soarecostin / file-vault Goto Github PK
View Code? Open in Web Editor NEWA Laravel package for encrypting and decrypting files of any size
License: MIT License
A Laravel package for encrypting and decrypting files of any size
License: MIT License
Using the code doesn't download the file.
return
response()->streamDownload(function () use ($decFilename) {
FileVault::disk('s3')->streamDecrypt($decFilename);
}, Str::replaceLast('.enc', '', basename($decFilename)));
I keep getting the error ** Failed to open stream: No such file or directory** meanwhile the upload to bucket works and the file is actually there in the bucket. Using Local bucket, it works fine but doesn't work with the s3 driver.
Hi guys,
I use file-vault to encrypt and decrypt files on my app and I'm using streamDecrypt inside streamDownload method to download those encrypted files.
This method works like a charm in desktop but in mobile the file downloaded is a .html file with random characters inside. What can I do to fix this issue?
I tried in Android 10 with Edge, Chrome and Native Xioami Browser.
Sorry for my english BTW.
Hello, what i am doing is basically i am uploading files on s3 as encrypted , it's working fine but when i tried to decrypt any specific file and create a presignedUrl (which i get and is accessible) and then i created a job to run after a while to again encrypt that specific file , jobs gets failed and it throws me this error :
Error: Call to undefined method League\Flysystem\Adapter\Local::getClient() in /vendor/soarecostin/file-vault/src/FileVault.php:192
Stack trace:
Sometime it works but most of time not. If someones guide me regarding this.
My code is as follow :
To create a url :
$presignedUrl=$client->getAwsTemporaryUrl($client->getDriver()->getAdapter(), $key, now()->addSeconds(15), []);
To decrypt the file again :
EncryptAttachment::dispatch($key1) ->onQueue('queue4') ->delay(now()->addSeconds(15));
and also i am specifying my disk as well in that job as well FileVault::disk('s3')->encrypt($this->key);
I'm trying to install on Laravel 9 but I'm stuck, it seems incompatible. Someone are using on v9?
- Root composer.json requires soarecostin/file-vault ^1.2 -> satisfiable by soarecostin/file-vault[v1.2.0].
- soarecostin/file-vault v1.2.0 requires illuminate/support 5.8.* || 6.*.* || ^7.0 || ^8.0 -> found illuminate/support[v5.8.0, ..., 5.8.x-dev, v6.0.0, ..., 6.x-dev, v7.0.0, ..., 7.x-dev, v8.0.0, ..., 8.x-dev] but these were not loaded, likely because it conflicts with another require.
Hi @soarecostin,
I would like to know which approach is the best for my question?
Thanks in advance.
Cheers.
Trying to upload enc files on s3 and retrieving them to create a signed url for the response to an API to access them from s3.
What i have achieved so far is :
Files are being uploaded to s3 as (.enc) even if i use streamDownload and decrypt file , saves it, it's working perfectly.
1- I am trying to get a singed url for a file that will return to api response , which is i am getting correctly using :
$command = $client->getCommand('GetObject', [ 'Bucket' => $bucket, 'Key' => **FileVault::disk('s3')->decrypt($key),** ]); $request = $client->createPresignedRequest($command, '+20 minutes'); $presignedUrl = (string)$request->getUri();
It is working fine if i put path of a normal file to key but when i try to decrypt it as well it says :
"message": "Found 1 error while validating the input provided for the GetObject operation:\n[Key] must be a string or an object that implements __toString(). Found object(SoareCostin\FileVault\FileVault)",
If you could guide me @soarecostin . Bundle of thanks already for this wonderful package.
I want change key and disk to dynamically.
Effect to FileVault/constructor and FileVaultServiceProvider/register.
A few modifications will improve many conveniences.
When streaming the response from an S3 instance (DigitalOcean Spaces, using S3 driver), the disk is ignored and FileValue attempts to ready directly from the local disk:
$encFilePath = $tomeUser->tome->id . '/' . $image->filename . '.enc';
// Return the Image
return response()->streamDownload(function () use ($image, $tomeUser, $encFilePath) {
return FileVault::key($tomeUser->tome->key)
->disk('spaces')
->streamDecrypt($encFilePath);
}, $image->filename);
As you can see in the log file, FileVault is using fopen() in my local directory:
[2020-12-26 14:24:19] local.ERROR: fopen(1/1608990767-5fe7402fa827b.png.enc): failed to open stream: No such file or directory {"userId":1,"exception":"[object] (ErrorException(code: 0): fopen(1/1608990767-5fe7402fa827b.png.enc): failed to open stream: No such file or directory at /Users/{name}/sites/{project}/vendor/soarecostin/file-vault/src/FileEncrypter.php:181)
[stacktrace]
#0 [internal function]: Illuminate\\Foundation\\Bootstrap\\HandleExceptions->handleError(2, 'fopen(1/1608990...', '/Users/{user}/...', 181, Array)
#1 /Users/{user}/sites/{project}/vendor/soarecostin/file-vault/src/FileEncrypter.php(181): fopen('1/1608990767-5f...', 'r', false, Resource id #13)
#2 /Users/{user}/sites/{project}/vendor/soarecostin/file-vault/src/FileEncrypter.php(128): SoareCostin\\FileVault\\FileEncrypter->openSourceFile('1/1608990767-5f...')
#3 /Users/{user}/sites/{project}/vendor/soarecostin/file-vault/src/FileVault.php(161): SoareCostin\\FileVault\\FileEncrypter->decrypt('1/1608990767-5f...', 'php://output')
#4 /Users/{user}/sites/{project}/app/Http/Controllers/ImageController.php(73): SoareCostin\\FileVault\\FileVault->streamDecrypt('1/1608990767-5f...')
#5 /Users/{user}/sites/{project}/vendor/symfony/http-foundation/StreamedResponse.php(109): App\\Http\\Controllers\\ImageController->App\\Http\\Controllers\\{closure}()
#6 /Users/{user}/sites/{project}/vendor/symfony/http-foundation/Response.php(394): Symfony\\Component\\HttpFoundation\\StreamedResponse->sendContent()
#7 /Users/{user}/sites/{project}/vendor/laravel/framework/src/Illuminate/Support/HigherOrderTapProxy.php(34): Symfony\\Component\\HttpFoundation\\Response->send()
#8 /Users/{user}/sites/{project}/public/index.php(53): Illuminate\\Support\\HigherOrderTapProxy->__call('send', Array)
#9 /Users/{user}/.composer/vendor/laravel/valet/server.php(214): require('/Users/{user}/...')
#10 {main}
"}
cannot open the file
As far as I see from the package, files are decryptable by admin of the app. Is it possible to encrypt and decrypt files with user's private key?
Tried the below command:
openssl enc -d -aes-256-cbc -in Lxx1H0wxp2QEprZvUGetIoxIzHKkpeAH6nf515IL.txt.bad.enc -out Lxx1H0wxp2QEprZvUGetIoxIzHKkpeAH6nf515IL.txt.bad
When asked for password I am not sure how to enter it. Coz the password generated is binary. I tried base64 encoding and passing it and also tried writing the binary to a file and using stdin.
Both cases I get bad magic number
error. But the file decrypts properly using the library
I'm trying to install on Laravel 9 but I'm stuck, it seems incompatible. Someone are using on v10?
Looks like all of the recent pull requests to this repository are failing at the same Travis stage as the --prefer-lowest
flag on PHP 7.3 fails.
This seems independent of the requests themselves, but rather it is caused by some other dependency.
https://travis-ci.com/github/soarecostin/file-vault/jobs/489032519
I cant download / find the image once uploaded.
For testing purposes made the file public and if manually type the url into the browser it downloads the file, so it's there.
$file = 'https://media.xxxxxxx.com/development/verification/3729828c-4d69-11ec-866b-7f65ebec3fd0/0611fdf9-70e4-4b3f-b33c-bc430fa6d48c.jpg.enc';
if (!\Storage::disk('spaces')->has($path)) {
return 'File not found';
}
Always never found
exception: "Illuminate\Contracts\Filesystem\FileNotFoundException"
file: "/laravel/framework/src/Illuminate/Filesystem/FilesystemAdapter.php"
line: 159
message: "File not found at path: https:/media.xxxxxxxxx.com/development/verification/3729828c-4d69-11ec-866b-7f65ebec3fd0/0611fdf9-70e4-4b3f-b33c-bc430fa6d48c.jpg.enc"
But other than not finding the file, how can I view the image. The encrypted files are all images so basically the user uploads 3 images, it get encrypted, admin needs to review these images so they need to see it on the admin section of the site. How is this possible?
I do not want to download the image in the browser, simply pull the encrypted file, decrypt it and return a base_64 image to the browser in an API json response?
Hey @soarecostin,
I encrypt my uploaded files with a custom key and save the key in a separate database (per file one key).
But I can't decrypt my files.
Am I missing something or am I just too stupid?
Thanks in advance.
Hi @soarecostin , thank you for the great library.
I noticed in my app that sometimes I had decryption errors on files from s3, but trying the same operation on the same file some seconds later would suggest.
I noticed that the FileEncrypter has a check in place to handle different chunk sizes received from s3:
// Because Amazon S3 will randomly return smaller sized chunks:
// Check if the size read from the stream is different than the requested chunk size
// In this scenario, request the chunk again, unless this is the last chunk
if (strlen($ciphertext) !== 16 * (self::FILE_ENCRYPTION_BLOCKS + 1)
&& $i + 1 < $numberOfChunks
) {
fseek($fpIn, 16 + 16 * (self::FILE_ENCRYPTION_BLOCKS + 1) * $i);
continue;
}
I added some custom logs and noticed that the bug always happens while trying to decode the last block. Could it happen when S3 return the last chunk with a wrong size? There doesn't appear to be any checks in place to detect (and fix) such an occurrance.
I will try to fix the issue and submit a pull requests in case of success
I am uploading encrypted files to s3, and when i try to decrypt them sometimes it worked but sometimes it doesnt and without changing anything, not sure where issues lies and it says :
"message": "Decryption failed", "exception": "Exception", "file": "/var/www/pms6_auth/vendor/soarecostin/file-vault/src/FileEncrypter.php", "line": 152,
I have implemented a system with keys and hooked up to S3. Most of the time it works like a dream, files will upload, encrypt and then my queue sends it to S3. Downloading uses stream decrypt, just as the docs mention.
Occasionally though, I'll have a file which when i download through streamDecrypt will just do nothing. I can't get any kind of error message out of it either. If I upload the exact same file and try downloading that, it will work. But that original one doesn't.
Looking in S3, it did successfully upload, the file size is correct on each upload of the same file, but some download and others dont. It has me really stumped.
How might i get some kind of debug info out of the streamDecrypt so I can find out why some files it just doesn't like?
Here's my download script:
$path = $file->file_url.$file->file_name.'.enc';
if (Storage::disk('s3')->has($path)) {
return response()->streamDownload(function () use($path, $encryptionKey) {
if($encryptionKey){ // it will use the default encryption key if doc-library
FileVault::disk('s3')->key($encryptionKey)->streamDecrypt($path);
}else{
FileVault::disk('s3')->streamDecrypt($path);
}
}, $file->file_name, array(
'Content-Type' => str_replace('-', '/', $file->mime) // mime stored in db as example: 'image-jpeg'
));
}else{
echo 'File not found';
}
Thanks
$crypt = new FileEncrypter(config('file-vault.key'), config('file-vault.cipher'));
$crypt->encrypt('local-path', 's3://bucket-name/path');
It working in my case.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.