From ccd16bbef6c7d08a3f7488aec3cf24bae783a872 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Niewrza=C5=82?= Date: Fri, 4 Mar 2022 12:28:04 +0100 Subject: [PATCH] satellite/metabase: handle NewEncryptedMetadata while coping object Copy object functionality should support setting new metadata for copy. This change is adjusting FinishCopyObject method to set new metadata when OverrideMetadata field is set to true. Fixes https://github.com/storj/storj/issues/4483 Change-Id: Ica37cb57e8edae301cdc483fbda4f3ddba5d2702 --- go.mod | 4 +- go.sum | 10 +- satellite/metabase/copy_object.go | 44 +++++-- satellite/metabase/copy_object_test.go | 152 ++++++++++++++++++++-- satellite/metabase/get_test.go | 12 +- satellite/metabase/metabasetest/create.go | 9 +- satellite/metainfo/endpoint_object.go | 11 +- testsuite/go.mod | 4 +- testsuite/go.sum | 10 +- 9 files changed, 208 insertions(+), 48 deletions(-) diff --git a/go.mod b/go.mod index 6814ed560..648301666 100644 --- a/go.mod +++ b/go.mod @@ -48,11 +48,11 @@ require ( golang.org/x/time v0.0.0-20200630173020-3af7569d3a1e gopkg.in/segmentio/analytics-go.v3 v3.1.0 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c - storj.io/common v0.0.0-20220228211628-96f1d7f5fdfd + storj.io/common v0.0.0-20220303150900-2150c0203dcc storj.io/drpc v0.0.29 storj.io/monkit-jaeger v0.0.0-20220131130547-dc4cb5a0d97a storj.io/private v0.0.0-20220131131751-c913260b9ec2 - storj.io/uplink v1.8.1-0.20220223161331-c4e80d7a3a87 + storj.io/uplink v1.8.1-0.20220307141551-c65f09ea27d8 ) require ( diff --git a/go.sum b/go.sum index 0d9f54107..8e8190c14 100644 --- a/go.sum +++ b/go.sum @@ -846,14 +846,14 @@ rsc.io/binaryregexp v0.2.0/go.mod h1:qTv7/COck+e2FymRvadv62gMdZztPaShugOCi3I+8D8 sourcegraph.com/sourcegraph/go-diff v0.5.0/go.mod h1:kuch7UrkMzY0X+p9CRK03kfuPQ2zzQcaEFbx8wA8rck= sourcegraph.com/sqs/pbtypes v0.0.0-20180604144634-d3ebe8f20ae4/go.mod h1:ketZ/q3QxT9HOBeFhu6RdvsftgpsbFHBF5Cas6cDKZ0= storj.io/common v0.0.0-20220131120956-e74f624a3d55/go.mod h1:m0489td5+rKDdoiYOzCkh3CfGW/cLyntZiYfso+QfMs= -storj.io/common v0.0.0-20220218100924-daea4bf7cc6c/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog= -storj.io/common v0.0.0-20220228211628-96f1d7f5fdfd h1:4sUi3QM1xn7uVJNyVvhrLvieynbYd1ePXdZehcRWzH0= -storj.io/common v0.0.0-20220228211628-96f1d7f5fdfd/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog= +storj.io/common v0.0.0-20220223161334-302b968d0f29/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog= +storj.io/common v0.0.0-20220303150900-2150c0203dcc h1:ecc15H8aEXdGh4WWyfhXM8q9x3ni5hnCXDH2+HC/z9k= +storj.io/common v0.0.0-20220303150900-2150c0203dcc/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog= storj.io/drpc v0.0.29 h1:Ihd4ls/JQFr0lctefie3iu+3QM4duccCKr9uMzf4sKY= storj.io/drpc v0.0.29/go.mod h1:6rcOyR/QQkSTX/9L5ZGtlZaE2PtXTTZl8d+ulSeeYEg= storj.io/monkit-jaeger v0.0.0-20220131130547-dc4cb5a0d97a h1:qads+aZlFKm5gUxobfF9s2x8/byPaPPLe2Mz+J82R+k= storj.io/monkit-jaeger v0.0.0-20220131130547-dc4cb5a0d97a/go.mod h1:DGEycSjvzE0JqcD3+6IjwPEK6x30oOus6AApXzl7t0s= storj.io/private v0.0.0-20220131131751-c913260b9ec2 h1:POHeqNfH0YzO4d2px9NZRPvWPumvA3581YPK2nwP7gw= storj.io/private v0.0.0-20220131131751-c913260b9ec2/go.mod h1:i08plLYNEyxf9eObj0UAYnTyh+6r8jvra4JDnvhFsCI= -storj.io/uplink v1.8.1-0.20220223161331-c4e80d7a3a87 h1:oBbMBGijaMGFfrHteng2v5GPW/d6J4AB6nfey/99614= -storj.io/uplink v1.8.1-0.20220223161331-c4e80d7a3a87/go.mod h1:maW42V/Ze1MJOEJVNpkNa1VdU7nEiNb+TEZ+pNDx2/Q= +storj.io/uplink v1.8.1-0.20220307141551-c65f09ea27d8 h1:nW8/fo04hiUXU9RP9zkr+wPY3NVWyOd5wvkxDP9gKKY= +storj.io/uplink v1.8.1-0.20220307141551-c65f09ea27d8/go.mod h1:CVSBjpsXFk6iFIc9jxo/530kIQJK/8iM0xdihoZkhoE= diff --git a/satellite/metabase/copy_object.go b/satellite/metabase/copy_object.go index 011168c46..5b3615f7e 100644 --- a/satellite/metabase/copy_object.go +++ b/satellite/metabase/copy_object.go @@ -107,13 +107,16 @@ func (db *DB) BeginCopyObject(ctx context.Context, opts BeginCopyObject) (result // FinishCopyObject holds all data needed to finish object copy. type FinishCopyObject struct { ObjectStream - NewBucket string - NewStreamID uuid.UUID - NewSegmentKeys []EncryptedKeyAndNonce - // TODO: add NewEncryptedMetadata []byte for being able to change object's metadata - NewEncryptedObjectKey []byte + NewBucket string + NewEncryptedObjectKey ObjectKey + NewStreamID uuid.UUID + + OverrideMetadata bool + NewEncryptedMetadata []byte NewEncryptedMetadataKeyNonce []byte NewEncryptedMetadataKey []byte + + NewSegmentKeys []EncryptedKeyAndNonce } // Verify verifies metabase.FinishCopyObject data. @@ -127,14 +130,25 @@ func (finishCopy FinishCopyObject) Verify() error { return ErrInvalidRequest.New("NewBucket is missing") case finishCopy.ObjectStream.StreamID == finishCopy.NewStreamID: return ErrInvalidRequest.New("StreamIDs are identical") - case finishCopy.ObjectKey == ObjectKey(finishCopy.NewEncryptedObjectKey): + case finishCopy.ObjectKey == finishCopy.NewEncryptedObjectKey: return ErrInvalidRequest.New("source and destination encrypted object key are identical") case len(finishCopy.NewEncryptedObjectKey) == 0: return ErrInvalidRequest.New("NewEncryptedObjectKey is missing") - case len(finishCopy.NewEncryptedMetadataKeyNonce) == 0: - return ErrInvalidRequest.New("EncryptedMetadataKeyNonce is missing") - case len(finishCopy.NewEncryptedMetadataKey) == 0: - return ErrInvalidRequest.New("EncryptedMetadataKey is missing") + } + + if finishCopy.OverrideMetadata { + if finishCopy.NewEncryptedMetadata == nil && (finishCopy.NewEncryptedMetadataKeyNonce != nil || finishCopy.NewEncryptedMetadataKey != nil) { + return ErrInvalidRequest.New("EncryptedMetadataNonce and EncryptedMetadataEncryptedKey must be not set if EncryptedMetadata is not set") + } else if finishCopy.NewEncryptedMetadata != nil && (finishCopy.NewEncryptedMetadataKeyNonce == nil || finishCopy.NewEncryptedMetadataKey == nil) { + return ErrInvalidRequest.New("EncryptedMetadataNonce and EncryptedMetadataEncryptedKey must be set if EncryptedMetadata is set") + } + } else { + switch { + case len(finishCopy.NewEncryptedMetadataKeyNonce) == 0: + return ErrInvalidRequest.New("EncryptedMetadataKeyNonce is missing") + case len(finishCopy.NewEncryptedMetadataKey) == 0: + return ErrInvalidRequest.New("EncryptedMetadataKey is missing") + } } return nil @@ -228,6 +242,11 @@ func (db *DB) FinishCopyObject(ctx context.Context, opts FinishCopyObject) (obje } } + copyMetadata := originalObject.EncryptedMetadata + if opts.OverrideMetadata { + copyMetadata = opts.NewEncryptedMetadata + } + err = txutil.WithTx(ctx, db.db, nil, func(ctx context.Context, tx tagsql.Tx) (err error) { // TODO we need to handle metadata correctly (copy from original object or replace) _, err = db.db.ExecContext(ctx, ` @@ -248,7 +267,7 @@ func (db *DB) FinishCopyObject(ctx context.Context, opts FinishCopyObject) (obje opts.ProjectID, opts.NewBucket, opts.NewEncryptedObjectKey, opts.Version, opts.NewStreamID, originalObject.ExpiresAt, originalObject.SegmentCount, encryptionParameters{&originalObject.Encryption}, - originalObject.EncryptedMetadata, opts.NewEncryptedMetadataKeyNonce, opts.NewEncryptedMetadataKey, + copyMetadata, opts.NewEncryptedMetadataKeyNonce, opts.NewEncryptedMetadataKey, originalObject.TotalPlainSize, originalObject.TotalEncryptedSize, originalObject.FixedSegmentSize, ) if err != nil { @@ -309,7 +328,8 @@ func (db *DB) FinishCopyObject(ctx context.Context, opts FinishCopyObject) (obje copyObject := originalObject copyObject.StreamID = opts.NewStreamID copyObject.BucketName = opts.NewBucket - copyObject.ObjectKey = ObjectKey(opts.NewEncryptedObjectKey) + copyObject.ObjectKey = opts.NewEncryptedObjectKey + copyObject.EncryptedMetadata = copyMetadata copyObject.EncryptedMetadataEncryptedKey = opts.NewEncryptedMetadataKey copyObject.EncryptedMetadataNonce = opts.NewEncryptedMetadataKeyNonce diff --git a/satellite/metabase/copy_object_test.go b/satellite/metabase/copy_object_test.go index d3a42c8fa..70e0a8b47 100644 --- a/satellite/metabase/copy_object_test.go +++ b/satellite/metabase/copy_object_test.go @@ -6,6 +6,8 @@ package metabase_test import ( "testing" + "github.com/stretchr/testify/require" + "storj.io/common/storj" "storj.io/common/testcontext" "storj.io/common/testrand" @@ -131,7 +133,7 @@ func TestFinishCopyObject(t *testing.T) { metabasetest.FinishCopyObject{ Opts: metabase.FinishCopyObject{ ObjectStream: obj, - NewEncryptedObjectKey: []byte{1, 2, 3}, + NewEncryptedObjectKey: metabasetest.RandObjectKey(), NewEncryptedMetadataKey: []byte{1, 2, 3}, NewEncryptedMetadataKeyNonce: []byte{1, 2, 3}, }, @@ -179,7 +181,7 @@ func TestFinishCopyObject(t *testing.T) { metabasetest.FinishCopyObject{ Opts: metabase.FinishCopyObject{ NewBucket: newBucketName, - NewEncryptedObjectKey: []byte(obj.ObjectKey), + NewEncryptedObjectKey: obj.ObjectKey, ObjectStream: obj, }, ErrClass: &metabase.ErrInvalidRequest, @@ -196,7 +198,7 @@ func TestFinishCopyObject(t *testing.T) { Opts: metabase.FinishCopyObject{ NewBucket: newBucketName, ObjectStream: obj, - NewEncryptedObjectKey: []byte{0}, + NewEncryptedObjectKey: metabasetest.RandObjectKey(), }, ErrClass: &metabase.ErrInvalidRequest, ErrText: "EncryptedMetadataKeyNonce is missing", @@ -212,7 +214,7 @@ func TestFinishCopyObject(t *testing.T) { Opts: metabase.FinishCopyObject{ NewBucket: newBucketName, ObjectStream: obj, - NewEncryptedObjectKey: []byte{0}, + NewEncryptedObjectKey: metabasetest.RandObjectKey(), NewEncryptedMetadataKeyNonce: []byte{0}, }, ErrClass: &metabase.ErrInvalidRequest, @@ -222,6 +224,45 @@ func TestFinishCopyObject(t *testing.T) { metabasetest.Verify{}.Check(ctx, t, db) }) + t.Run("empty EncryptedMetadata with OverrideMetadata=true", func(t *testing.T) { + defer metabasetest.DeleteAll{}.Check(ctx, t, db) + + metabasetest.FinishCopyObject{ + Opts: metabase.FinishCopyObject{ + NewBucket: newBucketName, + ObjectStream: obj, + NewEncryptedObjectKey: metabasetest.RandObjectKey(), + + OverrideMetadata: true, + NewEncryptedMetadataKey: []byte{1}, + NewEncryptedMetadataKeyNonce: []byte{1}, + }, + ErrClass: &metabase.ErrInvalidRequest, + ErrText: "EncryptedMetadataNonce and EncryptedMetadataEncryptedKey must be not set if EncryptedMetadata is not set", + }.Check(ctx, t, db) + + metabasetest.Verify{}.Check(ctx, t, db) + }) + + t.Run("empty NewEncryptedMetadataKey and NewEncryptedMetadataKeyNonce with OverrideMetadata=true", func(t *testing.T) { + defer metabasetest.DeleteAll{}.Check(ctx, t, db) + + metabasetest.FinishCopyObject{ + Opts: metabase.FinishCopyObject{ + NewBucket: newBucketName, + ObjectStream: obj, + NewEncryptedObjectKey: metabasetest.RandObjectKey(), + + OverrideMetadata: true, + NewEncryptedMetadata: testrand.BytesInt(256), + }, + ErrClass: &metabase.ErrInvalidRequest, + ErrText: "EncryptedMetadataNonce and EncryptedMetadataEncryptedKey must be set if EncryptedMetadata is set", + }.Check(ctx, t, db) + + metabasetest.Verify{}.Check(ctx, t, db) + }) + t.Run("object does not exist", func(t *testing.T) { defer metabasetest.DeleteAll{}.Check(ctx, t, db) @@ -230,14 +271,13 @@ func TestFinishCopyObject(t *testing.T) { newEncryptedMetadataKeyNonce := testrand.Nonce() newEncryptedMetadataKey := testrand.Bytes(32) newEncryptedKeysNonces := make([]metabase.EncryptedKeyAndNonce, 10) - newObjectKey := testrand.Bytes(32) metabasetest.FinishCopyObject{ Opts: metabase.FinishCopyObject{ NewBucket: newBucketName, ObjectStream: newObj, NewSegmentKeys: newEncryptedKeysNonces, - NewEncryptedObjectKey: newObjectKey, + NewEncryptedObjectKey: metabasetest.RandObjectKey(), NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(), NewEncryptedMetadataKey: newEncryptedMetadataKey, }, @@ -252,7 +292,6 @@ func TestFinishCopyObject(t *testing.T) { defer metabasetest.DeleteAll{}.Check(ctx, t, db) numberOfSegments := 10 - newObjectKey := testrand.Bytes(32) newObj, _ := metabasetest.CreateTestObject{ CommitObject: &metabase.CommitObject{ @@ -287,7 +326,7 @@ func TestFinishCopyObject(t *testing.T) { NewBucket: newBucketName, ObjectStream: obj, NewSegmentKeys: newEncryptedKeysNonces, - NewEncryptedObjectKey: newObjectKey, + NewEncryptedObjectKey: metabasetest.RandObjectKey(), NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(), NewEncryptedMetadataKey: newEncryptedMetadataKey, }, @@ -300,7 +339,6 @@ func TestFinishCopyObject(t *testing.T) { defer metabasetest.DeleteAll{}.Check(ctx, t, db) numberOfSegments := 10 - newObjectKey := testrand.Bytes(32) newObj, _ := metabasetest.CreateTestObject{ CommitObject: &metabase.CommitObject{ @@ -337,7 +375,7 @@ func TestFinishCopyObject(t *testing.T) { NewBucket: newBucketName, ObjectStream: obj, NewSegmentKeys: newEncryptedKeysNonces, - NewEncryptedObjectKey: newObjectKey, + NewEncryptedObjectKey: metabasetest.RandObjectKey(), NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(), NewEncryptedMetadataKey: newEncryptedMetadataKey, }, @@ -374,7 +412,7 @@ func TestFinishCopyObject(t *testing.T) { ObjectStream: objStream, NewBucket: copyStream.BucketName, NewStreamID: copyStream.StreamID, - NewEncryptedObjectKey: []byte(copyStream.ObjectKey), + NewEncryptedObjectKey: copyStream.ObjectKey, NewEncryptedMetadataKey: expectedCopyObject.EncryptedMetadataEncryptedKey, NewEncryptedMetadataKeyNonce: expectedCopyObject.EncryptedMetadataNonce, }, @@ -425,6 +463,96 @@ func TestFinishCopyObject(t *testing.T) { }}, }.Check(ctx, t, db) }) + + t.Run("finish copy object with new metadata", func(t *testing.T) { + defer metabasetest.DeleteAll{}.Check(ctx, t, db) + + copyStream := metabasetest.RandObjectStream() + copyStreamNoOverride := metabasetest.RandObjectStream() + + originalMetadata := testrand.Bytes(64) + originalMetadataNonce := testrand.Nonce().Bytes() + originalMetadataEncryptedKey := testrand.Bytes(265) + + originalObj, _ := metabasetest.CreateTestObject{ + CommitObject: &metabase.CommitObject{ + ObjectStream: obj, + EncryptedMetadata: originalMetadata, + EncryptedMetadataNonce: originalMetadataNonce, + EncryptedMetadataEncryptedKey: originalMetadataEncryptedKey, + }, + }.Run(ctx, t, db, obj, 0) + + newMetadata := testrand.Bytes(256) + newMetadataKey := testrand.Bytes(32) + newMetadataKeyNonce := testrand.Nonce().Bytes() + + // do a copy without OverrideMetadata field set to true, + // metadata shouldn't be updated even if NewEncryptedMetadata + // field is set + copyObjNoOverride, _ := metabasetest.CreateObjectCopy{ + OriginalObject: originalObj, + CopyObjectStream: ©StreamNoOverride, + FinishObject: &metabase.FinishCopyObject{ + ObjectStream: originalObj.ObjectStream, + + NewBucket: copyStreamNoOverride.BucketName, + NewStreamID: copyStreamNoOverride.StreamID, + + NewEncryptedObjectKey: copyStreamNoOverride.ObjectKey, + + OverrideMetadata: false, + NewEncryptedMetadata: newMetadata, + NewEncryptedMetadataKeyNonce: newMetadataKeyNonce, + NewEncryptedMetadataKey: newMetadataKey, + }, + }.Run(ctx, t, db) + + require.Equal(t, originalMetadata, copyObjNoOverride.EncryptedMetadata) + require.Equal(t, newMetadataKey, copyObjNoOverride.EncryptedMetadataEncryptedKey) + require.Equal(t, newMetadataKeyNonce, copyObjNoOverride.EncryptedMetadataNonce) + + // do a copy WITH OverrideMetadata field set to true, + // metadata should be updated to NewEncryptedMetadata + copyObj, _ := metabasetest.CreateObjectCopy{ + OriginalObject: originalObj, + CopyObjectStream: ©Stream, + FinishObject: &metabase.FinishCopyObject{ + ObjectStream: originalObj.ObjectStream, + + NewBucket: copyStream.BucketName, + NewStreamID: copyStream.StreamID, + + NewEncryptedObjectKey: copyStream.ObjectKey, + + OverrideMetadata: true, + NewEncryptedMetadata: newMetadata, + NewEncryptedMetadataKeyNonce: newMetadataKeyNonce, + NewEncryptedMetadataKey: newMetadataKey, + }, + }.Run(ctx, t, db) + + require.Equal(t, newMetadata, copyObj.EncryptedMetadata) + require.Equal(t, newMetadataKey, copyObj.EncryptedMetadataEncryptedKey) + require.Equal(t, newMetadataKeyNonce, copyObj.EncryptedMetadataNonce) + + metabasetest.Verify{ + Objects: []metabase.RawObject{ + metabase.RawObject(originalObj), + metabase.RawObject(copyObj), + metabase.RawObject(copyObjNoOverride), + }, + Copies: []metabase.RawCopy{ + { + StreamID: copyStream.StreamID, + AncestorStreamID: originalObj.StreamID, + }, + { + StreamID: copyObjNoOverride.StreamID, + AncestorStreamID: originalObj.StreamID, + }, + }, + }.Check(ctx, t, db) + }) }) - // TODO: test with new metadata } diff --git a/satellite/metabase/get_test.go b/satellite/metabase/get_test.go index 9e130ad64..b96b95165 100644 --- a/satellite/metabase/get_test.go +++ b/satellite/metabase/get_test.go @@ -332,7 +332,7 @@ func TestGetSegmentByPosition(t *testing.T) { NewBucket: copyObjStream.BucketName, ObjectStream: obj.ObjectStream, NewSegmentKeys: newEncryptedKeyNonces, - NewEncryptedObjectKey: []byte(copyObjStream.ObjectKey), + NewEncryptedObjectKey: copyObjStream.ObjectKey, NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(), NewEncryptedMetadataKey: newEncryptedMetadataKey, }) @@ -516,7 +516,7 @@ func TestGetSegmentByPosition(t *testing.T) { NewStreamID: copyObjStream.StreamID, NewBucket: copyObjStream.BucketName, NewSegmentKeys: newEncryptedKeyNonces, - NewEncryptedObjectKey: []byte(copyObjStream.ObjectKey), + NewEncryptedObjectKey: copyObjStream.ObjectKey, NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(), NewEncryptedMetadataKey: newEncryptedMetadataKey, }) @@ -685,7 +685,7 @@ func TestGetSegmentByPosition(t *testing.T) { NewStreamID: copyObjStream.StreamID, NewBucket: copyObjStream.BucketName, NewSegmentKeys: newEncryptedKeyNonces, - NewEncryptedObjectKey: []byte(copyObjStream.ObjectKey), + NewEncryptedObjectKey: copyObjStream.ObjectKey, NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(), NewEncryptedMetadataKey: newEncryptedMetadataKey, }) @@ -932,7 +932,7 @@ func TestGetLatestObjectLastSegment(t *testing.T) { NewBucket: copyObjStream.BucketName, ObjectStream: obj.ObjectStream, NewSegmentKeys: newEncryptedKeyNonces, - NewEncryptedObjectKey: []byte(copyObjStream.ObjectKey), + NewEncryptedObjectKey: copyObjStream.ObjectKey, NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(), NewEncryptedMetadataKey: newEncryptedMetadataKey, }) @@ -1112,7 +1112,7 @@ func TestGetLatestObjectLastSegment(t *testing.T) { NewStreamID: copyObjStream.StreamID, NewBucket: copyObjStream.BucketName, NewSegmentKeys: newEncryptedKeyNonces, - NewEncryptedObjectKey: []byte(copyObjStream.ObjectKey), + NewEncryptedObjectKey: copyObjStream.ObjectKey, NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(), NewEncryptedMetadataKey: newEncryptedMetadataKey, }) @@ -1277,7 +1277,7 @@ func TestGetLatestObjectLastSegment(t *testing.T) { NewStreamID: copyObjStream.StreamID, NewBucket: copyObjStream.BucketName, NewSegmentKeys: newEncryptedKeyNonces, - NewEncryptedObjectKey: []byte(copyObjStream.ObjectKey), + NewEncryptedObjectKey: copyObjStream.ObjectKey, NewEncryptedMetadataKeyNonce: newEncryptedMetadataKeyNonce.Bytes(), NewEncryptedMetadataKey: newEncryptedMetadataKey, }) diff --git a/satellite/metabase/metabasetest/create.go b/satellite/metabase/metabasetest/create.go index ef5061c31..bd92e25ed 100644 --- a/satellite/metabase/metabasetest/create.go +++ b/satellite/metabase/metabasetest/create.go @@ -21,12 +21,17 @@ func RandObjectStream() metabase.ObjectStream { return metabase.ObjectStream{ ProjectID: testrand.UUID(), BucketName: testrand.BucketName(), - ObjectKey: metabase.ObjectKey(testrand.Bytes(16)), + ObjectKey: RandObjectKey(), Version: 1, StreamID: testrand.UUID(), } } +// RandObjectKey returns a random object key. +func RandObjectKey() metabase.ObjectKey { + return metabase.ObjectKey(testrand.Bytes(16)) +} + // CreatePendingObject creates a new pending object with the specified number of segments. func CreatePendingObject(ctx *testcontext.Context, t *testing.T, db *metabase.DB, obj metabase.ObjectStream, numberOfSegments byte) { BeginObjectExactVersion{ @@ -359,7 +364,7 @@ func (cc CreateObjectCopy) Run(ctx *testcontext.Context, t testing.TB, db *metab NewBucket: copyStream.BucketName, ObjectStream: cc.OriginalObject.ObjectStream, NewSegmentKeys: newEncryptedKeysNonces, - NewEncryptedObjectKey: []byte(copyStream.ObjectKey), + NewEncryptedObjectKey: copyStream.ObjectKey, NewEncryptedMetadataKeyNonce: testrand.Nonce().Bytes(), NewEncryptedMetadataKey: testrand.Bytes(32), } diff --git a/satellite/metainfo/endpoint_object.go b/satellite/metainfo/endpoint_object.go index 0abe0b2a5..ceb585c60 100644 --- a/satellite/metainfo/endpoint_object.go +++ b/satellite/metainfo/endpoint_object.go @@ -1878,6 +1878,11 @@ func (endpoint *Endpoint) FinishCopyObject(ctx context.Context, req *pb.ObjectFi return nil, rpcstatus.Error(rpcstatus.InvalidArgument, err.Error()) } + var newNonce []byte + if !req.NewEncryptedMetadataKeyNonce.IsZero() { + newNonce = req.NewEncryptedMetadataKeyNonce[:] + } + object, err := endpoint.metabase.FinishCopyObject(ctx, metabase.FinishCopyObject{ ObjectStream: metabase.ObjectStream{ ProjectID: keyInfo.ProjectID, @@ -1889,8 +1894,10 @@ func (endpoint *Endpoint) FinishCopyObject(ctx context.Context, req *pb.ObjectFi NewStreamID: newStreamID, NewSegmentKeys: protobufkeysToMetabase(req.NewSegmentKeys), NewBucket: string(req.NewBucket), - NewEncryptedObjectKey: req.NewEncryptedObjectKey, - NewEncryptedMetadataKeyNonce: req.NewEncryptedMetadataKeyNonce[:], + NewEncryptedObjectKey: metabase.ObjectKey(req.NewEncryptedObjectKey), + OverrideMetadata: req.OverrideMetadata, + NewEncryptedMetadata: req.NewEncryptedMetadata, + NewEncryptedMetadataKeyNonce: newNonce, NewEncryptedMetadataKey: req.NewEncryptedMetadataKey, }) if err != nil { diff --git a/testsuite/go.mod b/testsuite/go.mod index 13fa7b6ec..aa36adf24 100644 --- a/testsuite/go.mod +++ b/testsuite/go.mod @@ -10,7 +10,7 @@ require ( github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.7.0 go.uber.org/zap v1.17.0 - storj.io/common v0.0.0-20220228211628-96f1d7f5fdfd + storj.io/common v0.0.0-20220303150900-2150c0203dcc storj.io/gateway-mt v1.18.1-0.20211210081136-cada9a567d31 storj.io/private v0.0.0-20220131131751-c913260b9ec2 storj.io/storj v0.12.1-0.20220216152726-b24379aa917a @@ -218,5 +218,5 @@ require ( storj.io/gateway v1.4.1 // indirect storj.io/minio v0.0.0-20211007171754-df6c27823c8a // indirect storj.io/monkit-jaeger v0.0.0-20220131130547-dc4cb5a0d97a // indirect - storj.io/uplink v1.8.1-0.20220223161331-c4e80d7a3a87 // indirect + storj.io/uplink v1.8.1-0.20220307141551-c65f09ea27d8 // indirect ) diff --git a/testsuite/go.sum b/testsuite/go.sum index d303252fc..ee6246878 100644 --- a/testsuite/go.sum +++ b/testsuite/go.sum @@ -1395,9 +1395,9 @@ storj.io/common v0.0.0-20210805073808-8e0feb09e92a/go.mod h1:mhZYWpTojKsACxWE66R storj.io/common v0.0.0-20210916151047-6aaeb34bb916/go.mod h1:objobGrIWQwhmTSpSm6Y7ykd40wZjB7CezNfic5YLKg= storj.io/common v0.0.0-20211102144601-401a79f0706a/go.mod h1:a2Kw7Uipu929OFANfWKLHRoD0JfhgssikEvimd6hbSQ= storj.io/common v0.0.0-20220131120956-e74f624a3d55/go.mod h1:m0489td5+rKDdoiYOzCkh3CfGW/cLyntZiYfso+QfMs= -storj.io/common v0.0.0-20220218100924-daea4bf7cc6c/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog= -storj.io/common v0.0.0-20220228211628-96f1d7f5fdfd h1:4sUi3QM1xn7uVJNyVvhrLvieynbYd1ePXdZehcRWzH0= -storj.io/common v0.0.0-20220228211628-96f1d7f5fdfd/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog= +storj.io/common v0.0.0-20220223161334-302b968d0f29/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog= +storj.io/common v0.0.0-20220303150900-2150c0203dcc h1:ecc15H8aEXdGh4WWyfhXM8q9x3ni5hnCXDH2+HC/z9k= +storj.io/common v0.0.0-20220303150900-2150c0203dcc/go.mod h1:xW3PPPGBo4bdMtEP9GREnmxQptmJNuDg1tEHcA4zqog= storj.io/dotworld v0.0.0-20210324183515-0d11aeccd840/go.mod h1:KU9YvEgRrMMiWLvH8pzn1UkoCoxggKIPvQxmNdx7aXQ= storj.io/drpc v0.0.11/go.mod h1:TiFc2obNjL9/3isMW1Rpxjy8V9uE0B2HMeMFGiiI7Iw= storj.io/drpc v0.0.24/go.mod h1:ofQUDPQbbIymRDKE0tms48k8bLP5Y+dsI9CbXGv3gko= @@ -1418,5 +1418,5 @@ storj.io/private v0.0.0-20220131131751-c913260b9ec2 h1:POHeqNfH0YzO4d2px9NZRPvWP storj.io/private v0.0.0-20220131131751-c913260b9ec2/go.mod h1:i08plLYNEyxf9eObj0UAYnTyh+6r8jvra4JDnvhFsCI= storj.io/uplink v1.7.0/go.mod h1:zqj/LFDxa6RMaSRSHOmukg3mMgesOry0iHSjNldDMGo= storj.io/uplink v1.7.1-0.20211103104100-a785482780d8/go.mod h1:pKqsMpNMIAz//2TXzUGOR6tpu3iyabvXV4VWINj4jaY= -storj.io/uplink v1.8.1-0.20220223161331-c4e80d7a3a87 h1:oBbMBGijaMGFfrHteng2v5GPW/d6J4AB6nfey/99614= -storj.io/uplink v1.8.1-0.20220223161331-c4e80d7a3a87/go.mod h1:maW42V/Ze1MJOEJVNpkNa1VdU7nEiNb+TEZ+pNDx2/Q= +storj.io/uplink v1.8.1-0.20220307141551-c65f09ea27d8 h1:nW8/fo04hiUXU9RP9zkr+wPY3NVWyOd5wvkxDP9gKKY= +storj.io/uplink v1.8.1-0.20220307141551-c65f09ea27d8/go.mod h1:CVSBjpsXFk6iFIc9jxo/530kIQJK/8iM0xdihoZkhoE=