blob: 9435a209dd09dcd1b43f8f4e1022d770cb0c435d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
<?php
namespace Aws\S3;
use Aws\CommandInterface;
use Psr\Http\Message\RequestInterface;
/**
* Simplifies the SSE-C process by encoding and hashing the key.
* @internal
*/
class SSECMiddleware
{
private $endpointScheme;
private $nextHandler;
/**
* Provide the URI scheme of the client sending requests.
*
* @param string $endpointScheme URI scheme (http/https).
*
* @return callable
*/
public static function wrap($endpointScheme)
{
return function (callable $handler) use ($endpointScheme) {
return new self($endpointScheme, $handler);
};
}
public function __construct($endpointScheme, callable $nextHandler)
{
$this->nextHandler = $nextHandler;
$this->endpointScheme = $endpointScheme;
}
public function __invoke(
CommandInterface $command,
RequestInterface $request = null
) {
// Allows only HTTPS connections when using SSE-C
if (($command['SSECustomerKey'] || $command['CopySourceSSECustomerKey'])
&& $this->endpointScheme !== 'https'
) {
throw new \RuntimeException('You must configure your S3 client to '
. 'use HTTPS in order to use the SSE-C features.');
}
// Prepare the normal SSE-CPK headers
if ($command['SSECustomerKey']) {
$this->prepareSseParams($command);
}
// If it's a copy operation, prepare the SSE-CPK headers for the source.
if ($command['CopySourceSSECustomerKey']) {
$this->prepareSseParams($command, 'CopySource');
}
$f = $this->nextHandler;
return $f($command, $request);
}
private function prepareSseParams(CommandInterface $command, $prefix = '')
{
// Base64 encode the provided key
$key = $command[$prefix . 'SSECustomerKey'];
$command[$prefix . 'SSECustomerKey'] = base64_encode($key);
// Base64 the provided MD5 or, generate an MD5 if not provided
if ($md5 = $command[$prefix . 'SSECustomerKeyMD5']) {
$command[$prefix . 'SSECustomerKeyMD5'] = base64_encode($md5);
} else {
$command[$prefix . 'SSECustomerKeyMD5'] = base64_encode(md5($key, true));
}
}
}
|