feat: add S3-compatible storage provider (MinIO, Ceph, R2, etc.)
Adds a new 'S3-Compatible Storage' provider that works with any
S3-API-compatible object storage service, including MinIO, Ceph,
Cloudflare R2, Backblaze B2, and others.
Changes:
- New provider class: classes/providers/storage/s3-compatible-provider.php
- Provider key: s3compatible
- Reads user-configured endpoint URL from settings
- Uses path-style URL access (required by most S3-compatible services)
- Supports credentials via AS3CF_S3COMPAT_ACCESS_KEY_ID /
AS3CF_S3COMPAT_SECRET_ACCESS_KEY wp-config.php constants
- Disables AWS-specific features (Block Public Access, Object Ownership)
- New provider SVG icons (s3compatible.svg, -link.svg, -round.svg)
- Registered provider in main plugin class with endpoint setting support
- Updated StorageProviderSubPage to show endpoint URL input for S3-compatible
- Built pro settings bundle with rollup (Svelte 4.2.19)
- Added package.json and updated rollup.config.mjs for pro-only builds
This commit is contained in:
76
vendor/Aws3/Aws/Crypto/Cipher/Cbc.php
vendored
Normal file
76
vendor/Aws3/Aws/Crypto/Cipher/Cbc.php
vendored
Normal file
@@ -0,0 +1,76 @@
|
||||
<?php
|
||||
|
||||
namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Cipher;
|
||||
|
||||
use InvalidArgumentException;
|
||||
use LogicException;
|
||||
/**
|
||||
* An implementation of the CBC cipher for use with an AesEncryptingStream or
|
||||
* AesDecrypting stream.
|
||||
*
|
||||
* This cipher method is deprecated and in maintenance mode - no new updates will be
|
||||
* released. Please see https://docs.aws.amazon.com/general/latest/gr/aws_sdk_cryptography.html
|
||||
* for more information.
|
||||
*
|
||||
* @deprecated
|
||||
*/
|
||||
class Cbc implements CipherMethod
|
||||
{
|
||||
const BLOCK_SIZE = 16;
|
||||
/**
|
||||
* @var string
|
||||
*/
|
||||
private $baseIv;
|
||||
/**
|
||||
* @var string
|
||||
*/
|
||||
private $iv;
|
||||
/**
|
||||
* @var int
|
||||
*/
|
||||
private $keySize;
|
||||
/**
|
||||
* @param string $iv Base Initialization Vector for the cipher.
|
||||
* @param int $keySize Size of the encryption key, in bits, that will be
|
||||
* used.
|
||||
*
|
||||
* @throws InvalidArgumentException Thrown if the passed iv does not match
|
||||
* the iv length required by the cipher.
|
||||
*/
|
||||
public function __construct($iv, $keySize = 256)
|
||||
{
|
||||
$this->baseIv = $this->iv = $iv;
|
||||
$this->keySize = $keySize;
|
||||
if (\strlen($iv) !== \openssl_cipher_iv_length($this->getOpenSslName())) {
|
||||
throw new InvalidArgumentException('Invalid initialization vector');
|
||||
}
|
||||
}
|
||||
public function getOpenSslName()
|
||||
{
|
||||
return "aes-{$this->keySize}-cbc";
|
||||
}
|
||||
public function getAesName()
|
||||
{
|
||||
return 'AES/CBC/PKCS5Padding';
|
||||
}
|
||||
public function getCurrentIv()
|
||||
{
|
||||
return $this->iv;
|
||||
}
|
||||
public function requiresPadding()
|
||||
{
|
||||
return \true;
|
||||
}
|
||||
public function seek($offset, $whence = \SEEK_SET)
|
||||
{
|
||||
if ($offset === 0 && $whence === \SEEK_SET) {
|
||||
$this->iv = $this->baseIv;
|
||||
} else {
|
||||
throw new LogicException('CBC initialization only support being' . ' rewound, not arbitrary seeking.');
|
||||
}
|
||||
}
|
||||
public function update($cipherTextBlock)
|
||||
{
|
||||
$this->iv = \substr($cipherTextBlock, self::BLOCK_SIZE * -1);
|
||||
}
|
||||
}
|
||||
66
vendor/Aws3/Aws/Crypto/Cipher/CipherBuilderTrait.php
vendored
Normal file
66
vendor/Aws3/Aws/Crypto/Cipher/CipherBuilderTrait.php
vendored
Normal file
@@ -0,0 +1,66 @@
|
||||
<?php
|
||||
|
||||
namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Cipher;
|
||||
|
||||
use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Exception\CryptoException;
|
||||
trait CipherBuilderTrait
|
||||
{
|
||||
/**
|
||||
* Returns an identifier recognizable by `openssl_*` functions, such as
|
||||
* `aes-256-cbc` or `aes-128-ctr`.
|
||||
*
|
||||
* @param string $cipherName Name of the cipher being used for encrypting
|
||||
* or decrypting.
|
||||
* @param int $keySize Size of the encryption key, in bits, that will be
|
||||
* used.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
protected function getCipherOpenSslName($cipherName, $keySize)
|
||||
{
|
||||
return "aes-{$keySize}-{$cipherName}";
|
||||
}
|
||||
/**
|
||||
* Constructs a CipherMethod for the given name, initialized with the other
|
||||
* data passed for use in encrypting or decrypting.
|
||||
*
|
||||
* @param string $cipherName Name of the cipher to generate for encrypting.
|
||||
* @param string $iv Base Initialization Vector for the cipher.
|
||||
* @param int $keySize Size of the encryption key, in bits, that will be
|
||||
* used.
|
||||
*
|
||||
* @return CipherMethod
|
||||
*
|
||||
* @internal
|
||||
*/
|
||||
protected function buildCipherMethod($cipherName, $iv, $keySize)
|
||||
{
|
||||
switch ($cipherName) {
|
||||
case 'cbc':
|
||||
return new Cbc($iv, $keySize);
|
||||
default:
|
||||
return null;
|
||||
}
|
||||
}
|
||||
/**
|
||||
* Performs a reverse lookup to get the openssl_* cipher name from the
|
||||
* AESName passed in from the MetadataEnvelope.
|
||||
*
|
||||
* @param $aesName
|
||||
*
|
||||
* @return string
|
||||
*
|
||||
* @internal
|
||||
*/
|
||||
protected function getCipherFromAesName($aesName)
|
||||
{
|
||||
switch ($aesName) {
|
||||
case 'AES/GCM/NoPadding':
|
||||
return 'gcm';
|
||||
case 'AES/CBC/PKCS5Padding':
|
||||
return 'cbc';
|
||||
default:
|
||||
throw new CryptoException('Unrecognized or unsupported' . ' AESName for reverse lookup.');
|
||||
}
|
||||
}
|
||||
}
|
||||
55
vendor/Aws3/Aws/Crypto/Cipher/CipherMethod.php
vendored
Normal file
55
vendor/Aws3/Aws/Crypto/Cipher/CipherMethod.php
vendored
Normal file
@@ -0,0 +1,55 @@
|
||||
<?php
|
||||
|
||||
namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Cipher;
|
||||
|
||||
interface CipherMethod
|
||||
{
|
||||
/**
|
||||
* Returns an identifier recognizable by `openssl_*` functions, such as
|
||||
* `aes-256-cbc` or `aes-128-ctr`.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function getOpenSslName();
|
||||
/**
|
||||
* Returns an AES recognizable name, such as 'AES/GCM/NoPadding'.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function getAesName();
|
||||
/**
|
||||
* Returns the IV that should be used to initialize the next block in
|
||||
* encrypt or decrypt.
|
||||
*
|
||||
* @return string
|
||||
*/
|
||||
public function getCurrentIv();
|
||||
/**
|
||||
* Indicates whether the cipher method used with this IV requires padding
|
||||
* the final block to make sure the plaintext is evenly divisible by the
|
||||
* block size.
|
||||
*
|
||||
* @return boolean
|
||||
*/
|
||||
public function requiresPadding();
|
||||
/**
|
||||
* Adjust the return of this::getCurrentIv to reflect a seek performed on
|
||||
* the encryption stream using this IV object.
|
||||
*
|
||||
* @param int $offset
|
||||
* @param int $whence
|
||||
*
|
||||
* @throws LogicException Thrown if the requested seek is not supported by
|
||||
* this IV implementation. For example, a CBC IV
|
||||
* only supports a full rewind ($offset === 0 &&
|
||||
* $whence === SEEK_SET)
|
||||
*/
|
||||
public function seek($offset, $whence = \SEEK_SET);
|
||||
/**
|
||||
* Take account of the last cipher text block to adjust the return of
|
||||
* this::getCurrentIv
|
||||
*
|
||||
* @param string $cipherTextBlock
|
||||
*/
|
||||
public function update($cipherTextBlock);
|
||||
}
|
||||
Reference in New Issue
Block a user