(cfg *Config)
| 801 | } |
| 802 | |
| 803 | func buildSSEConfig(cfg *Config) (encrypt.ServerSide, error) { |
| 804 | switch cfg.SSE.Type { |
| 805 | case "": |
| 806 | return nil, nil |
| 807 | case SSEKMS: |
| 808 | if cfg.SSE.KMSKeyID == "" { |
| 809 | return nil, errors.New("KMSKeyID is missing") |
| 810 | } |
| 811 | |
| 812 | encryptionCtx, err := parseKMSEncryptionContext(cfg.SSE.KMSEncryptionContext) |
| 813 | if err != nil { |
| 814 | return nil, err |
| 815 | } |
| 816 | if encryptionCtx == nil { |
| 817 | // To overcome a limitation in Minio which checks interface{} == nil. |
| 818 | return encrypt.NewSSEKMS(cfg.SSE.KMSKeyID, nil) |
| 819 | } |
| 820 | return encrypt.NewSSEKMS(cfg.SSE.KMSKeyID, encryptionCtx) |
| 821 | |
| 822 | case SSES3: |
| 823 | return encrypt.NewSSE(), nil |
| 824 | case SSEC: |
| 825 | key := cfg.SSE.CustomerEncryptionKey.String() |
| 826 | if key == "" { |
| 827 | return nil, errors.New("SSE-C EncryptionKey is missing") |
| 828 | } |
| 829 | return encrypt.NewSSEC([]byte(key)) |
| 830 | default: |
| 831 | return nil, errUnsupportedSSEType |
| 832 | } |
| 833 | } |
no test coverage detected