414b36 Mon Sep 17 00:00:00 2001
From: Enming Zhang <enming.zhang@umcloud.com>
Date: Fri, 25 Aug 2017 19:48:53 +0800
Subject: [PATCH] rgw: encryption fix the issue when not provide encryption
 mode

Now, in RGW, if someone want to upload an object using server-side
encryption with providing customer key or kms key id, but not
specify the encryption mode in the
"x-amz-server-side-encryption-customer-algorithm" or
"x-amz-server-side-encryption", the object will be uploaded
successfully without encryption.

This is not a correct way to deal with it. It is better to
return error.

Fixes: http://tracker.ceph.com/issues/21581

Signed-off-by: Enming Zhang <enming.zhang@umcloud.com>
---
 src/rgw/rgw_crypt.cc | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/src/rgw/rgw_crypt.cc b/src/rgw/rgw_crypt.cc
index b5a18f6b221..454fc11660b 100644
--- a/src/rgw/rgw_crypt.cc
+++ b/src/rgw/rgw_crypt.cc
@@ -1069,7 +1069,28 @@ int rgw_s3_prepare_encrypt(struct req_state* s,
       crypt_http_responses["x-amz-server-side-encryption-customer-algorithm"] = "AES256";
       crypt_http_responses["x-amz-server-side-encryption-customer-key-MD5"] = keymd5.to_string();
       return 0;
+    } else {
+      boost::string_view customer_key =
+          get_crypt_attribute(s->info.env, parts, X_AMZ_SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY);
+      if (!customer_key.empty()) {
+        ldout(s->cct, 5) << "ERROR: SSE-C encryption request is missing the header "
+                         << "x-amz-server-side-encryption-customer-algorithm"
+                         << dendl;
+        s->err.message = "Requests specifying Server Side Encryption with Customer provided keys must provide a valid encryption algorithm.";
+        return -EINVAL;
+      }
+
+      boost::string_view customer_key_md5 =
+          get_crypt_attribute(s->info.env, parts, X_AMZ_SERVER_SIDE_ENCRYPTION_CUSTOMER_KEY_MD5);
+      if (!customer_key_md5.empty()) {
+        ldout(s->cct, 5) << "ERROR: SSE-C encryption request is missing the header "
+                         << "x-amz-server-side-encryption-customer-algorithm"
+                         << dendl;
+        s->err.message = "Requests specifying Server Side Encryption with Customer provided keys must provide a valid encryption algorithm.";
+        return -EINVAL;
+      }
     }
+
     /* AMAZON server side encryption with KMS (key management service) */
     boost::string_view req_sse =
         get_crypt_attribute(s->info.env, parts, X_AMZ_SERVER_SIDE_ENCRYPTION);
@@ -1118,6 +1139,16 @@ int rgw_s3_prepare_encrypt(struct req_state* s,
       }
       actual_key.replace(0, actual_key.length(), actual_key.length(), '\000');
       return 0;
+    } else {
+      boost::string_view key_id =
+          get_crypt_attribute(s->info.env, parts, X_AMZ_SERVER_SIDE_ENCRYPTION_AWS_KMS_KEY_ID);
+      if (!key_id.empty()) {
+        ldout(s->cct, 5) << "ERROR: SSE-KMS encryption request is missing the header "
+                         << "x-amz-server-side-encryption"
+                         << dendl;
+        s->err.message = "Server Side Encryption with KMS managed key requires HTTP header x-amz-server-side-encryption : aws:kms";
+        return -EINVAL;
+      }
     }
 
     /* no other encryption mode, check if default encryption is selected */
-- 
2.39.5