MCPcopy Index your code
hub / github.com/scality/cloudserver / parseEncryptionXml

Function parseEncryptionXml

lib/api/apiUtils/bucket/bucketEncryption.js:29–108  ·  view source on GitHub ↗

* parseEncryptionXml - Parses and validates a ServerSideEncryptionConfiguration xml document * @param {object} xml - ServerSideEncryptionConfiguration doc * @param {object} log - logger * @param {ServerSideEncryptionInfo~callback} cb - callback * @returns {undefined}

(xml, log, cb)

Source from the content-addressed store, hash-verified

27 * @returns {undefined}
28 */
29function parseEncryptionXml(xml, log, cb) {
30 return parseString(xml, (err, parsed) => {
31 if (err) {
32 log.trace('xml parsing failed', {
33 error: err,
34 method: 'parseEncryptionXml',
35 });
36 log.debug('invalid xml', { xml });
37 return cb(errors.MalformedXML);
38 }
39
40 if (!parsed
41 || !parsed.ServerSideEncryptionConfiguration
42 || !parsed.ServerSideEncryptionConfiguration.Rule) {
43 log.trace('error in sse config, invalid ServerSideEncryptionConfiguration section', {
44 method: 'parseEncryptionXml',
45 });
46 return cb(errors.MalformedXML);
47 }
48
49 const { Rule } = parsed.ServerSideEncryptionConfiguration;
50
51 if (!Array.isArray(Rule)
52 || Rule.length > 1
53 || !Rule[0]
54 || !Rule[0].ApplyServerSideEncryptionByDefault
55 || !Rule[0].ApplyServerSideEncryptionByDefault[0]) {
56 log.trace('error in sse config, invalid ApplyServerSideEncryptionByDefault section', {
57 method: 'parseEncryptionXml',
58 });
59 return cb(errors.MalformedXML);
60 }
61
62 const [encConfig] = Rule[0].ApplyServerSideEncryptionByDefault;
63
64 if (!encConfig.SSEAlgorithm || !encConfig.SSEAlgorithm[0]) {
65 log.trace('error in sse config, no SSEAlgorithm provided', {
66 method: 'parseEncryptionXml',
67 });
68 return cb(errors.MalformedXML);
69 }
70
71 const [algorithm] = encConfig.SSEAlgorithm;
72
73 if (algorithm !== 'AES256' && algorithm !== 'aws:kms') {
74 log.trace('error in sse config, unknown SSEAlgorithm', {
75 method: 'parseEncryptionXml',
76 });
77 return cb(errors.MalformedXML);
78 }
79
80 const result = { algorithm, mandatory: true };
81
82 if (encConfig.KMSMasterKeyID) {
83 if (algorithm === 'AES256') {
84 log.trace('error in sse config, can not specify KMSMasterKeyID when using AES256', {
85 method: 'parseEncryptionXml',
86 });

Callers 1

bucketPutEncryptionFunction · 0.85

Calls 2

traceMethod · 0.80
debugMethod · 0.80

Tested by

no test coverage detected