public function putObjectByContentSecurely($args = array()) { $sek = EncryptionUtil::genereateOnceUsedKey(); $encryptedSek = EncryptionUtil::encodeCek($this->encryptionMaterials, $sek); $content = $args["Content"]; if (empty($content)) { throw new Ks3ClientException("please specifie Content in request args"); } $metaContentLength = EncryptionUtil::metaTextLength($args); $plainTextLength = strlen($content); if ($metaContentLength > 0 && $metaContentLength < $plainTextLength) { $plainTextLength = $metaContentLength; } if ($plainTextLength > 0) { $args["UserMeta"]["x-kss-meta-x-kss-unencrypted-content-length"] = $plainTextLength; } else { throw new Ks3ClientException("unexpected content length " . $plainTextLength); } $content = substr($content, 0, $plainTextLength); $td = mcrypt_module_open(MCRYPT_RIJNDAEL_128, '', MCRYPT_MODE_CBC, ''); $iv = mcrypt_create_iv(mcrypt_enc_get_iv_size($td), MCRYPT_RAND); mcrypt_generic_init($td, $sek, $iv); //对content进行pkcs5填充 $content = EncryptionUtil::PKCS5Padding($content, mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC)); $encrypted = mcrypt_generic($td, $content); mcrypt_generic_deinit($td); $args["ObjectMeta"]["Content-Length"] = strlen($encrypted); $args["Content"] = $encrypted; $args = EncryptionUtil::updateContentMD5Header($args); //TODO $matdesc = "{}"; if (ENCRYPTPTION_STORAGE_MODE == "ObjectMetadata") { $args["UserMeta"]["x-kss-meta-x-kss-key"] = base64_encode($encryptedSek); $args["UserMeta"]["x-kss-meta-x-kss-iv"] = base64_encode($iv); $args["UserMeta"]["x-kss-meta-x-kss-matdesc"] = $matdesc; } $result = $this->ks3client->putObjectByContent($args); if (ENCRYPTPTION_STORAGE_MODE == "InstructionFile") { $req = EncryptionUtil::createInstructionFile($args["Bucket"], $args["Key"], base64_encode($encryptedSek), base64_encode($iv), $matdesc); $this->ks3client->putObjectByContent($req); } return $result; }
public static function plainTextLength($args) { if (isset($args["Content"])) { if (is_array($args["Content"])) { $content = $args["Content"]["content"]; $seek_position = 0; $resourceLength = 0; $length = -1; $isFile = FALSE; if (!is_resource($content)) { $isFile = TRUE; //如果之前用户已经转化为GBK则不转换 if (Utils::chk_chinese($content) && !Utils::check_char($content)) { $content = iconv('utf-8', 'gbk', $content); } if (!file_exists($content)) { throw new Ks3ClientException("the specified file does not exist "); } $length = Utils::getFileSize($content); $content = fopen($content, "r"); } else { $stats = fstat($content); if ($stats && $stats["size"] >= 0) { $length = $stats["size"]; } } $resourceLength = $length; //优先取用户设置seek_position,没有的话取ftell if (isset($args["Content"]["seek_position"]) && $args["Content"]["seek_position"] > 0) { $seek_position = $args["Content"]["seek_position"]; } else { if (!$isFile) { $seek_position = ftell($content); if ($seek_position < 0) { $seek_position = 0; } fseek($content, 0); } } $lengthInMeta = -1; if (isset($args["ObjectMeta"]["Content-Length"])) { $lengthInMeta = $args["ObjectMeta"]["Content-Length"]; } if ($lengthInMeta > 0) { $length = $lengthInMeta; } else { if ($resourceLength > 0) { //根据seek_position计算实际长度 $length = $resourceLength - $seek_position; } } if ($length <= 0) { throw new Ks3ClientException("calculate content length failed,unexpected contetn length " . $length); } return $length; } else { $content = $args["Content"]; $lengthInMeta = EncryptionUtil::metaTextLength($args); $length = strlen($content); if ($length < $lengthInMeta || $lengthInMeta <= 0) { return $length; } else { return $lengthInMeta; } } } return -1; }