Malin
3248cbb029
Adds a new 'S3-Compatible Storage' provider that works with any
S3-API-compatible object storage service, including MinIO, Ceph,
Cloudflare R2, Backblaze B2, and others.
Changes:
- New provider class: classes/providers/storage/s3-compatible-provider.php
- Provider key: s3compatible
- Reads user-configured endpoint URL from settings
- Uses path-style URL access (required by most S3-compatible services)
- Supports credentials via AS3CF_S3COMPAT_ACCESS_KEY_ID /
AS3CF_S3COMPAT_SECRET_ACCESS_KEY wp-config.php constants
- Disables AWS-specific features (Block Public Access, Object Ownership)
- New provider SVG icons (s3compatible.svg, -link.svg, -round.svg)
- Registered provider in main plugin class with endpoint setting support
- Updated StorageProviderSubPage to show endpoint URL input for S3-compatible
- Built pro settings bundle with rollup (Svelte 4.2.19)
- Added package.json and updated rollup.config.mjs for pro-only builds
95 lines
2.8 KiB
PHP
95 lines
2.8 KiB
PHP
<?php
|
|
|
|
namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto;
|
|
|
|
use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Polyfill\AesGcm;
|
|
use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Polyfill\Key;
|
|
use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7;
|
|
use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\StreamDecoratorTrait;
|
|
use DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface;
|
|
use RuntimeException;
|
|
/**
|
|
* @internal Represents a stream of data to be gcm encrypted.
|
|
*/
|
|
class AesGcmEncryptingStream implements AesStreamInterface, AesStreamInterfaceV2
|
|
{
|
|
use StreamDecoratorTrait;
|
|
private $aad;
|
|
private $initializationVector;
|
|
private $key;
|
|
private $keySize;
|
|
private $plaintext;
|
|
private $tag = '';
|
|
private $tagLength;
|
|
/**
|
|
* @var StreamInterface
|
|
*/
|
|
private $stream;
|
|
/**
|
|
* Same as non-static 'getAesName' method, allowing calls in a static
|
|
* context.
|
|
*
|
|
* @return string
|
|
*/
|
|
public static function getStaticAesName()
|
|
{
|
|
return 'AES/GCM/NoPadding';
|
|
}
|
|
/**
|
|
* @param StreamInterface $plaintext
|
|
* @param string $key
|
|
* @param string $initializationVector
|
|
* @param string $aad
|
|
* @param int $tagLength
|
|
* @param int $keySize
|
|
*/
|
|
public function __construct(StreamInterface $plaintext, $key, $initializationVector, $aad = '', $tagLength = 16, $keySize = 256)
|
|
{
|
|
$this->plaintext = $plaintext;
|
|
$this->key = $key;
|
|
$this->initializationVector = $initializationVector;
|
|
$this->aad = $aad;
|
|
$this->tagLength = $tagLength;
|
|
$this->keySize = $keySize;
|
|
// unsetting the property forces the first access to go through
|
|
// __get().
|
|
unset($this->stream);
|
|
}
|
|
public function getOpenSslName()
|
|
{
|
|
return "aes-{$this->keySize}-gcm";
|
|
}
|
|
/**
|
|
* Same as static method and retained for backwards compatibility
|
|
*
|
|
* @return string
|
|
*/
|
|
public function getAesName()
|
|
{
|
|
return self::getStaticAesName();
|
|
}
|
|
public function getCurrentIv()
|
|
{
|
|
return $this->initializationVector;
|
|
}
|
|
public function createStream()
|
|
{
|
|
if (\version_compare(\PHP_VERSION, '7.1', '<')) {
|
|
return Psr7\Utils::streamFor(AesGcm::encrypt((string) $this->plaintext, $this->initializationVector, new Key($this->key), $this->aad, $this->tag, $this->keySize));
|
|
} else {
|
|
return Psr7\Utils::streamFor(\openssl_encrypt((string) $this->plaintext, $this->getOpenSslName(), $this->key, \OPENSSL_RAW_DATA, $this->initializationVector, $this->tag, $this->aad, $this->tagLength));
|
|
}
|
|
}
|
|
/**
|
|
* @return string
|
|
*/
|
|
public function getTag()
|
|
{
|
|
return $this->tag;
|
|
}
|
|
public function isWritable() : bool
|
|
{
|
|
return \false;
|
|
}
|
|
}
|