Repository: soarecostin/file-vault
Branch: master
Commit: ee40ef4a3a7a
Files: 19
Total size: 35.9 KB
Directory structure:
gitextract_g6gyxadn/
├── .editorconfig
├── .gitattributes
├── .gitignore
├── .scrutinizer.yml
├── .styleci.yml
├── .travis.yml
├── CHANGELOG.md
├── CONTRIBUTING.md
├── LICENSE.md
├── README.md
├── composer.json
├── config/
│ └── config.php
├── phpunit.xml.dist
├── src/
│ ├── Facades/
│ │ └── FileVault.php
│ ├── FileEncrypter.php
│ ├── FileVault.php
│ └── FileVaultServiceProvider.php
├── storage/
│ └── app/
│ └── .gitignore
└── tests/
└── FileVaultTest.php
================================================
FILE CONTENTS
================================================
================================================
FILE: .editorconfig
================================================
; This file is for unifying the coding style for different editors and IDEs.
; More information at http://editorconfig.org
root = true
[*]
charset = utf-8
indent_size = 4
indent_style = space
end_of_line = lf
insert_final_newline = true
trim_trailing_whitespace = true
[*.md]
trim_trailing_whitespace = false
================================================
FILE: .gitattributes
================================================
# Path-based git attributes
# https://www.kernel.org/pub/software/scm/git/docs/gitattributes.html
# Ignore all test and documentation with "export-ignore".
/.gitattributes export-ignore
/.gitignore export-ignore
/.travis.yml export-ignore
/phpunit.xml.dist export-ignore
/.scrutinizer.yml export-ignore
/tests export-ignore
/.editorconfig export-ignore
================================================
FILE: .gitignore
================================================
build
composer.lock
docs
vendor
coverage
================================================
FILE: .scrutinizer.yml
================================================
filter:
excluded_paths: [tests/*]
checks:
php:
remove_extra_empty_lines: true
remove_php_closing_tag: true
remove_trailing_whitespace: true
fix_use_statements:
remove_unused: true
preserve_multiple: false
preserve_blanklines: true
order_alphabetically: true
fix_php_opening_tag: true
fix_linefeed: true
fix_line_ending: true
fix_identation_4spaces: true
fix_doc_comments: true
================================================
FILE: .styleci.yml
================================================
preset: laravel
disabled:
- single_class_element_per_statement
================================================
FILE: .travis.yml
================================================
language: php
php:
- 7.2
- 7.3
env:
matrix:
- COMPOSER_FLAGS="--prefer-lowest"
- COMPOSER_FLAGS=""
before_script:
- travis_retry composer self-update
- travis_retry composer update ${COMPOSER_FLAGS} --no-interaction --prefer-source
script:
- vendor/bin/phpunit --coverage-text --coverage-clover=coverage.clover
after_script:
- php vendor/bin/ocular code-coverage:upload --format=php-clover coverage.clover
================================================
FILE: CHANGELOG.md
================================================
# Changelog
All notable changes to `file-vault` will be documented in this file
## 1.0.0 - 201X-XX-XX
- initial release
================================================
FILE: CONTRIBUTING.md
================================================
# Contributing
Contributions are **welcome** and will be fully **credited**.
Please read and understand the contribution guide before creating an issue or pull request.
## Etiquette
This project is open source, and as such, the maintainers give their free time to build and maintain the source code
held within. They make the code freely available in the hope that it will be of use to other developers. It would be
extremely unfair for them to suffer abuse or anger for their hard work.
Please be considerate towards maintainers when raising issues or presenting pull requests. Let's show the
world that developers are civilized and selfless people.
It's the duty of the maintainer to ensure that all submissions to the project are of sufficient
quality to benefit the project. Many developers have different skillsets, strengths, and weaknesses. Respect the maintainer's decision, and do not be upset or abusive if your submission is not used.
## Viability
When requesting or submitting new features, first consider whether it might be useful to others. Open
source projects are used by many developers, who may have entirely different needs to your own. Think about
whether or not your feature is likely to be used by other users of the project.
## Procedure
Before filing an issue:
- Attempt to replicate the problem, to ensure that it wasn't a coincidental incident.
- Check to make sure your feature suggestion isn't already present within the project.
- Check the pull requests tab to ensure that the bug doesn't have a fix in progress.
- Check the pull requests tab to ensure that the feature isn't already in progress.
Before submitting a pull request:
- Check the codebase to ensure that your feature doesn't already exist.
- Check the pull requests to ensure that another person hasn't already submitted the feature or fix.
## Requirements
If the project maintainer has any additional requirements, you will find them listed here.
- **[PSR-2 Coding Standard](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md)** - The easiest way to apply the conventions is to install [PHP Code Sniffer](https://pear.php.net/package/PHP_CodeSniffer).
- **Add tests!** - Your patch won't be accepted if it doesn't have tests.
- **Document any change in behaviour** - Make sure the `README.md` and any other relevant documentation are kept up-to-date.
- **Consider our release cycle** - We try to follow [SemVer v2.0.0](https://semver.org/). Randomly breaking public APIs is not an option.
- **One pull request per feature** - If you want to do more than one thing, send multiple pull requests.
- **Send coherent history** - Make sure each individual commit in your pull request is meaningful. If you had to make multiple intermediate commits while developing, please [squash them](https://www.git-scm.com/book/en/v2/Git-Tools-Rewriting-History#Changing-Multiple-Commit-Messages) before submitting.
**Happy coding**!
================================================
FILE: LICENSE.md
================================================
MIT License
Copyright (c) Costin Soare
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
================================================
FILE: README.md
================================================
# File encryption / decryption in Laravel
[](https://packagist.org/packages/soarecostin/file-vault)
[](LICENSE.md)
[](https://travis-ci.org/soarecostin/file-vault)
[](https://scrutinizer-ci.com/g/soarecostin/file-vault)
[](https://styleci.io/repos/221933072)
[](https://packagist.org/packages/soarecostin/file-vault)
With this package, you can encrypt and decrypt files of any size in your Laravel project. This package uses streams and [CBC encryption](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_Block_Chaining_(CBC)), encrypting / decrypting a segment of data at a time.
## Installation and usage
This package requires PHP 7.2 and Laravel 5.8 or higher.
You can install the package via composer:
```bash
composer require soarecostin/file-vault
```
## Usage
### Tutorials
For a detailed description of how to encrypt files in Laravel using this package, please see the following articles:
- [Part 1: How to encrypt large files in Laravel](https://medium.com/swlh/how-to-encrypt-large-files-in-laravel-293460836ded?source=friends_link&sk=976ab6e5d1cfb52e10c801fe0cb04fca)
- [Part 2: How to encrypt & upload large files to Amazon S3 in Laravel](https://medium.com/@soarecostin/how-to-encrypt-upload-large-files-to-amazon-s3-in-laravel-af88324a9aa?sk=a9a358a3892e898a60448d5314fb3dc0)
### Description
This package will automatically register a facade called `FileVault`. The `FileVault` facade is using the Laravel `Storage` and will allow you to specify a `disk`, just as you would normally do when working with Laravel Storage. All file names/paths that you will have to pass into the package encrypt/decrypt functions are relative to the disk root folder. By default, the `local` disk is used, but you can either specify a different disk each time you call one of `FileVault` methods, or you can set the default disk to something else, by publishing this package's config file.
If you want to change the default `disk` or change the `key`/`cipher` used for encryption, you can publish the config file:
```
php artisan vendor:publish --provider="SoareCostin\FileVault\FileVaultServiceProvider"
```
This is the contents of the published file:
``` php
return [
/*
* The default key used for all file encryption / decryption
* This package will look for a FILE_VAULT_KEY in your env file
* If no FILE_VAULT_KEY is found, then it will use your Laravel APP_KEY
*/
'key' => env('FILE_VAULT_KEY', env('APP_KEY')),
/*
* The cipher used for encryption.
* Supported options are AES-128-CBC and AES-256-CBC
*/
'cipher' => 'AES-256-CBC',
/*
* The Storage disk used by default to locate your files.
*/
'disk' => 'local',
];
```
### Encrypting a file
The `encrypt` method will search for a file, encrypt it and save it in the same directory, while deleting the original file.
``` php
public function encrypt(string $sourceFile, string $destFile = null, $deleteSource = true)
```
The `encryptCopy` method will search for a file, encrypt it and save it in the same directory, while preserving the original file.
``` php
public function encryptCopy(string $sourceFile, string $destFile = null)
```
#### Examples:
The following example will search for `file.txt` into the `local` disk, save the encrypted file as `file.txt.enc` and delete the original `file.txt`:
``` php
FileVault::encrypt('file.txt');
```
You can also specify a different `disk`, just as you would normally with the Laravel `Storage` facade:
``` php
FileVault::disk('s3')->encrypt('file.txt');
```
You can also specify a different name for the encrypted file by passing in a second parameter. The following example will search for `file.txt` into the `local` disk, save the encrypted file as `encrypted.txt` and delete the original `file.txt`:
``` php
FileVault::encrypt('file.txt', 'encrypted.txt');
```
The following examples both achive the same results as above, with the only difference that the original file is not deleted:
``` php
// save the encrypted copy to file.txt.enc
FileVault::encryptCopy('file.txt');
// or save the encrypted copy with a different name
FileVault::encryptCopy('file.txt', 'encrypted.txt');
```
### Decrypting a file
The `decrypt` method will search for a file, decrypt it and save it in the same directory, while deleting the encrypted file.
``` php
public function decrypt(string $sourceFile, string $destFile = null, $deleteSource = true)
```
The `decryptCopy` method will search for a file, decrypt it and save it in the same directory, while preserving the encrypted file.
``` php
public function decryptCopy(string $sourceFile, string $destFile = null)
```
#### Examples:
The following example will search for `file.txt.enc` into the `local` disk, save the decrypted file as `file.txt` and delete the encrypted file `file.txt.enc`:
``` php
FileVault::decrypt('file.txt.enc');
```
If the file that needs to be decrypted doesn't end with the `.enc` extension, the decrypted file will have the `.dec` extention. The following example will search for `encrypted.txt` into the `local` disk, save the decrypted file as `encrypted.txt.dec` and delete the encrypted file `encrypted.txt`:
``` php
FileVault::decrypt('encrypted.txt');
```
As with the encryption, you can also specify a different `disk`, just as you would normally with the Laravel `Storage` facade:
``` php
FileVault::disk('s3')->decrypt('file.txt.enc');
```
You can also specify a different name for the decrypted file by passing in a second parameter. The following example will search for `encrypted.txt` into the `local` disk, save the decrypted file as `decrypted.txt` and delete the original `encrypted.txt`:
``` php
FileVault::decrypt('encrypted.txt', 'decrypted.txt');
```
The following examples both achive the same results as above, with the only difference that the original (encrypted) file is not deleted:
``` php
// save the decrypted copy to file.txt while preserving file.txt.enc
FileVault::decryptCopy('file.txt.enc');
// or save the decrypted copy with a different name, while preserving the file.txt.enc
FileVault::decryptCopy('file.txt.enc', 'decrypted.txt');
```
### Streaming a decrypted file
Sometimes you will only want to allow users to download the decrypted file, but you don't need to store the actual decrypted file. For this, you can use the `streamDecrypt` function that will decrypt the file and will write it to the `php://output` stream. You can use the Laravel [`streamDownload` method](https://laravel.com/docs/6.x/responses#file-downloads) (available since 5.6) in order to generate a downloadable response:
``` php
return response()->streamDownload(function () {
FileVault::streamDecrypt('file.txt')
}, 'laravel-readme.md');
```
### Using a different key for each file
You may need to use different keys to encrypt your files. You can explicitly specify the key used for encryption using the `key` method.
``` php
FileVault::key($encryptionKey)->encrypt('file.txt');
```
Please note that the encryption key must be 16 bytes long for the `AES-128-CBC` cipher and 32 bytes long for the `AES-256-CBC` cipher.
You can generate a key with the correct length (based on the cipher specified in the config file) by using the `generateKey` method:
``` php
$encryptionKey = FileVault::generateKey();
```
## Testing
Run the tests with:
``` bash
composer test
```
### Changelog
Please see [CHANGELOG](CHANGELOG.md) for more information what has changed recently.
## Contributing
Please see [CONTRIBUTING](CONTRIBUTING.md) for details.
### Security
If you discover any security related issues, please email soarecostin@gmail.com instead of using the issue tracker.
## Credits
- [Costin Soare](https://github.com/soarecostin)
- [All Contributors](../../contributors)
## License
The MIT License (MIT). Please see [License File](LICENSE.md) for more information.
## Laravel Package Boilerplate
This package was generated using the [Laravel Package Boilerplate](https://laravelpackageboilerplate.com).
================================================
FILE: composer.json
================================================
{
"name": "soarecostin/file-vault",
"description": "",
"keywords": [
"laravel", "encrypt", "decrypt", "encryption", "decryption",
"cbc", "php", "file", "file-vault"
],
"homepage": "https://github.com/soarecostin/file-vault",
"license": "MIT",
"type": "library",
"authors": [
{
"name": "Costin Soare",
"email": "soarecostin@gmail.com",
"role": "Developer"
}
],
"require": {
"php": "^7.2|^8.0",
"illuminate/support": "5.8.* || 6.*.* || ^7.0 || ^8.0"
},
"require-dev": {
"orchestra/testbench": "^5.0|^6.0",
"phpunit/phpunit": "^8.0"
},
"autoload": {
"psr-4": {
"SoareCostin\\FileVault\\": "src"
}
},
"autoload-dev": {
"psr-4": {
"SoareCostin\\FileVault\\Tests\\": "tests"
}
},
"scripts": {
"test": "vendor/bin/phpunit",
"test-coverage": "vendor/bin/phpunit --coverage-html coverage"
},
"config": {
"sort-packages": true
},
"extra": {
"laravel": {
"providers": [
"SoareCostin\\FileVault\\FileVaultServiceProvider"
],
"aliases": {
"FileVault": "SoareCostin\\FileVault\\Facades\\FileVault"
}
}
}
}
================================================
FILE: config/config.php
================================================
<?php
return [
/*
* The default key used for all file encryption / decryption
* This package will look for a FILE_VAULT_KEY in your env file
* If no FILE_VAULT_KEY is found, then it will use your Laravel APP_KEY
*/
'key' => env('FILE_VAULT_KEY', env('APP_KEY')),
/*
* The cipher used for encryption.
* Supported options are AES-128-CBC and AES-256-CBC
*/
'cipher' => 'AES-256-CBC',
/*
* The Storage disk used by default to locate your files.
*/
'disk' => 'local',
];
================================================
FILE: phpunit.xml.dist
================================================
<?xml version="1.0" encoding="UTF-8"?>
<phpunit bootstrap="vendor/autoload.php"
backupGlobals="false"
backupStaticAttributes="false"
colors="true"
verbose="true"
convertErrorsToExceptions="true"
convertNoticesToExceptions="true"
convertWarningsToExceptions="true"
processIsolation="false"
stopOnFailure="false">
<testsuites>
<testsuite name="Test Suite">
<directory>tests</directory>
</testsuite>
</testsuites>
<filter>
<whitelist>
<directory suffix=".php">src/</directory>
</whitelist>
</filter>
<logging>
<log type="tap" target="build/report.tap"/>
<log type="junit" target="build/report.junit.xml"/>
<log type="coverage-html" target="build/coverage" charset="UTF-8" yui="true" highlight="true"/>
<log type="coverage-text" target="build/coverage.txt"/>
<log type="coverage-clover" target="build/logs/clover.xml"/>
</logging>
</phpunit>
================================================
FILE: src/Facades/FileVault.php
================================================
<?php
namespace SoareCostin\FileVault\Facades;
use Illuminate\Support\Facades\Facade;
/**
* @method static mixed disk(string $disk)
* @method static mixed key(string $key)
* @method static mixed encrypt(string $sourceFile, string $destFile = null, $deleteSource = true)
* @method static mixed encryptCopy(string $sourceFile, string $destFile = null)
* @method static mixed decrypt(string $sourceFile, string $destFile = null, $deleteSource = true)
* @method static mixed decryptCopy(string $sourceFile, string $destFile = null)
*
* @see \SoareCostin\FileVault\FileVault
*/
class FileVault extends Facade
{
/**
* Get the registered name of the component.
*
* @return string
*/
protected static function getFacadeAccessor()
{
return 'file-vault';
}
}
================================================
FILE: src/FileEncrypter.php
================================================
<?php
namespace SoareCostin\FileVault;
use Exception;
use Illuminate\Support\Str;
use RuntimeException;
class FileEncrypter
{
/**
* Define the number of blocks that should be read from the source file for each chunk.
* We chose 255 because on decryption we want to read chunks of 4kb ((255 + 1)*16).
*/
protected const FILE_ENCRYPTION_BLOCKS = 255;
/**
* The encryption key.
*
* @var string
*/
protected $key;
/**
* The algorithm used for encryption.
*
* @var string
*/
protected $cipher;
/**
* Create a new encrypter instance.
*
* @param string $key
* @param string $cipher
* @return void
*
* @throws \RuntimeException
*/
public function __construct($key, $cipher = 'AES-128-CBC')
{
// If the key starts with "base64:", we will need to decode the key before handing
// it off to the encrypter. Keys may be base-64 encoded for presentation and we
// want to make sure to convert them back to the raw bytes before encrypting.
if (Str::startsWith($key, 'base64:')) {
$key = base64_decode(substr($key, 7));
}
if (static::supported($key, $cipher)) {
$this->key = $key;
$this->cipher = $cipher;
} else {
throw new RuntimeException('The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths.');
}
}
/**
* Determine if the given key and cipher combination is valid.
*
* @param string $key
* @param string $cipher
* @return bool
*/
public static function supported($key, $cipher)
{
$length = mb_strlen($key, '8bit');
return ($cipher === 'AES-128-CBC' && $length === 16) ||
($cipher === 'AES-256-CBC' && $length === 32);
}
/**
* Encrypts the source file and saves the result in a new file.
*
* @param string $sourcePath Path to file that should be encrypted
* @param string $destPath File name where the encryped file should be written to.
* @return bool
*/
public function encrypt($sourcePath, $destPath)
{
$fpOut = $this->openDestFile($destPath);
$fpIn = $this->openSourceFile($sourcePath);
// Put the initialzation vector to the beginning of the file
$iv = openssl_random_pseudo_bytes(16);
fwrite($fpOut, $iv);
$numberOfChunks = ceil(filesize($sourcePath) / (16 * self::FILE_ENCRYPTION_BLOCKS));
$i = 0;
while (! feof($fpIn)) {
$plaintext = fread($fpIn, 16 * self::FILE_ENCRYPTION_BLOCKS);
$ciphertext = openssl_encrypt($plaintext, $this->cipher, $this->key, OPENSSL_RAW_DATA, $iv);
// Because Amazon S3 will randomly return smaller sized chunks:
// Check if the size read from the stream is different than the requested chunk size
// In this scenario, request the chunk again, unless this is the last chunk
if (strlen($plaintext) !== 16 * self::FILE_ENCRYPTION_BLOCKS
&& $i + 1 < $numberOfChunks
) {
fseek($fpIn, 16 * self::FILE_ENCRYPTION_BLOCKS * $i);
continue;
}
// Use the first 16 bytes of the ciphertext as the next initialization vector
$iv = substr($ciphertext, 0, 16);
fwrite($fpOut, $ciphertext);
$i++;
}
fclose($fpIn);
fclose($fpOut);
return true;
}
/**
* Decrypts the source file and saves the result in a new file.
*
* @param string $sourcePath Path to file that should be decrypted
* @param string $destPath File name where the decryped file should be written to.
* @return bool
*/
public function decrypt($sourcePath, $destPath)
{
$fpOut = $this->openDestFile($destPath);
$fpIn = $this->openSourceFile($sourcePath);
// Get the initialzation vector from the beginning of the file
$iv = fread($fpIn, 16);
$numberOfChunks = ceil((filesize($sourcePath) - 16) / (16 * (self::FILE_ENCRYPTION_BLOCKS + 1)));
$i = 0;
while (! feof($fpIn)) {
// We have to read one block more for decrypting than for encrypting because of the initialization vector
$ciphertext = fread($fpIn, 16 * (self::FILE_ENCRYPTION_BLOCKS + 1));
$plaintext = openssl_decrypt($ciphertext, $this->cipher, $this->key, OPENSSL_RAW_DATA, $iv);
// Because Amazon S3 will randomly return smaller sized chunks:
// Check if the size read from the stream is different than the requested chunk size
// In this scenario, request the chunk again, unless this is the last chunk
if (strlen($ciphertext) !== 16 * (self::FILE_ENCRYPTION_BLOCKS + 1)
&& $i + 1 < $numberOfChunks
) {
fseek($fpIn, 16 + 16 * (self::FILE_ENCRYPTION_BLOCKS + 1) * $i);
continue;
}
if ($plaintext === false) {
throw new Exception('Decryption failed');
}
// Get the the first 16 bytes of the ciphertext as the next initialization vector
$iv = substr($ciphertext, 0, 16);
fwrite($fpOut, $plaintext);
$i++;
}
fclose($fpIn);
fclose($fpOut);
return true;
}
protected function openDestFile($destPath)
{
if (($fpOut = fopen($destPath, 'w')) === false) {
throw new Exception('Cannot open file for writing');
}
return $fpOut;
}
protected function openSourceFile($sourcePath)
{
$contextOpts = Str::startsWith($sourcePath, 's3://') ? ['s3' => ['seekable' => true]] : [];
if (($fpIn = fopen($sourcePath, 'r', false, stream_context_create($contextOpts))) === false) {
throw new Exception('Cannot open file for reading');
}
return $fpIn;
}
}
================================================
FILE: src/FileVault.php
================================================
<?php
namespace SoareCostin\FileVault;
use Illuminate\Support\Facades\Storage;
use Illuminate\Support\Str;
class FileVault
{
/**
* The storage disk.
*
* @var string
*/
protected $disk;
/**
* The encryption key.
*
* @var string
*/
protected $key;
/**
* The algorithm used for encryption.
*
* @var string
*/
protected $cipher;
/**
* The storage adapter.
*
* @var string
*/
protected $adapter;
public function __construct()
{
$this->disk = config('file-vault.disk');
$this->key = config('file-vault.key');
$this->cipher = config('file-vault.cipher');
}
/**
* Set the disk where the files are located.
*
* @param string $disk
* @return $this
*/
public function disk($disk)
{
$this->disk = $disk;
return $this;
}
/**
* Set the encryption key.
*
* @param string $key
* @return $this
*/
public function key($key)
{
$this->key = $key;
return $this;
}
/**
* Create a new encryption key for the given cipher.
*
* @return string
*/
public static function generateKey()
{
return random_bytes(config('file-vault.cipher') === 'AES-128-CBC' ? 16 : 32);
}
/**
* Encrypt the passed file and saves the result in a new file with ".enc" as suffix.
*
* @param string $sourceFile Path to file that should be encrypted, relative to the storage disk specified
* @param string $destFile File name where the encryped file should be written to, relative to the storage disk specified
* @return $this
*/
public function encrypt($sourceFile, $destFile = null, $deleteSource = true)
{
$this->registerServices();
if (is_null($destFile)) {
$destFile = "{$sourceFile}.enc";
}
$sourcePath = $this->getFilePath($sourceFile);
$destPath = $this->getFilePath($destFile);
// Create a new encrypter instance
$encrypter = new FileEncrypter($this->key, $this->cipher);
// If encryption is successful, delete the source file
if ($encrypter->encrypt($sourcePath, $destPath) && $deleteSource) {
Storage::disk($this->disk)->delete($sourceFile);
}
return $this;
}
public function encryptCopy($sourceFile, $destFile = null)
{
return self::encrypt($sourceFile, $destFile, false);
}
/**
* Dencrypt the passed file and saves the result in a new file, removing the
* last 4 characters from file name.
*
* @param string $sourceFile Path to file that should be decrypted
* @param string $destFile File name where the decryped file should be written to.
* @return $this
*/
public function decrypt($sourceFile, $destFile = null, $deleteSource = true)
{
$this->registerServices();
if (is_null($destFile)) {
$destFile = Str::endsWith($sourceFile, '.enc')
? Str::replaceLast('.enc', '', $sourceFile)
: $sourceFile.'.dec';
}
$sourcePath = $this->getFilePath($sourceFile);
$destPath = $this->getFilePath($destFile);
// Create a new encrypter instance
$encrypter = new FileEncrypter($this->key, $this->cipher);
// If decryption is successful, delete the source file
if ($encrypter->decrypt($sourcePath, $destPath) && $deleteSource) {
Storage::disk($this->disk)->delete($sourceFile);
}
return $this;
}
public function decryptCopy($sourceFile, $destFile = null)
{
return self::decrypt($sourceFile, $destFile, false);
}
public function streamDecrypt($sourceFile)
{
$this->registerServices();
$sourcePath = $this->getFilePath($sourceFile);
// Create a new encrypter instance
$encrypter = new FileEncrypter($this->key, $this->cipher);
return $encrypter->decrypt($sourcePath, 'php://output');
}
protected function getFilePath($file)
{
if ($this->isS3File()) {
return "s3://{$this->adapter->getBucket()}/{$file}";
}
return Storage::disk($this->disk)->path($file);
}
protected function isS3File()
{
return $this->disk == 's3';
}
protected function setAdapter()
{
if ($this->adapter) {
return;
}
$this->adapter = Storage::disk($this->disk)->getAdapter();
}
protected function registerServices()
{
$this->setAdapter();
if ($this->isS3File()) {
$client = $this->adapter->getClient();
$client->registerStreamWrapper();
}
}
}
================================================
FILE: src/FileVaultServiceProvider.php
================================================
<?php
namespace SoareCostin\FileVault;
use Illuminate\Support\ServiceProvider;
class FileVaultServiceProvider extends ServiceProvider
{
/**
* Bootstrap the application services.
*/
public function boot()
{
if ($this->app->runningInConsole()) {
$this->publishes([
__DIR__.'/../config/config.php' => config_path('file-vault.php'),
], 'file-vault-config');
}
}
/**
* Register the application services.
*/
public function register()
{
// Automatically apply the package configuration
$this->mergeConfigFrom(__DIR__.'/../config/config.php', 'file-vault');
// Register the main class to use with the facade
$this->app->singleton('file-vault', function () {
return new FileVault;
});
}
}
================================================
FILE: storage/app/.gitignore
================================================
*
!.gitignore
================================================
FILE: tests/FileVaultTest.php
================================================
<?php
namespace SoareCostin\FileVault\Tests;
use Illuminate\Support\Facades\Storage;
use Orchestra\Testbench\TestCase;
use SoareCostin\FileVault\Facades\FileVault;
use SoareCostin\FileVault\FileVaultServiceProvider;
class FileVaultTest extends TestCase
{
/**
* Get package providers.
*
* @param \Illuminate\Foundation\Application $app
*
* @return array
*/
protected function getPackageProviders($app)
{
return [
FileVaultServiceProvider::class,
];
}
/**
* Get package aliases.
*
* @param \Illuminate\Foundation\Application $app
*
* @return array
*/
protected function getPackageAliases($app)
{
return [
'FileVault' => FileVault::class,
];
}
/**
* Define environment setup.
*
* @param \Illuminate\Foundation\Application $app
* @return void
*/
protected function getEnvironmentSetUp($app)
{
// Set the storage local filesystem
$app['config']->set('filesystems.disks.local.driver', 'local');
$app['config']->set('filesystems.disks.local.root', realpath(__DIR__.'/../storage/app'));
$app['config']->set('filesystems.default', 'local');
// Generate and set a random encryption key
$app['config']->set('file-vault.key', $this->generateRandomKey());
}
/**
* Generate a random key for the application.
*
* @return string
*/
protected function generateRandomKey()
{
return 'base64:'.base64_encode(
\SoareCostin\FileVault\FileVault::generateKey()
);
}
/**
* Generate a file with random contents.
*
* @return int|bool
*/
protected function generateFile($fileName, $fileSize = 500000)
{
$fileContents = random_bytes($fileSize);
return Storage::put($fileName, $fileContents);
}
/** @test */
public function test_encrypt_generates_a_file()
{
$this->generateFile($fileName = 'file.txt');
FileVault::encrypt($fileName);
// Test if the encrypted file exists
$this->assertFileExists(
Storage::path("{$fileName}.enc")
);
}
/** @test */
public function test_encrypt_copy_generates_a_file()
{
$this->generateFile($fileName = 'file.txt');
FileVault::encryptCopy($fileName);
// Test if the encrypted file exists
$this->assertFileExists(
Storage::path("{$fileName}.enc")
);
}
/** @test */
public function test_it_can_encrypt_a_file_using_a_different_destination_name()
{
$this->generateFile($fileName = 'file.txt');
FileVault::encrypt($fileName, 'encrypted.enc');
// Test if the encrypted file exists
$this->assertFileExists(
Storage::path('encrypted.enc')
);
}
/** @test */
public function test_encrypt_deletes_the_original()
{
$this->generateFile($fileName = 'file.txt');
FileVault::encrypt($fileName);
// Test if the original file has been deleted
$this->assertFileNotExists(
Storage::path($fileName)
);
}
/** @test */
public function test_encrypt_copy_keeps_the_original()
{
$this->generateFile($fileName = 'file.txt');
FileVault::encryptCopy($fileName);
// Test if the original file still exists
$this->assertFileExists(
Storage::path($fileName)
);
}
/** @test */
public function test_decrypt()
{
$this->generateFile($fileName = 'file.txt');
FileVault::encrypt($fileName);
FileVault::decrypt("{$fileName}.enc");
// Test that the decrypted file was generated
$this->assertFileExists(
Storage::path($fileName)
);
}
/** @test */
public function test_decrypt_using_a_different_destination_name()
{
$this->generateFile($fileName = 'file.txt');
FileVault::encrypt($fileName);
FileVault::decrypt("{$fileName}.enc", "{$fileName}.dec");
// Test that the decrypted file was generated
$this->assertFileExists(
Storage::path("{$fileName}.dec")
);
}
/** @test */
public function test_decrypt_deletes_the_encrypted_file()
{
$this->generateFile($fileName = 'file.txt');
FileVault::encrypt($fileName);
FileVault::decrypt("{$fileName}.enc");
// Test that the encrypted file was deleted after decryption
$this->assertFileNotExists(
Storage::path("{$fileName}.enc")
);
}
/** @test */
public function test_decrypt_copy_keeps_the_encrypted_file()
{
$this->generateFile($fileName = 'file.txt');
FileVault::encrypt($fileName);
FileVault::decryptCopy("{$fileName}.enc");
// Test that the encrypted file was deleted after decryption
$this->assertFileExists(
Storage::path("{$fileName}.enc")
);
}
/** @test */
public function test_a_decrypted_file_has_the_same_content_as_the_original_file()
{
$this->generateFile($fileName = 'file.txt');
FileVault::encryptCopy($fileName);
FileVault::decrypt("{$fileName}.enc", "{$fileName}.dec");
// Test to see if the decrypted content is the same as the original
$this->assertEquals(
Storage::get($fileName),
Storage::get("{$fileName}.dec")
);
}
/** @test */
public function test_it_can_encrypt_and_decrypt_using_a_user_generated_key()
{
$key = FileVault::generateKey();
$this->generateFile($fileName = 'file.txt');
FileVault::key($key)->encryptCopy($fileName);
FileVault::key($key)->decrypt("{$fileName}.enc", "{$fileName}.dec");
// Test to see if the decrypted content is the same as the original
$this->assertEquals(
Storage::get($fileName),
Storage::get("{$fileName}.dec")
);
}
/** @test */
public function test_it_can_stream_a_decrypted_file()
{
$this->generateFile($fileName = 'file.txt');
FileVault::encryptCopy($fileName);
ob_start();
FileVault::streamDecrypt("{$fileName}.enc");
$phpOutput = ob_get_contents();
ob_end_clean();
// Test to see if the decrypted content is sent to php://output
$this->assertEquals(
Storage::get($fileName),
$phpOutput
);
}
public function tearDown(): void
{
// Cleanup the storage dir
array_map('unlink', glob(__DIR__.'/../storage/app/*.*'));
parent::tearDown();
}
}
gitextract_g6gyxadn/
├── .editorconfig
├── .gitattributes
├── .gitignore
├── .scrutinizer.yml
├── .styleci.yml
├── .travis.yml
├── CHANGELOG.md
├── CONTRIBUTING.md
├── LICENSE.md
├── README.md
├── composer.json
├── config/
│ └── config.php
├── phpunit.xml.dist
├── src/
│ ├── Facades/
│ │ └── FileVault.php
│ ├── FileEncrypter.php
│ ├── FileVault.php
│ └── FileVaultServiceProvider.php
├── storage/
│ └── app/
│ └── .gitignore
└── tests/
└── FileVaultTest.php
SYMBOL INDEX (45 symbols across 5 files)
FILE: src/Facades/FileVault.php
class FileVault (line 17) | class FileVault extends Facade
method getFacadeAccessor (line 24) | protected static function getFacadeAccessor()
FILE: src/FileEncrypter.php
class FileEncrypter (line 9) | class FileEncrypter
method __construct (line 40) | public function __construct($key, $cipher = 'AES-128-CBC')
method supported (line 64) | public static function supported($key, $cipher)
method encrypt (line 79) | public function encrypt($sourcePath, $destPath)
method decrypt (line 125) | public function decrypt($sourcePath, $destPath)
method openDestFile (line 168) | protected function openDestFile($destPath)
method openSourceFile (line 177) | protected function openSourceFile($sourcePath)
FILE: src/FileVault.php
class FileVault (line 8) | class FileVault
method __construct (line 38) | public function __construct()
method disk (line 51) | public function disk($disk)
method key (line 64) | public function key($key)
method generateKey (line 76) | public static function generateKey()
method encrypt (line 88) | public function encrypt($sourceFile, $destFile = null, $deleteSource =...
method encryptCopy (line 110) | public function encryptCopy($sourceFile, $destFile = null)
method decrypt (line 123) | public function decrypt($sourceFile, $destFile = null, $deleteSource =...
method decryptCopy (line 147) | public function decryptCopy($sourceFile, $destFile = null)
method streamDecrypt (line 152) | public function streamDecrypt($sourceFile)
method getFilePath (line 164) | protected function getFilePath($file)
method isS3File (line 173) | protected function isS3File()
method setAdapter (line 178) | protected function setAdapter()
method registerServices (line 187) | protected function registerServices()
FILE: src/FileVaultServiceProvider.php
class FileVaultServiceProvider (line 7) | class FileVaultServiceProvider extends ServiceProvider
method boot (line 12) | public function boot()
method register (line 24) | public function register()
FILE: tests/FileVaultTest.php
class FileVaultTest (line 10) | class FileVaultTest extends TestCase
method getPackageProviders (line 19) | protected function getPackageProviders($app)
method getPackageAliases (line 33) | protected function getPackageAliases($app)
method getEnvironmentSetUp (line 46) | protected function getEnvironmentSetUp($app)
method generateRandomKey (line 62) | protected function generateRandomKey()
method generateFile (line 74) | protected function generateFile($fileName, $fileSize = 500000)
method test_encrypt_generates_a_file (line 82) | public function test_encrypt_generates_a_file()
method test_encrypt_copy_generates_a_file (line 95) | public function test_encrypt_copy_generates_a_file()
method test_it_can_encrypt_a_file_using_a_different_destination_name (line 108) | public function test_it_can_encrypt_a_file_using_a_different_destinati...
method test_encrypt_deletes_the_original (line 121) | public function test_encrypt_deletes_the_original()
method test_encrypt_copy_keeps_the_original (line 134) | public function test_encrypt_copy_keeps_the_original()
method test_decrypt (line 147) | public function test_decrypt()
method test_decrypt_using_a_different_destination_name (line 161) | public function test_decrypt_using_a_different_destination_name()
method test_decrypt_deletes_the_encrypted_file (line 175) | public function test_decrypt_deletes_the_encrypted_file()
method test_decrypt_copy_keeps_the_encrypted_file (line 189) | public function test_decrypt_copy_keeps_the_encrypted_file()
method test_a_decrypted_file_has_the_same_content_as_the_original_file (line 203) | public function test_a_decrypted_file_has_the_same_content_as_the_orig...
method test_it_can_encrypt_and_decrypt_using_a_user_generated_key (line 218) | public function test_it_can_encrypt_and_decrypt_using_a_user_generated...
method test_it_can_stream_a_decrypted_file (line 235) | public function test_it_can_stream_a_decrypted_file()
method tearDown (line 253) | public function tearDown(): void
Condensed preview — 19 files, each showing path, character count, and a content snippet. Download the .json file or copy for the full structured content (39K chars).
[
{
"path": ".editorconfig",
"chars": 312,
"preview": "; This file is for unifying the coding style for different editors and IDEs.\n; More information at http://editorconfig.o"
},
{
"path": ".gitattributes",
"chars": 395,
"preview": "# Path-based git attributes\n# https://www.kernel.org/pub/software/scm/git/docs/gitattributes.html\n\n# Ignore all test and"
},
{
"path": ".gitignore",
"chars": 40,
"preview": "build\ncomposer.lock\ndocs\nvendor\ncoverage"
},
{
"path": ".scrutinizer.yml",
"chars": 507,
"preview": "filter:\n excluded_paths: [tests/*]\n\nchecks:\n php:\n remove_extra_empty_lines: true\n remove_php_closin"
},
{
"path": ".styleci.yml",
"chars": 66,
"preview": "preset: laravel\n\ndisabled:\n - single_class_element_per_statement\n"
},
{
"path": ".travis.yml",
"chars": 433,
"preview": "language: php\n\nphp:\n - 7.2\n - 7.3\n\nenv:\n matrix:\n - COMPOSER_FLAGS=\"--prefer-lowest\"\n - COMPOSER_FLAGS=\"\"\n\nbefo"
},
{
"path": "CHANGELOG.md",
"chars": 123,
"preview": "# Changelog\n\nAll notable changes to `file-vault` will be documented in this file\n\n## 1.0.0 - 201X-XX-XX\n\n- initial relea"
},
{
"path": "CONTRIBUTING.md",
"chars": 2972,
"preview": "# Contributing\n\nContributions are **welcome** and will be fully **credited**.\n\nPlease read and understand the contributi"
},
{
"path": "LICENSE.md",
"chars": 1063,
"preview": "MIT License\n\nCopyright (c) Costin Soare\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof"
},
{
"path": "README.md",
"chars": 8585,
"preview": "# File encryption / decryption in Laravel\n\n[![Latest Version on Packagist](https://img.shields.io/packagist/v/soarecosti"
},
{
"path": "composer.json",
"chars": 1361,
"preview": "{\n \"name\": \"soarecostin/file-vault\",\n \"description\": \"\",\n \"keywords\": [\n \"laravel\", \"encrypt\", \"decrypt\""
},
{
"path": "config/config.php",
"chars": 539,
"preview": "<?php\n\nreturn [\n /*\n * The default key used for all file encryption / decryption\n * This package will look fo"
},
{
"path": "phpunit.xml.dist",
"chars": 1039,
"preview": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<phpunit bootstrap=\"vendor/autoload.php\"\n backupGlobals=\"false\"\n "
},
{
"path": "src/Facades/FileVault.php",
"chars": 805,
"preview": "<?php\n\nnamespace SoareCostin\\FileVault\\Facades;\n\nuse Illuminate\\Support\\Facades\\Facade;\n\n/**\n * @method static mixed dis"
},
{
"path": "src/FileEncrypter.php",
"chars": 6075,
"preview": "<?php\n\nnamespace SoareCostin\\FileVault;\n\nuse Exception;\nuse Illuminate\\Support\\Str;\nuse RuntimeException;\n\nclass FileEnc"
},
{
"path": "src/FileVault.php",
"chars": 4839,
"preview": "<?php\n\nnamespace SoareCostin\\FileVault;\n\nuse Illuminate\\Support\\Facades\\Storage;\nuse Illuminate\\Support\\Str;\n\nclass File"
},
{
"path": "src/FileVaultServiceProvider.php",
"chars": 846,
"preview": "<?php\n\nnamespace SoareCostin\\FileVault;\n\nuse Illuminate\\Support\\ServiceProvider;\n\nclass FileVaultServiceProvider extends"
},
{
"path": "storage/app/.gitignore",
"chars": 13,
"preview": "*\n!.gitignore"
},
{
"path": "tests/FileVaultTest.php",
"chars": 6782,
"preview": "<?php\n\nnamespace SoareCostin\\FileVault\\Tests;\n\nuse Illuminate\\Support\\Facades\\Storage;\nuse Orchestra\\Testbench\\TestCase;"
}
]
About this extraction
This page contains the full source code of the soarecostin/file-vault GitHub repository, extracted and formatted as plain text for AI agents and large language models (LLMs). The extraction includes 19 files (35.9 KB), approximately 9.3k tokens, and a symbol index with 45 extracted functions, classes, methods, constants, and types. Use this with OpenClaw, Claude, ChatGPT, Cursor, Windsurf, or any other AI tool that accepts text input. You can copy the full output to your clipboard or download it as a .txt file.
Extracted by GitExtract — free GitHub repo to text converter for AI. Built by Nikandr Surkov.