From 5ffe8466b639fb18fa776c1537af96ad59f525ec Mon Sep 17 00:00:00 2001
From: chrislu <chris.lu@gmail.com>
Date: Mon, 1 Dec 2025 18:37:14 -0800
Subject: [PATCH] Address review: make SSE-S3 metadata serialization failures
 fatal errors

- In executeEncryptCopy: return error instead of just logging if
  SerializeSSES3Metadata fails
- In createChunkFromData: return error if chunk SSE-S3 metadata
  serialization fails

This ensures objects/chunks are never created without proper encryption
metadata, preventing unreadable/corrupted data.
---
 .../s3api_object_handlers_copy_unified.go     | 14 ++++++-------
 weed/s3api/s3api_streaming_copy.go            | 20 ++++++++++---------
 2 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/weed/s3api/s3api_object_handlers_copy_unified.go b/weed/s3api/s3api_object_handlers_copy_unified.go
index dd251c955..5a4f4ef1f 100644
--- a/weed/s3api/s3api_object_handlers_copy_unified.go
+++ b/weed/s3api/s3api_object_handlers_copy_unified.go
@@ -148,13 +148,13 @@ func (s3a *S3ApiServer) executeEncryptCopy(entry *filer_pb.Entry, r *http.Reques
 				if len(encSpec.DestinationIV) > 0 {
 					sseKey.IV = encSpec.DestinationIV
 				}
-				if keyData, serErr := SerializeSSES3Metadata(sseKey); serErr == nil {
-					dstMetadata[s3_constants.SeaweedFSSSES3Key] = keyData
-					dstMetadata[s3_constants.AmzServerSideEncryption] = []byte("AES256")
-					glog.V(3).Infof("Generated SSE-S3 metadata for streaming encrypt copy: %s", dstPath)
-				} else {
-					glog.Errorf("Failed to serialize SSE-S3 metadata: %v", serErr)
-				}
+			keyData, serErr := SerializeSSES3Metadata(sseKey)
+			if serErr != nil {
+				return nil, nil, fmt.Errorf("failed to serialize SSE-S3 metadata: %w", serErr)
+			}
+			dstMetadata[s3_constants.SeaweedFSSSES3Key] = keyData
+			dstMetadata[s3_constants.AmzServerSideEncryption] = []byte("AES256")
+			glog.V(3).Infof("Generated SSE-S3 metadata for streaming encrypt copy: %s", dstPath)
 			}
 		}
 		return chunks, dstMetadata, nil
diff --git a/weed/s3api/s3api_streaming_copy.go b/weed/s3api/s3api_streaming_copy.go
index 36f20b388..1639cb7d0 100644
--- a/weed/s3api/s3api_streaming_copy.go
+++ b/weed/s3api/s3api_streaming_copy.go
@@ -518,15 +518,17 @@ func (scm *StreamingCopyManager) createChunkFromData(data []byte, offset int64,
 				if len(baseIV) > 0 {
 					chunkIV, _ := calculateIVWithOffset(baseIV, offset)
 					// Create chunk key with the chunk-specific IV
-					chunkSSEKey := &SSES3Key{
-						Key:       sseKey.Key,
-						KeyID:     sseKey.KeyID,
-						Algorithm: sseKey.Algorithm,
-						IV:        chunkIV,
-					}
-					if chunkMetadata, serErr := SerializeSSES3Metadata(chunkSSEKey); serErr == nil {
-						chunk.SseMetadata = chunkMetadata
-					}
+				chunkSSEKey := &SSES3Key{
+					Key:       sseKey.Key,
+					KeyID:     sseKey.KeyID,
+					Algorithm: sseKey.Algorithm,
+					IV:        chunkIV,
+				}
+				chunkMetadata, serErr := SerializeSSES3Metadata(chunkSSEKey)
+				if serErr != nil {
+					return nil, fmt.Errorf("failed to serialize chunk SSE-S3 metadata: %w", serErr)
+				}
+				chunk.SseMetadata = chunkMetadata
 				}
 			}
 		}