Documentation

S3EncryptionMultipartUploader extends MultipartUploader
in package

Application

Uses CipherBuilderTrait, CryptoParamsTrait, EncryptionTrait, UserAgentTrait

Encapsulates the execution of a multipart upload of an encrypted object to S3.

Legacy implementation using older encryption workflow. Use S3EncryptionMultipartUploaderV2 if possible.

CRYPTO_VERSION


    public
    mixed
    CRYPTO_VERSION
    = '1n'

PART_MAX_NUM


    public
    mixed
    PART_MAX_NUM
    = 10000

PART_MAX_SIZE


    public
    mixed
    PART_MAX_SIZE
    = 5368709120

PART_MIN_SIZE


    public
    mixed
    PART_MIN_SIZE
    = 5242880

$source


    protected
        StreamInterface
    $source

Source of the data to be uploaded.

$allowedOptions


    private
    static    mixed
    $allowedOptions
     = ['Cipher' => true, 'KeySize' => true, 'Aad' => true]

$instructionFileSuffix


    private
        mixed
    $instructionFileSuffix

$provider


    private
        mixed
    $provider

$strategy


    private
        mixed
    $strategy

__construct()

Creates a multipart upload for an S3 object after encrypting it.


    public
                __construct(S3ClientInterface $client, mixed $source[, array<string|int, mixed> $config = [] ]) : mixed

The required configuration options are as follows:

@MaterialsProvider: (MaterialsProvider) Provides Cek, Iv, and Cek encrypting/decrypting for encryption metadata.
@CipherOptions: (array) Cipher options for encrypting data. A Cipher is required. Accepts the following options: - Cipher: (string) cbc|gcm See also: AbstractCryptoClient::$supportedCiphers. Note that cbc is deprecated and gcm should be used when possible. - KeySize: (int) 128|192|256 See also: MaterialsProvider::$supportedKeySizes - Aad: (string) Additional authentication data. This option is passed directly to OpenSSL when using gcm. It is ignored when using cbc.
bucket: (string) Name of the bucket to which the object is being uploaded.
key: (string) Key to use for the object being uploaded.

The optional configuration arguments are as follows:

@MetadataStrategy: (MetadataStrategy|string|null) Strategy for storing MetadataEnvelope information. Defaults to using a HeadersMetadataStrategy. Can either be a class implementing MetadataStrategy, a class name of a predefined strategy, or empty/null to default.
@InstructionFileSuffix: (string|null) Suffix used when writing to an instruction file if an using an InstructionFileMetadataHandler was determined.
acl: (string) ACL to set on the object being upload. Objects are private by default.
before_complete: (callable) Callback to invoke before the CompleteMultipartUpload operation. The callback should have a function signature like function (Aws\Command $command) {...}.
before_initiate: (callable) Callback to invoke before the CreateMultipartUpload operation. The callback should have a function signature like function (Aws\Command $command) {...}.
before_upload: (callable) Callback to invoke before any UploadPart operations. The callback should have a function signature like function (Aws\Command $command) {...}.
concurrency: (int, default=int(5)) Maximum number of concurrent UploadPart operations allowed during the multipart upload.
params: (array) An array of key/value parameters that will be applied to each of the sub-commands run by the uploader as a base. Auto-calculated options will override these parameters. If you need more granularity over parameters to each sub-command, use the before_* options detailed above to update the commands directly.
part_size: (int, default=int(5242880)) Part size, in bytes, to use when doing a multipart upload. This must between 5 MB and 5 GB, inclusive.
state: (Aws\Multipart\UploadState) An object that represents the state of the multipart upload and that is used to resume a previous upload. When this option is provided, the bucket, key, and part_size options are ignored.

Parameters

$client : S3ClientInterface: Client used for the upload.
$source : mixed: Source of the data to upload.
$config : array<string|int, mixed> = []: Configuration used to perform the upload.

Return values

mixed —

getStateFromService()

Creates an UploadState object for a multipart upload by querying the service for the specified upload's information.


    public
            static    getStateFromService(S3ClientInterface $client, string $bucket, string $key, string $uploadId) : UploadState

Parameters

$client : S3ClientInterface: S3Client used for the upload.
$bucket : string: Bucket for the multipart upload.
$key : string: Object key for the multipart upload.
$uploadId : string: Upload ID for the multipart upload.

Return values

UploadState —

isSupportedCipher()

Returns if the passed cipher name is supported for encryption by the SDK.


    public
            static    isSupportedCipher(string $cipherName) : bool

Parameters

$cipherName : string: The name of a cipher to verify is registered.

Return values

bool —

If the cipher passed is in our supported list.

createPart()

Generates the parameters for an upload part by analyzing a range of the source starting from the current offset up to the part size.


    protected
    abstract            createPart(bool $seekable, int $number) : array<string|int, mixed>|null

Parameters

$seekable : bool
$number : int

Return values

array<string|int, mixed>|null —

determineGetObjectStrategy()


    protected
                determineGetObjectStrategy(mixed $result, mixed $instructionFileSuffix) : mixed

Parameters

$result : mixed
$instructionFileSuffix : mixed

Return values

mixed —

determinePartSize()


    protected
                determinePartSize() : mixed

Return values

mixed —

extractETag()


    protected
    abstract            extractETag(ResultInterface $result) : mixed

Parameters

$result : ResultInterface

Return values

mixed —

getCipherOpenSslName()

Returns an identifier recognizable by `openssl_*` functions, such as `aes-256-cbc` or `aes-128-ctr`.


    protected
                getCipherOpenSslName(string $cipherName, int $keySize) : string

Parameters

$cipherName : string: Name of the cipher being used for encrypting or decrypting.
$keySize : int: Size of the encryption key, in bits, that will be used.

Return values

string —

getCompleteParams()


    protected
                getCompleteParams() : mixed

Return values

mixed —

getConfig()


    protected
    abstract            getConfig() : array<string|int, mixed>

Return values

array<string|int, mixed> —

getInitiateParams()


    protected
                getInitiateParams() : mixed

Return values

mixed —

getInstructionFileSuffix()


    protected
                getInstructionFileSuffix(array<string|int, mixed> $args) : mixed

Parameters

$args : array<string|int, mixed>

Return values

mixed —

getMaterialsProvider()


    protected
                getMaterialsProvider(array<string|int, mixed> $args) : mixed

Parameters

$args : array<string|int, mixed>

Return values

mixed —

getMetadataStrategy()


    protected
                getMetadataStrategy(array<string|int, mixed> $args, mixed $instructionFileSuffix) : mixed

Parameters

$args : array<string|int, mixed>
$instructionFileSuffix : mixed

Return values

mixed —

getNumberOfParts()


    protected
                getNumberOfParts(mixed $partSize) : mixed

Parameters

$partSize : mixed

Return values

mixed —

getSourceMimeType()


    protected
    abstract            getSourceMimeType() : string|null

Return values

string|null —

getSourceSize()


    protected
    abstract            getSourceSize() : int

Return values

int —

getState()


    protected
    abstract            getState() : UploadState

Return values

UploadState —

getUploadCommands()


    protected
                getUploadCommands(callable $resultHandler) : mixed

Parameters

$resultHandler : callable

Return values

mixed —

handleResult()


    protected
                handleResult(CommandInterface $command, ResultInterface $result) : mixed

Parameters

$command : CommandInterface
$result : ResultInterface

Return values

mixed —

limitPartStream()

Create a stream for a part that starts at the current position and has a length of the upload part size (or less with the final part).


    protected
                limitPartStream(StreamInterface $stream) : LimitStream

Parameters

$stream : StreamInterface

Return values

LimitStream —

loadUploadWorkflowInfo()


    protected
                loadUploadWorkflowInfo() : mixed

Return values

mixed —

appendUserAgent()


    private
                appendUserAgent(AwsClientInterface $client, mixed $agentString) : mixed

Parameters

$client : AwsClientInterface
$agentString : mixed

Return values

mixed —

decorateWithHashes()

Decorates a stream with a sha256 linear hashing stream.


    private
                decorateWithHashes(StreamInterface $stream, array<string|int, mixed> &$data) : StreamInterface

Parameters

$stream : StreamInterface: Stream to decorate.
$data : array<string|int, mixed>: Part data to augment with the hash result.

Return values

StreamInterface —

determineSource()

Turns the provided source into a stream and stores it.


    private
                determineSource(mixed $source) : StreamInterface

If a string is provided, it is assumed to be a filename, otherwise, it passes the value directly to Psr7\stream_for().

Parameters

$source : mixed

Return values

StreamInterface —

getDefaultStrategy()


    private
            static    getDefaultStrategy() : mixed

Return values

mixed —

getEncryptingDataPreparer()


    private
                getEncryptingDataPreparer() : mixed

Return values

mixed —

isEof()

Checks if the source is at EOF.


    private
                isEof(bool $seekable) : bool

Parameters

$seekable : bool

Return values

bool —