Repository: soarecostin/file-vault Branch: master Commit: ee40ef4a3a7a Files: 19 Total size: 35.9 KB Directory structure: gitextract_g6gyxadn/ ├── .editorconfig ├── .gitattributes ├── .gitignore ├── .scrutinizer.yml ├── .styleci.yml ├── .travis.yml ├── CHANGELOG.md ├── CONTRIBUTING.md ├── LICENSE.md ├── README.md ├── composer.json ├── config/ │ └── config.php ├── phpunit.xml.dist ├── src/ │ ├── Facades/ │ │ └── FileVault.php │ ├── FileEncrypter.php │ ├── FileVault.php │ └── FileVaultServiceProvider.php ├── storage/ │ └── app/ │ └── .gitignore └── tests/ └── FileVaultTest.php ================================================ FILE CONTENTS ================================================ ================================================ FILE: .editorconfig ================================================ ; This file is for unifying the coding style for different editors and IDEs. ; More information at http://editorconfig.org root = true [*] charset = utf-8 indent_size = 4 indent_style = space end_of_line = lf insert_final_newline = true trim_trailing_whitespace = true [*.md] trim_trailing_whitespace = false ================================================ FILE: .gitattributes ================================================ # Path-based git attributes # https://www.kernel.org/pub/software/scm/git/docs/gitattributes.html # Ignore all test and documentation with "export-ignore". /.gitattributes export-ignore /.gitignore export-ignore /.travis.yml export-ignore /phpunit.xml.dist export-ignore /.scrutinizer.yml export-ignore /tests export-ignore /.editorconfig export-ignore ================================================ FILE: .gitignore ================================================ build composer.lock docs vendor coverage ================================================ FILE: .scrutinizer.yml ================================================ filter: excluded_paths: [tests/*] checks: php: remove_extra_empty_lines: true remove_php_closing_tag: true remove_trailing_whitespace: true fix_use_statements: remove_unused: true preserve_multiple: false preserve_blanklines: true order_alphabetically: true fix_php_opening_tag: true fix_linefeed: true fix_line_ending: true fix_identation_4spaces: true fix_doc_comments: true ================================================ FILE: .styleci.yml ================================================ preset: laravel disabled: - single_class_element_per_statement ================================================ FILE: .travis.yml ================================================ language: php php: - 7.2 - 7.3 env: matrix: - COMPOSER_FLAGS="--prefer-lowest" - COMPOSER_FLAGS="" before_script: - travis_retry composer self-update - travis_retry composer update ${COMPOSER_FLAGS} --no-interaction --prefer-source script: - vendor/bin/phpunit --coverage-text --coverage-clover=coverage.clover after_script: - php vendor/bin/ocular code-coverage:upload --format=php-clover coverage.clover ================================================ FILE: CHANGELOG.md ================================================ # Changelog All notable changes to `file-vault` will be documented in this file ## 1.0.0 - 201X-XX-XX - initial release ================================================ FILE: CONTRIBUTING.md ================================================ # Contributing Contributions are **welcome** and will be fully **credited**. Please read and understand the contribution guide before creating an issue or pull request. ## Etiquette This project is open source, and as such, the maintainers give their free time to build and maintain the source code held within. They make the code freely available in the hope that it will be of use to other developers. It would be extremely unfair for them to suffer abuse or anger for their hard work. Please be considerate towards maintainers when raising issues or presenting pull requests. Let's show the world that developers are civilized and selfless people. It's the duty of the maintainer to ensure that all submissions to the project are of sufficient quality to benefit the project. Many developers have different skillsets, strengths, and weaknesses. Respect the maintainer's decision, and do not be upset or abusive if your submission is not used. ## Viability When requesting or submitting new features, first consider whether it might be useful to others. Open source projects are used by many developers, who may have entirely different needs to your own. Think about whether or not your feature is likely to be used by other users of the project. ## Procedure Before filing an issue: - Attempt to replicate the problem, to ensure that it wasn't a coincidental incident. - Check to make sure your feature suggestion isn't already present within the project. - Check the pull requests tab to ensure that the bug doesn't have a fix in progress. - Check the pull requests tab to ensure that the feature isn't already in progress. Before submitting a pull request: - Check the codebase to ensure that your feature doesn't already exist. - Check the pull requests to ensure that another person hasn't already submitted the feature or fix. ## Requirements If the project maintainer has any additional requirements, you will find them listed here. - **[PSR-2 Coding Standard](https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-2-coding-style-guide.md)** - The easiest way to apply the conventions is to install [PHP Code Sniffer](https://pear.php.net/package/PHP_CodeSniffer). - **Add tests!** - Your patch won't be accepted if it doesn't have tests. - **Document any change in behaviour** - Make sure the `README.md` and any other relevant documentation are kept up-to-date. - **Consider our release cycle** - We try to follow [SemVer v2.0.0](https://semver.org/). Randomly breaking public APIs is not an option. - **One pull request per feature** - If you want to do more than one thing, send multiple pull requests. - **Send coherent history** - Make sure each individual commit in your pull request is meaningful. If you had to make multiple intermediate commits while developing, please [squash them](https://www.git-scm.com/book/en/v2/Git-Tools-Rewriting-History#Changing-Multiple-Commit-Messages) before submitting. **Happy coding**! ================================================ FILE: LICENSE.md ================================================ MIT License Copyright (c) Costin Soare Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ================================================ FILE: README.md ================================================ # File encryption / decryption in Laravel [![Latest Version on Packagist](https://img.shields.io/packagist/v/soarecostin/file-vault.svg?style=flat-square)](https://packagist.org/packages/soarecostin/file-vault) [![MIT Licensed](https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square)](LICENSE.md) [![Build Status](https://img.shields.io/travis/soarecostin/file-vault/master.svg?style=flat-square)](https://travis-ci.org/soarecostin/file-vault) [![Quality Score](https://img.shields.io/scrutinizer/g/soarecostin/file-vault.svg?style=flat-square)](https://scrutinizer-ci.com/g/soarecostin/file-vault) [![StyleCI](https://styleci.io/repos/221933072/shield)](https://styleci.io/repos/221933072) [![Total Downloads](https://img.shields.io/packagist/dt/soarecostin/file-vault.svg?style=flat-square)](https://packagist.org/packages/soarecostin/file-vault) With this package, you can encrypt and decrypt files of any size in your Laravel project. This package uses streams and [CBC encryption](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_Block_Chaining_(CBC)), encrypting / decrypting a segment of data at a time. ## Installation and usage This package requires PHP 7.2 and Laravel 5.8 or higher. You can install the package via composer: ```bash composer require soarecostin/file-vault ``` ## Usage ### Tutorials For a detailed description of how to encrypt files in Laravel using this package, please see the following articles: - [Part 1: How to encrypt large files in Laravel](https://medium.com/swlh/how-to-encrypt-large-files-in-laravel-293460836ded?source=friends_link&sk=976ab6e5d1cfb52e10c801fe0cb04fca) - [Part 2: How to encrypt & upload large files to Amazon S3 in Laravel](https://medium.com/@soarecostin/how-to-encrypt-upload-large-files-to-amazon-s3-in-laravel-af88324a9aa?sk=a9a358a3892e898a60448d5314fb3dc0) ### Description This package will automatically register a facade called `FileVault`. The `FileVault` facade is using the Laravel `Storage` and will allow you to specify a `disk`, just as you would normally do when working with Laravel Storage. All file names/paths that you will have to pass into the package encrypt/decrypt functions are relative to the disk root folder. By default, the `local` disk is used, but you can either specify a different disk each time you call one of `FileVault` methods, or you can set the default disk to something else, by publishing this package's config file. If you want to change the default `disk` or change the `key`/`cipher` used for encryption, you can publish the config file: ``` php artisan vendor:publish --provider="SoareCostin\FileVault\FileVaultServiceProvider" ``` This is the contents of the published file: ``` php return [ /* * The default key used for all file encryption / decryption * This package will look for a FILE_VAULT_KEY in your env file * If no FILE_VAULT_KEY is found, then it will use your Laravel APP_KEY */ 'key' => env('FILE_VAULT_KEY', env('APP_KEY')), /* * The cipher used for encryption. * Supported options are AES-128-CBC and AES-256-CBC */ 'cipher' => 'AES-256-CBC', /* * The Storage disk used by default to locate your files. */ 'disk' => 'local', ]; ``` ### Encrypting a file The `encrypt` method will search for a file, encrypt it and save it in the same directory, while deleting the original file. ``` php public function encrypt(string $sourceFile, string $destFile = null, $deleteSource = true) ``` The `encryptCopy` method will search for a file, encrypt it and save it in the same directory, while preserving the original file. ``` php public function encryptCopy(string $sourceFile, string $destFile = null) ``` #### Examples: The following example will search for `file.txt` into the `local` disk, save the encrypted file as `file.txt.enc` and delete the original `file.txt`: ``` php FileVault::encrypt('file.txt'); ``` You can also specify a different `disk`, just as you would normally with the Laravel `Storage` facade: ``` php FileVault::disk('s3')->encrypt('file.txt'); ``` You can also specify a different name for the encrypted file by passing in a second parameter. The following example will search for `file.txt` into the `local` disk, save the encrypted file as `encrypted.txt` and delete the original `file.txt`: ``` php FileVault::encrypt('file.txt', 'encrypted.txt'); ``` The following examples both achive the same results as above, with the only difference that the original file is not deleted: ``` php // save the encrypted copy to file.txt.enc FileVault::encryptCopy('file.txt'); // or save the encrypted copy with a different name FileVault::encryptCopy('file.txt', 'encrypted.txt'); ``` ### Decrypting a file The `decrypt` method will search for a file, decrypt it and save it in the same directory, while deleting the encrypted file. ``` php public function decrypt(string $sourceFile, string $destFile = null, $deleteSource = true) ``` The `decryptCopy` method will search for a file, decrypt it and save it in the same directory, while preserving the encrypted file. ``` php public function decryptCopy(string $sourceFile, string $destFile = null) ``` #### Examples: The following example will search for `file.txt.enc` into the `local` disk, save the decrypted file as `file.txt` and delete the encrypted file `file.txt.enc`: ``` php FileVault::decrypt('file.txt.enc'); ``` If the file that needs to be decrypted doesn't end with the `.enc` extension, the decrypted file will have the `.dec` extention. The following example will search for `encrypted.txt` into the `local` disk, save the decrypted file as `encrypted.txt.dec` and delete the encrypted file `encrypted.txt`: ``` php FileVault::decrypt('encrypted.txt'); ``` As with the encryption, you can also specify a different `disk`, just as you would normally with the Laravel `Storage` facade: ``` php FileVault::disk('s3')->decrypt('file.txt.enc'); ``` You can also specify a different name for the decrypted file by passing in a second parameter. The following example will search for `encrypted.txt` into the `local` disk, save the decrypted file as `decrypted.txt` and delete the original `encrypted.txt`: ``` php FileVault::decrypt('encrypted.txt', 'decrypted.txt'); ``` The following examples both achive the same results as above, with the only difference that the original (encrypted) file is not deleted: ``` php // save the decrypted copy to file.txt while preserving file.txt.enc FileVault::decryptCopy('file.txt.enc'); // or save the decrypted copy with a different name, while preserving the file.txt.enc FileVault::decryptCopy('file.txt.enc', 'decrypted.txt'); ``` ### Streaming a decrypted file Sometimes you will only want to allow users to download the decrypted file, but you don't need to store the actual decrypted file. For this, you can use the `streamDecrypt` function that will decrypt the file and will write it to the `php://output` stream. You can use the Laravel [`streamDownload` method](https://laravel.com/docs/6.x/responses#file-downloads) (available since 5.6) in order to generate a downloadable response: ``` php return response()->streamDownload(function () { FileVault::streamDecrypt('file.txt') }, 'laravel-readme.md'); ``` ### Using a different key for each file You may need to use different keys to encrypt your files. You can explicitly specify the key used for encryption using the `key` method. ``` php FileVault::key($encryptionKey)->encrypt('file.txt'); ``` Please note that the encryption key must be 16 bytes long for the `AES-128-CBC` cipher and 32 bytes long for the `AES-256-CBC` cipher. You can generate a key with the correct length (based on the cipher specified in the config file) by using the `generateKey` method: ``` php $encryptionKey = FileVault::generateKey(); ``` ## Testing Run the tests with: ``` bash composer test ``` ### Changelog Please see [CHANGELOG](CHANGELOG.md) for more information what has changed recently. ## Contributing Please see [CONTRIBUTING](CONTRIBUTING.md) for details. ### Security If you discover any security related issues, please email soarecostin@gmail.com instead of using the issue tracker. ## Credits - [Costin Soare](https://github.com/soarecostin) - [All Contributors](../../contributors) ## License The MIT License (MIT). Please see [License File](LICENSE.md) for more information. ## Laravel Package Boilerplate This package was generated using the [Laravel Package Boilerplate](https://laravelpackageboilerplate.com). ================================================ FILE: composer.json ================================================ { "name": "soarecostin/file-vault", "description": "", "keywords": [ "laravel", "encrypt", "decrypt", "encryption", "decryption", "cbc", "php", "file", "file-vault" ], "homepage": "https://github.com/soarecostin/file-vault", "license": "MIT", "type": "library", "authors": [ { "name": "Costin Soare", "email": "soarecostin@gmail.com", "role": "Developer" } ], "require": { "php": "^7.2|^8.0", "illuminate/support": "5.8.* || 6.*.* || ^7.0 || ^8.0" }, "require-dev": { "orchestra/testbench": "^5.0|^6.0", "phpunit/phpunit": "^8.0" }, "autoload": { "psr-4": { "SoareCostin\\FileVault\\": "src" } }, "autoload-dev": { "psr-4": { "SoareCostin\\FileVault\\Tests\\": "tests" } }, "scripts": { "test": "vendor/bin/phpunit", "test-coverage": "vendor/bin/phpunit --coverage-html coverage" }, "config": { "sort-packages": true }, "extra": { "laravel": { "providers": [ "SoareCostin\\FileVault\\FileVaultServiceProvider" ], "aliases": { "FileVault": "SoareCostin\\FileVault\\Facades\\FileVault" } } } } ================================================ FILE: config/config.php ================================================ env('FILE_VAULT_KEY', env('APP_KEY')), /* * The cipher used for encryption. * Supported options are AES-128-CBC and AES-256-CBC */ 'cipher' => 'AES-256-CBC', /* * The Storage disk used by default to locate your files. */ 'disk' => 'local', ]; ================================================ FILE: phpunit.xml.dist ================================================ tests src/ ================================================ FILE: src/Facades/FileVault.php ================================================ key = $key; $this->cipher = $cipher; } else { throw new RuntimeException('The only supported ciphers are AES-128-CBC and AES-256-CBC with the correct key lengths.'); } } /** * Determine if the given key and cipher combination is valid. * * @param string $key * @param string $cipher * @return bool */ public static function supported($key, $cipher) { $length = mb_strlen($key, '8bit'); return ($cipher === 'AES-128-CBC' && $length === 16) || ($cipher === 'AES-256-CBC' && $length === 32); } /** * Encrypts the source file and saves the result in a new file. * * @param string $sourcePath Path to file that should be encrypted * @param string $destPath File name where the encryped file should be written to. * @return bool */ public function encrypt($sourcePath, $destPath) { $fpOut = $this->openDestFile($destPath); $fpIn = $this->openSourceFile($sourcePath); // Put the initialzation vector to the beginning of the file $iv = openssl_random_pseudo_bytes(16); fwrite($fpOut, $iv); $numberOfChunks = ceil(filesize($sourcePath) / (16 * self::FILE_ENCRYPTION_BLOCKS)); $i = 0; while (! feof($fpIn)) { $plaintext = fread($fpIn, 16 * self::FILE_ENCRYPTION_BLOCKS); $ciphertext = openssl_encrypt($plaintext, $this->cipher, $this->key, OPENSSL_RAW_DATA, $iv); // Because Amazon S3 will randomly return smaller sized chunks: // Check if the size read from the stream is different than the requested chunk size // In this scenario, request the chunk again, unless this is the last chunk if (strlen($plaintext) !== 16 * self::FILE_ENCRYPTION_BLOCKS && $i + 1 < $numberOfChunks ) { fseek($fpIn, 16 * self::FILE_ENCRYPTION_BLOCKS * $i); continue; } // Use the first 16 bytes of the ciphertext as the next initialization vector $iv = substr($ciphertext, 0, 16); fwrite($fpOut, $ciphertext); $i++; } fclose($fpIn); fclose($fpOut); return true; } /** * Decrypts the source file and saves the result in a new file. * * @param string $sourcePath Path to file that should be decrypted * @param string $destPath File name where the decryped file should be written to. * @return bool */ public function decrypt($sourcePath, $destPath) { $fpOut = $this->openDestFile($destPath); $fpIn = $this->openSourceFile($sourcePath); // Get the initialzation vector from the beginning of the file $iv = fread($fpIn, 16); $numberOfChunks = ceil((filesize($sourcePath) - 16) / (16 * (self::FILE_ENCRYPTION_BLOCKS + 1))); $i = 0; while (! feof($fpIn)) { // We have to read one block more for decrypting than for encrypting because of the initialization vector $ciphertext = fread($fpIn, 16 * (self::FILE_ENCRYPTION_BLOCKS + 1)); $plaintext = openssl_decrypt($ciphertext, $this->cipher, $this->key, OPENSSL_RAW_DATA, $iv); // Because Amazon S3 will randomly return smaller sized chunks: // Check if the size read from the stream is different than the requested chunk size // In this scenario, request the chunk again, unless this is the last chunk if (strlen($ciphertext) !== 16 * (self::FILE_ENCRYPTION_BLOCKS + 1) && $i + 1 < $numberOfChunks ) { fseek($fpIn, 16 + 16 * (self::FILE_ENCRYPTION_BLOCKS + 1) * $i); continue; } if ($plaintext === false) { throw new Exception('Decryption failed'); } // Get the the first 16 bytes of the ciphertext as the next initialization vector $iv = substr($ciphertext, 0, 16); fwrite($fpOut, $plaintext); $i++; } fclose($fpIn); fclose($fpOut); return true; } protected function openDestFile($destPath) { if (($fpOut = fopen($destPath, 'w')) === false) { throw new Exception('Cannot open file for writing'); } return $fpOut; } protected function openSourceFile($sourcePath) { $contextOpts = Str::startsWith($sourcePath, 's3://') ? ['s3' => ['seekable' => true]] : []; if (($fpIn = fopen($sourcePath, 'r', false, stream_context_create($contextOpts))) === false) { throw new Exception('Cannot open file for reading'); } return $fpIn; } } ================================================ FILE: src/FileVault.php ================================================ disk = config('file-vault.disk'); $this->key = config('file-vault.key'); $this->cipher = config('file-vault.cipher'); } /** * Set the disk where the files are located. * * @param string $disk * @return $this */ public function disk($disk) { $this->disk = $disk; return $this; } /** * Set the encryption key. * * @param string $key * @return $this */ public function key($key) { $this->key = $key; return $this; } /** * Create a new encryption key for the given cipher. * * @return string */ public static function generateKey() { return random_bytes(config('file-vault.cipher') === 'AES-128-CBC' ? 16 : 32); } /** * Encrypt the passed file and saves the result in a new file with ".enc" as suffix. * * @param string $sourceFile Path to file that should be encrypted, relative to the storage disk specified * @param string $destFile File name where the encryped file should be written to, relative to the storage disk specified * @return $this */ public function encrypt($sourceFile, $destFile = null, $deleteSource = true) { $this->registerServices(); if (is_null($destFile)) { $destFile = "{$sourceFile}.enc"; } $sourcePath = $this->getFilePath($sourceFile); $destPath = $this->getFilePath($destFile); // Create a new encrypter instance $encrypter = new FileEncrypter($this->key, $this->cipher); // If encryption is successful, delete the source file if ($encrypter->encrypt($sourcePath, $destPath) && $deleteSource) { Storage::disk($this->disk)->delete($sourceFile); } return $this; } public function encryptCopy($sourceFile, $destFile = null) { return self::encrypt($sourceFile, $destFile, false); } /** * Dencrypt the passed file and saves the result in a new file, removing the * last 4 characters from file name. * * @param string $sourceFile Path to file that should be decrypted * @param string $destFile File name where the decryped file should be written to. * @return $this */ public function decrypt($sourceFile, $destFile = null, $deleteSource = true) { $this->registerServices(); if (is_null($destFile)) { $destFile = Str::endsWith($sourceFile, '.enc') ? Str::replaceLast('.enc', '', $sourceFile) : $sourceFile.'.dec'; } $sourcePath = $this->getFilePath($sourceFile); $destPath = $this->getFilePath($destFile); // Create a new encrypter instance $encrypter = new FileEncrypter($this->key, $this->cipher); // If decryption is successful, delete the source file if ($encrypter->decrypt($sourcePath, $destPath) && $deleteSource) { Storage::disk($this->disk)->delete($sourceFile); } return $this; } public function decryptCopy($sourceFile, $destFile = null) { return self::decrypt($sourceFile, $destFile, false); } public function streamDecrypt($sourceFile) { $this->registerServices(); $sourcePath = $this->getFilePath($sourceFile); // Create a new encrypter instance $encrypter = new FileEncrypter($this->key, $this->cipher); return $encrypter->decrypt($sourcePath, 'php://output'); } protected function getFilePath($file) { if ($this->isS3File()) { return "s3://{$this->adapter->getBucket()}/{$file}"; } return Storage::disk($this->disk)->path($file); } protected function isS3File() { return $this->disk == 's3'; } protected function setAdapter() { if ($this->adapter) { return; } $this->adapter = Storage::disk($this->disk)->getAdapter(); } protected function registerServices() { $this->setAdapter(); if ($this->isS3File()) { $client = $this->adapter->getClient(); $client->registerStreamWrapper(); } } } ================================================ FILE: src/FileVaultServiceProvider.php ================================================ app->runningInConsole()) { $this->publishes([ __DIR__.'/../config/config.php' => config_path('file-vault.php'), ], 'file-vault-config'); } } /** * Register the application services. */ public function register() { // Automatically apply the package configuration $this->mergeConfigFrom(__DIR__.'/../config/config.php', 'file-vault'); // Register the main class to use with the facade $this->app->singleton('file-vault', function () { return new FileVault; }); } } ================================================ FILE: storage/app/.gitignore ================================================ * !.gitignore ================================================ FILE: tests/FileVaultTest.php ================================================ FileVault::class, ]; } /** * Define environment setup. * * @param \Illuminate\Foundation\Application $app * @return void */ protected function getEnvironmentSetUp($app) { // Set the storage local filesystem $app['config']->set('filesystems.disks.local.driver', 'local'); $app['config']->set('filesystems.disks.local.root', realpath(__DIR__.'/../storage/app')); $app['config']->set('filesystems.default', 'local'); // Generate and set a random encryption key $app['config']->set('file-vault.key', $this->generateRandomKey()); } /** * Generate a random key for the application. * * @return string */ protected function generateRandomKey() { return 'base64:'.base64_encode( \SoareCostin\FileVault\FileVault::generateKey() ); } /** * Generate a file with random contents. * * @return int|bool */ protected function generateFile($fileName, $fileSize = 500000) { $fileContents = random_bytes($fileSize); return Storage::put($fileName, $fileContents); } /** @test */ public function test_encrypt_generates_a_file() { $this->generateFile($fileName = 'file.txt'); FileVault::encrypt($fileName); // Test if the encrypted file exists $this->assertFileExists( Storage::path("{$fileName}.enc") ); } /** @test */ public function test_encrypt_copy_generates_a_file() { $this->generateFile($fileName = 'file.txt'); FileVault::encryptCopy($fileName); // Test if the encrypted file exists $this->assertFileExists( Storage::path("{$fileName}.enc") ); } /** @test */ public function test_it_can_encrypt_a_file_using_a_different_destination_name() { $this->generateFile($fileName = 'file.txt'); FileVault::encrypt($fileName, 'encrypted.enc'); // Test if the encrypted file exists $this->assertFileExists( Storage::path('encrypted.enc') ); } /** @test */ public function test_encrypt_deletes_the_original() { $this->generateFile($fileName = 'file.txt'); FileVault::encrypt($fileName); // Test if the original file has been deleted $this->assertFileNotExists( Storage::path($fileName) ); } /** @test */ public function test_encrypt_copy_keeps_the_original() { $this->generateFile($fileName = 'file.txt'); FileVault::encryptCopy($fileName); // Test if the original file still exists $this->assertFileExists( Storage::path($fileName) ); } /** @test */ public function test_decrypt() { $this->generateFile($fileName = 'file.txt'); FileVault::encrypt($fileName); FileVault::decrypt("{$fileName}.enc"); // Test that the decrypted file was generated $this->assertFileExists( Storage::path($fileName) ); } /** @test */ public function test_decrypt_using_a_different_destination_name() { $this->generateFile($fileName = 'file.txt'); FileVault::encrypt($fileName); FileVault::decrypt("{$fileName}.enc", "{$fileName}.dec"); // Test that the decrypted file was generated $this->assertFileExists( Storage::path("{$fileName}.dec") ); } /** @test */ public function test_decrypt_deletes_the_encrypted_file() { $this->generateFile($fileName = 'file.txt'); FileVault::encrypt($fileName); FileVault::decrypt("{$fileName}.enc"); // Test that the encrypted file was deleted after decryption $this->assertFileNotExists( Storage::path("{$fileName}.enc") ); } /** @test */ public function test_decrypt_copy_keeps_the_encrypted_file() { $this->generateFile($fileName = 'file.txt'); FileVault::encrypt($fileName); FileVault::decryptCopy("{$fileName}.enc"); // Test that the encrypted file was deleted after decryption $this->assertFileExists( Storage::path("{$fileName}.enc") ); } /** @test */ public function test_a_decrypted_file_has_the_same_content_as_the_original_file() { $this->generateFile($fileName = 'file.txt'); FileVault::encryptCopy($fileName); FileVault::decrypt("{$fileName}.enc", "{$fileName}.dec"); // Test to see if the decrypted content is the same as the original $this->assertEquals( Storage::get($fileName), Storage::get("{$fileName}.dec") ); } /** @test */ public function test_it_can_encrypt_and_decrypt_using_a_user_generated_key() { $key = FileVault::generateKey(); $this->generateFile($fileName = 'file.txt'); FileVault::key($key)->encryptCopy($fileName); FileVault::key($key)->decrypt("{$fileName}.enc", "{$fileName}.dec"); // Test to see if the decrypted content is the same as the original $this->assertEquals( Storage::get($fileName), Storage::get("{$fileName}.dec") ); } /** @test */ public function test_it_can_stream_a_decrypted_file() { $this->generateFile($fileName = 'file.txt'); FileVault::encryptCopy($fileName); ob_start(); FileVault::streamDecrypt("{$fileName}.enc"); $phpOutput = ob_get_contents(); ob_end_clean(); // Test to see if the decrypted content is sent to php://output $this->assertEquals( Storage::get($fileName), $phpOutput ); } public function tearDown(): void { // Cleanup the storage dir array_map('unlink', glob(__DIR__.'/../storage/app/*.*')); parent::tearDown(); } }