Server-Side Encryption

[take-five]

Hi

I'd like to have the library to support SSE: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/s3-example-server-side-encryption-with-kms.html

As far as I can tell, the way to go would be to add new public fields to the UploadedFileProperties type, like this:

// UploadedFileProperties defines all the set properties applied to future files
type UploadedFileProperties struct {
	ACL          *string // ACL defines the right to apply
	CacheControl *string // CacheControl defines the Cache-Control header
	ContentType  *string // ContentType define the Content-Type header
+	// Parameters below mirror the ones from s3.PutObjectInput type from AWS SDK
+	SSEKMSEncryptionContext *string
+	SSEKMSKeyId *string
+	ServerSideEncryption *string
}

And then copy them to the struct passed to AWS SDK in applyFileCreateProps and in applyFileWriteProps:

func applyFileCreateProps(req *s3.PutObjectInput, p *UploadedFileProperties) {
	if p.ACL != nil {
		req.ACL = p.ACL
	}

	if p.CacheControl != nil {
		req.CacheControl = p.CacheControl
	}

	if p.ContentType != nil {
		req.ContentType = p.ContentType
	}

+	if p.SSEKMSEncryptionContext != nil {
+		req.SSEKMSEncryptionContext = p.SSEKMSEncryptionContext
+	}
+
+	if p.SSEKMSKeyId != nil {
+		req.SSEKMSKeyId = p.SSEKMSKeyId
+	}
+
+	if p.ServerSideEncryption != nil {
+		req.ServerSideEncryption = p.ServerSideEncryption
+	}
}

(same code in the other function)

Couple of questions:

• Is this approach okay with you? If so, I'd go ahead and create a PR. Although, I'm not sure how to go about testing it. Minio, which you seem to be using to mock the real S3, supports SSE with their own KMS implementation.
• The seemingly public type seems to be undocumented. IMO, it exposes a very useful functionality. Maybe it's worth putting into examples in README?

Thanks,
Alexei