Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11834 Commits
50 Branches
316 Tags
332 MiB
 
 
 
 
 
 
Tree: 9a4825c3f6
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9a4825c3f6'
${ noResults }
seaweedfs/test/s3/sse/simple_sse_test.go

115 lines
3.4 KiB
Raw Blame History

package sse_test
import (
"bytes"
"context"
"crypto/md5"
"crypto/rand"
"encoding/base64"
"fmt"
"io"
"testing"
"time"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/config"
"github.com/aws/aws-sdk-go-v2/credentials"
"github.com/aws/aws-sdk-go-v2/service/s3"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
)
// TestSimpleSSECIntegration tests basic SSE-C with a fixed bucket name
func TestSimpleSSECIntegration(t *testing.T) {
ctx := context.Background()
// Create S3 client
customResolver := aws.EndpointResolverWithOptionsFunc(func(service, region string, options ...interface{}) (aws.Endpoint, error) {
return aws.Endpoint{
URL: "http://127.0.0.1:8333",
HostnameImmutable: true,
}, nil
})
awsCfg, err := config.LoadDefaultConfig(ctx,
config.WithRegion("us-east-1"),
config.WithEndpointResolverWithOptions(customResolver),
config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(
"some_access_key1",
"some_secret_key1",
"",
)),
)
require.NoError(t, err)
client := s3.NewFromConfig(awsCfg, func(o *s3.Options) {
o.UsePathStyle = true
})
bucketName := "test-debug-bucket"
objectKey := fmt.Sprintf("test-object-prefixed-%d", time.Now().UnixNano())
// Generate SSE-C key
key := make([]byte, 32)
rand.Read(key)
keyB64 := base64.StdEncoding.EncodeToString(key)
keyMD5Hash := md5.Sum(key)
keyMD5 := base64.StdEncoding.EncodeToString(keyMD5Hash[:])
testData := []byte("Hello, simple SSE-C integration test!")
// Ensure bucket exists
_, err = client.CreateBucket(ctx, &s3.CreateBucketInput{
Bucket: aws.String(bucketName),
})
if err != nil {
t.Logf("Bucket creation result: %v (might be OK if exists)", err)
}
// Wait a moment for bucket to be ready
time.Sleep(1 * time.Second)
t.Run("PUT with SSE-C", func(t *testing.T) {
_, err := client.PutObject(ctx, &s3.PutObjectInput{
Bucket: aws.String(bucketName),
Key: aws.String(objectKey),
Body: bytes.NewReader(testData),
SSECustomerAlgorithm: aws.String("AES256"),
SSECustomerKey: aws.String(keyB64),
SSECustomerKeyMD5: aws.String(keyMD5),
})
require.NoError(t, err, "Failed to upload SSE-C object")
t.Log("✅ SSE-C PUT succeeded!")
})
t.Run("GET with SSE-C", func(t *testing.T) {
resp, err := client.GetObject(ctx, &s3.GetObjectInput{
Bucket: aws.String(bucketName),
Key: aws.String(objectKey),
SSECustomerAlgorithm: aws.String("AES256"),
SSECustomerKey: aws.String(keyB64),
SSECustomerKeyMD5: aws.String(keyMD5),
})
require.NoError(t, err, "Failed to retrieve SSE-C object")
defer resp.Body.Close()
retrievedData, err := io.ReadAll(resp.Body)
require.NoError(t, err, "Failed to read retrieved data")
assert.Equal(t, testData, retrievedData, "Retrieved data doesn't match original")
// Verify SSE-C headers
assert.Equal(t, "AES256", aws.ToString(resp.SSECustomerAlgorithm))
assert.Equal(t, keyMD5, aws.ToString(resp.SSECustomerKeyMD5))
t.Log("✅ SSE-C GET succeeded and data matches!")
})
t.Run("GET without key should fail", func(t *testing.T) {
_, err := client.GetObject(ctx, &s3.GetObjectInput{
Bucket: aws.String(bucketName),
Key: aws.String(objectKey),
})
assert.Error(t, err, "Should fail to retrieve SSE-C object without key")
t.Log("✅ GET without key correctly failed")
})
}