sse.go (1879B)
1 /* 2 * MinIO Go Library for Amazon S3 Compatible Cloud Storage 3 * Copyright 2020 MinIO, Inc. 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18 package sse 19 20 import "encoding/xml" 21 22 // ApplySSEByDefault defines default encryption configuration, KMS or SSE. To activate 23 // KMS, SSEAlgoritm needs to be set to "aws:kms" 24 // Minio currently does not support Kms. 25 type ApplySSEByDefault struct { 26 KmsMasterKeyID string `xml:"KMSMasterKeyID,omitempty"` 27 SSEAlgorithm string `xml:"SSEAlgorithm"` 28 } 29 30 // Rule layer encapsulates default encryption configuration 31 type Rule struct { 32 Apply ApplySSEByDefault `xml:"ApplyServerSideEncryptionByDefault"` 33 } 34 35 // Configuration is the default encryption configuration structure 36 type Configuration struct { 37 XMLName xml.Name `xml:"ServerSideEncryptionConfiguration"` 38 Rules []Rule `xml:"Rule"` 39 } 40 41 // NewConfigurationSSES3 initializes a new SSE-S3 configuration 42 func NewConfigurationSSES3() *Configuration { 43 return &Configuration{ 44 Rules: []Rule{ 45 { 46 Apply: ApplySSEByDefault{ 47 SSEAlgorithm: "AES256", 48 }, 49 }, 50 }, 51 } 52 } 53 54 // NewConfigurationSSEKMS initializes a new SSE-KMS configuration 55 func NewConfigurationSSEKMS(kmsMasterKey string) *Configuration { 56 return &Configuration{ 57 Rules: []Rule{ 58 { 59 Apply: ApplySSEByDefault{ 60 KmsMasterKeyID: kmsMasterKey, 61 SSEAlgorithm: "aws:kms", 62 }, 63 }, 64 }, 65 } 66 }