Malin
3248cbb029
Adds a new 'S3-Compatible Storage' provider that works with any
S3-API-compatible object storage service, including MinIO, Ceph,
Cloudflare R2, Backblaze B2, and others.
Changes:
- New provider class: classes/providers/storage/s3-compatible-provider.php
- Provider key: s3compatible
- Reads user-configured endpoint URL from settings
- Uses path-style URL access (required by most S3-compatible services)
- Supports credentials via AS3CF_S3COMPAT_ACCESS_KEY_ID /
AS3CF_S3COMPAT_SECRET_ACCESS_KEY wp-config.php constants
- Disables AWS-specific features (Block Public Access, Object Ownership)
- New provider SVG icons (s3compatible.svg, -link.svg, -round.svg)
- Registered provider in main plugin class with endpoint setting support
- Updated StorageProviderSubPage to show endpoint URL input for S3-compatible
- Built pro settings bundle with rollup (Svelte 4.2.19)
- Added package.json and updated rollup.config.mjs for pro-only builds
109 lines
3.5 KiB
PHP
109 lines
3.5 KiB
PHP
<?php
|
|
|
|
namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto;
|
|
|
|
use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\StreamDecoratorTrait;
|
|
use LogicException;
|
|
use DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface;
|
|
use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Cipher\CipherMethod;
|
|
/**
|
|
* @internal Represents a stream of data to be decrypted with passed cipher.
|
|
*/
|
|
class AesDecryptingStream implements AesStreamInterface
|
|
{
|
|
const BLOCK_SIZE = 16;
|
|
// 128 bits
|
|
use StreamDecoratorTrait;
|
|
/**
|
|
* @var string
|
|
*/
|
|
private $buffer = '';
|
|
/**
|
|
* @var CipherMethod
|
|
*/
|
|
private $cipherMethod;
|
|
/**
|
|
* @var string
|
|
*/
|
|
private $key;
|
|
/**
|
|
* @var StreamInterface
|
|
*/
|
|
private $stream;
|
|
/**
|
|
* @param StreamInterface $cipherText
|
|
* @param string $key
|
|
* @param CipherMethod $cipherMethod
|
|
*/
|
|
public function __construct(StreamInterface $cipherText, $key, CipherMethod $cipherMethod)
|
|
{
|
|
$this->stream = $cipherText;
|
|
$this->key = $key;
|
|
$this->cipherMethod = clone $cipherMethod;
|
|
}
|
|
public function getOpenSslName()
|
|
{
|
|
return $this->cipherMethod->getOpenSslName();
|
|
}
|
|
public function getAesName()
|
|
{
|
|
return $this->cipherMethod->getAesName();
|
|
}
|
|
public function getCurrentIv()
|
|
{
|
|
return $this->cipherMethod->getCurrentIv();
|
|
}
|
|
public function getSize() : ?int
|
|
{
|
|
$plainTextSize = $this->stream->getSize();
|
|
if ($this->cipherMethod->requiresPadding()) {
|
|
// PKCS7 padding requires that between 1 and self::BLOCK_SIZE be
|
|
// added to the plaintext to make it an even number of blocks. The
|
|
// plaintext is between strlen($cipherText) - self::BLOCK_SIZE and
|
|
// strlen($cipherText) - 1
|
|
return null;
|
|
}
|
|
return $plainTextSize;
|
|
}
|
|
public function isWritable() : bool
|
|
{
|
|
return \false;
|
|
}
|
|
public function read($length) : string
|
|
{
|
|
if ($length > \strlen($this->buffer)) {
|
|
$this->buffer .= $this->decryptBlock((int) (self::BLOCK_SIZE * \ceil(($length - \strlen($this->buffer)) / self::BLOCK_SIZE)));
|
|
}
|
|
$data = \substr($this->buffer, 0, $length);
|
|
$this->buffer = \substr($this->buffer, $length);
|
|
return $data ? $data : '';
|
|
}
|
|
public function seek($offset, $whence = \SEEK_SET) : void
|
|
{
|
|
if ($offset === 0 && $whence === \SEEK_SET) {
|
|
$this->buffer = '';
|
|
$this->cipherMethod->seek(0, \SEEK_SET);
|
|
$this->stream->seek(0, \SEEK_SET);
|
|
} else {
|
|
throw new LogicException('AES encryption streams only support being' . ' rewound, not arbitrary seeking.');
|
|
}
|
|
}
|
|
private function decryptBlock($length)
|
|
{
|
|
if ($this->stream->eof()) {
|
|
return '';
|
|
}
|
|
$cipherText = '';
|
|
do {
|
|
$cipherText .= $this->stream->read((int) ($length - \strlen($cipherText)));
|
|
} while (\strlen($cipherText) < $length && !$this->stream->eof());
|
|
$options = \OPENSSL_RAW_DATA;
|
|
if (!$this->stream->eof() && $this->stream->getSize() !== $this->stream->tell()) {
|
|
$options |= \OPENSSL_ZERO_PADDING;
|
|
}
|
|
$plaintext = \openssl_decrypt($cipherText, $this->cipherMethod->getOpenSslName(), $this->key, $options, $this->cipherMethod->getCurrentIv());
|
|
$this->cipherMethod->update($cipherText);
|
|
return $plaintext;
|
|
}
|
|
}
|