Malin
3248cbb029
Adds a new 'S3-Compatible Storage' provider that works with any
S3-API-compatible object storage service, including MinIO, Ceph,
Cloudflare R2, Backblaze B2, and others.
Changes:
- New provider class: classes/providers/storage/s3-compatible-provider.php
- Provider key: s3compatible
- Reads user-configured endpoint URL from settings
- Uses path-style URL access (required by most S3-compatible services)
- Supports credentials via AS3CF_S3COMPAT_ACCESS_KEY_ID /
AS3CF_S3COMPAT_SECRET_ACCESS_KEY wp-config.php constants
- Disables AWS-specific features (Block Public Access, Object Ownership)
- New provider SVG icons (s3compatible.svg, -link.svg, -round.svg)
- Registered provider in main plugin class with endpoint setting support
- Updated StorageProviderSubPage to show endpoint URL input for S3-compatible
- Built pro settings bundle with rollup (Svelte 4.2.19)
- Added package.json and updated rollup.config.mjs for pro-only builds
93 lines
3.2 KiB
PHP
93 lines
3.2 KiB
PHP
<?php
|
|
|
|
namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto;
|
|
|
|
abstract class MaterialsProvider implements MaterialsProviderInterface
|
|
{
|
|
private static $supportedKeySizes = [128 => \true, 192 => \true, 256 => \true];
|
|
/**
|
|
* Returns if the requested size is supported by AES.
|
|
*
|
|
* @param int $keySize Size of the requested key in bits.
|
|
*
|
|
* @return bool
|
|
*/
|
|
public static function isSupportedKeySize($keySize)
|
|
{
|
|
return isset(self::$supportedKeySizes[$keySize]);
|
|
}
|
|
/**
|
|
* Performs further initialization of the MaterialsProvider based on the
|
|
* data inside the MetadataEnvelope.
|
|
*
|
|
* @param MetadataEnvelope $envelope A storage envelope for encryption
|
|
* metadata to be read from.
|
|
*
|
|
* @return MaterialsProvider
|
|
*
|
|
* @throws \RuntimeException Thrown when there is an empty or improperly
|
|
* formed materials description in the envelope.
|
|
*
|
|
* @internal
|
|
*/
|
|
public abstract function fromDecryptionEnvelope(MetadataEnvelope $envelope);
|
|
/**
|
|
* Returns the material description for this Provider so it can be verified
|
|
* by encryption mechanisms.
|
|
*
|
|
* @return string
|
|
*/
|
|
public abstract function getMaterialsDescription();
|
|
/**
|
|
* Returns the wrap algorithm name for this Provider.
|
|
*
|
|
* @return string
|
|
*/
|
|
public abstract function getWrapAlgorithmName();
|
|
/**
|
|
* Takes a content encryption key (CEK) and description to return an
|
|
* encrypted key according to the Provider's specifications.
|
|
*
|
|
* @param string $unencryptedCek Key for use in encrypting other data
|
|
* that itself needs to be encrypted by the
|
|
* Provider.
|
|
* @param string $materialDescription Material Description for use in
|
|
* encrypting the $cek.
|
|
*
|
|
* @return string
|
|
*/
|
|
public abstract function encryptCek($unencryptedCek, $materialDescription);
|
|
/**
|
|
* Takes an encrypted content encryption key (CEK) and material description
|
|
* for use decrypting the key according to the Provider's specifications.
|
|
*
|
|
* @param string $encryptedCek Encrypted key to be decrypted by the Provider
|
|
* for use decrypting other data.
|
|
* @param string $materialDescription Material Description for use in
|
|
* encrypting the $cek.
|
|
*
|
|
* @return string
|
|
*/
|
|
public abstract function decryptCek($encryptedCek, $materialDescription);
|
|
/**
|
|
* @param string $keySize Length of a cipher key in bits for generating a
|
|
* random content encryption key (CEK).
|
|
*
|
|
* @return string
|
|
*/
|
|
public function generateCek($keySize)
|
|
{
|
|
return \openssl_random_pseudo_bytes($keySize / 8);
|
|
}
|
|
/**
|
|
* @param string $openSslName Cipher OpenSSL name to use for generating
|
|
* an initialization vector.
|
|
*
|
|
* @return string
|
|
*/
|
|
public function generateIv($openSslName)
|
|
{
|
|
return \openssl_random_pseudo_bytes(\openssl_cipher_iv_length($openSslName));
|
|
}
|
|
}
|