Hello Everyone,
I have been trying to use restrict_scope function in uplinkc. I want to use restricted scope to access some object uploaded on a bucket using API Key and Encryption PassPhrase. I am using "lib/uplinkc v0.28.4"
functions for this.
Steps and functions involved in uploading data:
- new_uplink
- parse_api_key
- open_project
- project_salted_key_from_passphrase
- new_encryption_access_with_default_key
- serialize_encryption_access
- open_bucket
- upload
- upload_write
- upload_commit
The data is successfully uploaded on storj and can be accessed/downloaded using uplink CLI.
Bucket: "bucketname01" Object Path: "uploadPath01/data/README.md"
Further Scope is created using new_scope function with returned objects from above “parse_api_key” and “new_encryption_access_with_default_key” functions.
The created scope is then restricted using restrict_scope function with parameters as:
Caveat caveat = {disallow_deletes : true};
EncryptionRestriction restrictions[] = {
{"bucketname01", "uploadPath01/data"}};
Steps involved in downloading data using restricted scope:
- get_scope_satellite_address
- get_scope_api_key
- get_scope_enc_access
- serialize_encryption_access
- new_uplink
- open_project
- open_bucket
- download
- download_read
- download_close
It works properly till open bucket but fails to download object data.
Error: unable to find encryption base for: bucketname01/“”
If I add this path to restrictions, I get the following error:
EncryptionRestriction restrictions[] = {
{"bucketname01", ""},
{"bucketname01", "uploadPath01/data"}};
Error: encryption error: decryption failed, check encryption key: cipher: message authentication failed
If I try the above steps without using restrict_scope function, it successfully downloads object data.
Please let me know what may be the issue and if I am doing something wrong ?