From fd8749f42ab9939deebc0ed3f0e6804269b3854b Mon Sep 17 00:00:00 2001
From: Andreas Auernhammer <aead@mail.de>
Date: Thu, 6 Sep 2018 21:31:12 +0200
Subject: [PATCH] return `Access Denied` for invalid SSE keys (#6432)

This commit fixes are regression in the server regarding
handling SSE requests with wrong SSE-C keys.

The server now returns an AWS S3 compatable API error (access denied)
in case of the SSE key does not match the secret key used during upload.

Fixes #6431
---
 cmd/api-errors.go   | 2 +-
 cmd/crypto/error.go | 4 ++++
 cmd/crypto/key.go   | 2 +-
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/cmd/api-errors.go b/cmd/api-errors.go
index c0bd4436e..ea3b17b16 100644
--- a/cmd/api-errors.go
+++ b/cmd/api-errors.go
@@ -1441,7 +1441,7 @@ func toAPIErrorCode(err error) (apiErr APIErrorCode) {
 		apiErr = ErrSSEEncryptedObject
 	case errInvalidSSEParameters:
 		apiErr = ErrInvalidSSECustomerParameters
-	case crypto.ErrInvalidCustomerKey:
+	case crypto.ErrInvalidCustomerKey, crypto.ErrSecretKeyMismatch:
 		apiErr = ErrAccessDenied // no access without correct key
 	case crypto.ErrIncompatibleEncryptionMethod:
 		apiErr = ErrIncompatibleEncryptionMethod
diff --git a/cmd/crypto/error.go b/cmd/crypto/error.go
index c9c1def8f..8ba91f04b 100644
--- a/cmd/crypto/error.go
+++ b/cmd/crypto/error.go
@@ -43,6 +43,10 @@ var (
 	// base64-encoded string or not 256 bits long.
 	ErrInvalidCustomerKey = errors.New("The SSE-C client key is invalid")
 
+	// ErrSecretKeyMismatch indicates that the provided secret key (SSE-C client key / SSE-S3 KMS key)
+	// does not match the secret key used during encrypting the object.
+	ErrSecretKeyMismatch = errors.New("The secret key does not match the secret key used during upload")
+
 	// ErrCustomerKeyMD5Mismatch indicates that the SSE-C key MD5 does not match the
 	// computed MD5 sum. This means that the client provided either the wrong key for
 	// a certain MD5 checksum or the wrong MD5 for a certain key.
diff --git a/cmd/crypto/key.go b/cmd/crypto/key.go
index afa6d1226..0812aa5de 100644
--- a/cmd/crypto/key.go
+++ b/cmd/crypto/key.go
@@ -124,7 +124,7 @@ func (key *ObjectKey) Unseal(extKey [32]byte, sealedKey SealedKey, domain, bucke
 	}
 
 	if n, err := sio.Decrypt(&decryptedKey, bytes.NewReader(sealedKey.Key[:]), unsealConfig); n != 32 || err != nil {
-		return err // TODO(aead): upgrade sio to use sio.Error
+		return ErrSecretKeyMismatch
 	}
 	copy(key[:], decryptedKey.Bytes())
 	return nil