Skip to content

SS4 Upgrade fixes #19

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Aug 25, 2021
Merged

SS4 Upgrade fixes #19

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
2eaa37f
Update checks for each fields
Aug 11, 2021
5353fbc
File::getFullPath() SS3 Incompatibility fixes
Aug 22, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
117 changes: 83 additions & 34 deletions src/AtRestCryptoService.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,23 +3,30 @@
namespace Madmatt\EncryptAtRest;

use Defuse\Crypto\Crypto;
use Defuse\Crypto\Exception\CannotPerformOperationException;
use Defuse\Crypto\Exception\CryptoTestFailedException;
use Defuse\Crypto\Exception\InvalidCiphertextException;
use Defuse\Crypto\Exception\InvalidInput;
use Defuse\Crypto\Exception\BadFormatException;
use Defuse\Crypto\Exception\EnvironmentIsBrokenException;
use Defuse\Crypto\Exception\WrongKeyOrModifiedCiphertextException;
use Defuse\Crypto\File;
use Defuse\Crypto\Key;
use Ex\CryptoException;
use Exception;
use InvalidArgumentException;
use Psr\Log\LoggerInterface;
use ReflectionClass;
use ReflectionException;
use SilverStripe\Assets\Storage\AssetStore;
use SilverStripe\Core\Environment;
use SilverStripe\Core\Injector\Injector;

class AtRestCryptoService
{

/**
* @param string $raw
* @param string $raw
* @param null|Key $key
*
* @return string
* @throws CannotPerformOperationException
* @throws CryptoTestFailedException
* @throws EnvironmentIsBrokenException
* @throws BadFormatException
*/
public function encrypt($raw, $key = null)
{
Expand All @@ -28,11 +35,13 @@ public function encrypt($raw, $key = null)
}

/**
* @param string $ciphertext
* @param string $ciphertext
* @param null|Key $key
*
* @return string
* @throws CannotPerformOperationException
* @throws InvalidCiphertextException
* @throws BadFormatException
* @throws EnvironmentIsBrokenException
* @throws WrongKeyOrModifiedCiphertextException
*/
public function decrypt($ciphertext, $key = null)
{
Expand All @@ -42,53 +51,70 @@ public function decrypt($ciphertext, $key = null)

/**
* @param \SilverStripe\Assets\File $file
* @param null|Key $key
* @return bool|\File
* @throws InvalidInput
* @throws CryptoException
* @param null|Key $key
*
* @return false|\SilverStripe\Assets\File
* @throws BadFormatException
* @throws EnvironmentIsBrokenException
*/
public function encryptFile($file, $key = null)
{
$key = $this->getKey($key);
$encryptedFilename = $file->getFullPath() . '.enc';
try {
File::encryptFile($file->getFullPath(), $encryptedFilename, $key);
unlink($file->getFullPath());
$file->Filename = $file->Filename . '.enc';
$currentPath = $this->getFullPath($file);
$encryptedFilename = $currentPath . '.enc';
File::encryptFile($currentPath, $encryptedFilename, $key);
$filename = $file->getFilename() . '.enc';
$file->deleteFile();
$file->File->setField('Filename', $filename);
$file->write();
$file->protectFile();

return $file;
} catch (Exception $e) {
print_r($e->getMessage());
SS_Log::log(sprintf('Encryption exception while parsing "%s": %s', $file->Name, $e->getMessage()), SS_Log::ERR);
Injector::inst()->get(LoggerInterface::class)
->error(sprintf('Encryption exception while parsing "%s": %s', $file->Name, $e->getMessage()));
return false;
}

}

/**
* @param \File $file
* @param \SilverStripe\Assets\File $file
* @param null|Key $key
* @return bool|\File
* @throws InvalidInput
* @throws CryptoException
*
* @return false|\SilverStripe\Assets\File
* @throws BadFormatException
* @throws EnvironmentIsBrokenException
*/
public function decryptFile($file, $key = null)
{
$key = $this->getKey($key);
$decryptedFilename = str_replace('.enc', '', $file->getFullPath());
try {
File::decryptFile($file->getFullPath(), $decryptedFilename, $key);
unlink($file->getFullPath());
$file->Filename = str_replace('.enc', '', $file->Filename);
$file->Name = str_replace('.enc', '', $file->Name);
$currentPath = $this->getFullPath($file);
$decryptedFilename = str_replace('.enc', '', $currentPath);
File::decryptFile($currentPath, $decryptedFilename, $key);
$filename = str_replace('.enc', '', $file->getFilename());
$file->deleteFile();
$file->File->setField('Filename', $filename);
$file->write();
$file->protectFile();

return $file;
} catch (Exception $e) {
SS_Log::log(sprintf('Decryption exception while parsing "%s": %s', $file->Name, $e->getMessage()), SS_Log::ERR);
Injector::inst()->get(LoggerInterface::class)
->error(sprintf('Decryption exception while parsing "%s": %s', $file->Name, $e->getMessage()));
return false;
}
}

/**
* @param $rawKey
*
* @return Key
* @throws BadFormatException
* @throws EnvironmentIsBrokenException
*/
public function getKey($rawKey)
{
// If this is already a \Defuse\Crypto\Key object, just return it
Expand All @@ -103,11 +129,34 @@ public function getKey($rawKey)
}

if ($rawKey === null) {
throw new \InvalidArgumentException('Can\'t encrypt without a key. Define ENCRYPT_AT_REST_KEY, or pass the $key argument.');
throw new InvalidArgumentException('Can\'t encrypt without a key. Define ENCRYPT_AT_REST_KEY, or pass the $key argument.');
}

$key = Key::LoadFromAsciiSafeString($rawKey);
return Key::LoadFromAsciiSafeString($rawKey);
}


return $key;
/**
* @param \SilverStripe\Assets\File $file
* @param string $visibility
* @return mixed
* @throws ReflectionException
*/
protected function getFullPath($file, $visibility = AssetStore::VISIBILITY_PROTECTED)
{
$assetStore = Injector::inst()->get(AssetStore::class);

$filesystem = $visibility === AssetStore::VISIBILITY_PROTECTED
? $assetStore->getProtectedFilesystem()
: $assetStore->getPublicFilesystem();
$adapter = $filesystem->getAdapter();

$reflection = new ReflectionClass(get_class($assetStore));
$method = $reflection->getMethod('getFileID');
$method->setAccessible(true);
$fileID = $method->invokeArgs($assetStore, [$file->Filename, $file->Hash, $file->Variant]);

return $adapter->applyPathPrefix($fileID);
}

}
5 changes: 4 additions & 1 deletion src/FieldType/EncryptedDatetime.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,11 @@ public function __construct($name = null, $options = [])

public function setValue($value, $record = null, $markChanged = true)
{
if (array_key_exists($this->name, $record) && $value === null) {
if (is_array($record) && array_key_exists($this->name, $record) && $value === null) {
$this->value = $record[$this->name];
} elseif (is_object($record) && property_exists($record, $this->name) && $value === null) {
$key = $this->name;
$this->value = $record->$key;
} else {
$this->value = $value;
}
Expand Down
5 changes: 4 additions & 1 deletion src/FieldType/EncryptedDecimal.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,11 @@ public function __construct($name = null, $wholeSize = 9, $decimalSize = 2, $def

public function setValue($value, $record = null, $markChanged = true)
{
if (array_key_exists($this->name, $record) && $value === null) {
if (is_array($record) && array_key_exists($this->name, $record) && $value === null) {
$this->value = $record[$this->name];
} elseif (is_object($record) && property_exists($record, $this->name) && $value === null) {
$key = $this->name;
$this->value = $record->$key;
} else {
$this->value = $value;
}
Expand Down
6 changes: 5 additions & 1 deletion src/FieldType/EncryptedEnum.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
use SilverStripe\Core\Injector\Injector;
use SilverStripe\ORM\DB;
use SilverStripe\ORM\FieldType\DBEnum;
use SilverStripe\ORM\ArrayLib;
use Madmatt\EncryptAtRest\AtRestCryptoService;

/**
Expand All @@ -30,8 +31,11 @@ public function __construct($name = null, $enum = null, $default = 0, $options =

public function setValue($value, $record = null, $markChanged = true)
{
if (array_key_exists($this->name, $record) && $value === null) {
if (is_array($record) && array_key_exists($this->name, $record) && $value === null) {
$this->value = $record[$this->name];
} elseif (is_object($record) && property_exists($record, $this->name) && $value === null) {
$key = $this->name;
$this->value = $record->$key;
} else {
$this->value = $value;
}
Expand Down
5 changes: 4 additions & 1 deletion src/FieldType/EncryptedInt.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,11 @@ public function __construct($name = null, $defaultVal = 0)

public function setValue($value, $record = null, $markChanged = true)
{
if (array_key_exists($this->name, $record) && $value === null) {
if (is_array($record) && array_key_exists($this->name, $record) && $value === null) {
$this->value = $record[$this->name];
} elseif (is_object($record) && property_exists($record, $this->name) && $value === null) {
$key = $this->name;
$this->value = $record->$key;
} else {
$this->value = $value;
}
Expand Down
5 changes: 4 additions & 1 deletion src/FieldType/EncryptedText.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,11 @@ public function __construct($name = null, $options = [])

public function setValue($value, $record = null, $markChanged = true)
{
if (array_key_exists($this->name, $record) && $value === null) {
if (is_array($record) && array_key_exists($this->name, $record) && $value === null) {
$this->value = $record[$this->name];
} elseif (is_object($record) && property_exists($record, $this->name) && $value === null) {
$key = $this->name;
$this->value = $record->$key;
} else {
$this->value = $value;
}
Expand Down