Answer-first summary for fast verification
Answer: You attempted the read operation without the base64-encoded SHA256 hash of the encryption key.
The HTTP 4xx error indicates a client-side issue, which in the context of Cloud Storage objects encrypted with customer-supplied keys (CSEK), can occur if the read operation is attempted without the necessary headers. Specifically, the request must include the base64-encoded key (x-goog-encryption-key) and the base64-encoded SHA256 hash of the key (x-goog-encryption-key-sha256) for validation. Option B is correct because omitting the SHA256 hash header would cause the server to reject the request, leading to a 4xx error. Option D is also correct because using the SHA256 hash of the key as the encryption key itself would result in a mismatch during validation, also causing a 4xx error. Given the question's structure with 4 options, the most directly correct answer is B, as it directly addresses the omission of a required header.
Author: LeetQuiz Editorial Team
Ultimate access to all questions.
Your application stores customer content in a Cloud Storage bucket, with each object encrypted using the customer's encryption key. The key for each object is provided by the customer through your application. You notice that your application receives an HTTP 4xx error when attempting to read an object from Cloud Storage. What could be causing this error?
A
You attempted the read operation on the object with the customer's base64-encoded key.
B
You attempted the read operation without the base64-encoded SHA256 hash of the encryption key.
C
You entered the same encryption algorithm specified by the customer when attempting the read operation.
D
You attempted the read operation on the object with the base64-encoded SHA256 hash of the customer's key.
No comments yet.