S3EncryptionMultipartUploaderV2
extends MultipartUploader
in package
Uses
CipherBuilderTrait, CryptoParamsTraitV2, EncryptionTraitV2, UserAgentTrait
Encapsulates the execution of a multipart upload of an encrypted object to S3.
Note that for PHP versions of < 7.1, this class uses an AES-GCM polyfill for encryption since there is no native PHP support. The performance for large inputs will be a lot slower than for PHP 7.1+, so upgrading older PHP version environments may be necessary to use this effectively.
Table of Contents
Constants
- CRYPTO_VERSION = '2.1'
- PART_MAX_NUM = 10000
- PART_MAX_SIZE = 5368709120
- PART_MIN_SIZE = 5242880
Methods
- __construct() : mixed
- Creates a multipart upload for an S3 object after encrypting it.
- getStateFromService() : UploadState
- Creates an UploadState object for a multipart upload by querying the service for the specified upload's information.
- isSupportedCipher() : bool
- Returns if the passed cipher name is supported for encryption by the SDK.
Constants
CRYPTO_VERSION
public
mixed
CRYPTO_VERSION
= '2.1'
PART_MAX_NUM
public
mixed
PART_MAX_NUM
= 10000
PART_MAX_SIZE
public
mixed
PART_MAX_SIZE
= 5368709120
PART_MIN_SIZE
public
mixed
PART_MIN_SIZE
= 5242880
Methods
__construct()
Creates a multipart upload for an S3 object after encrypting it.
public
__construct(S3ClientInterface $client, mixed $source[, array<string|int, mixed> $config = [] ]) : mixed
Note that for PHP versions of < 7.1, this class uses an AES-GCM polyfill for encryption since there is no native PHP support. The performance for large inputs will be a lot slower than for PHP 7.1+, so upgrading older PHP version environments may be necessary to use this effectively.
The required configuration options are as follows:
- @MaterialsProvider: (MaterialsProviderV2) Provides Cek, Iv, and Cek encrypting/decrypting for encryption metadata.
- @CipherOptions: (array) Cipher options for encrypting data. A Cipher is required. Accepts the following options: - Cipher: (string) gcm See also: AbstractCryptoClientV2::$supportedCiphers - KeySize: (int) 128|256 See also: MaterialsProvider::$supportedKeySizes - Aad: (string) Additional authentication data. This option is passed directly to OpenSSL when using gcm.
- @KmsEncryptionContext: (array) Only required if using KmsMaterialsProviderV2. An associative array of key-value pairs to be added to the encryption context for KMS key encryption. An empty array may be passed if no additional context is desired.
- bucket: (string) Name of the bucket to which the object is being uploaded.
- key: (string) Key to use for the object being uploaded.
The optional configuration arguments are as follows:
- @MetadataStrategy: (MetadataStrategy|string|null) Strategy for storing MetadataEnvelope information. Defaults to using a HeadersMetadataStrategy. Can either be a class implementing MetadataStrategy, a class name of a predefined strategy, or empty/null to default.
- @InstructionFileSuffix: (string|null) Suffix used when writing to an instruction file if an using an InstructionFileMetadataHandler was determined.
- acl: (string) ACL to set on the object being upload. Objects are private by default.
- before_complete: (callable) Callback to invoke before the
CompleteMultipartUpload
operation. The callback should have a function signature likefunction (Aws\Command $command) {...}
. - before_initiate: (callable) Callback to invoke before the
CreateMultipartUpload
operation. The callback should have a function signature likefunction (Aws\Command $command) {...}
. - before_upload: (callable) Callback to invoke before any
UploadPart
operations. The callback should have a function signature likefunction (Aws\Command $command) {...}
. - concurrency: (int, default=int(5)) Maximum number of concurrent
UploadPart
operations allowed during the multipart upload. - params: (array) An array of key/value parameters that will be applied to each of the sub-commands run by the uploader as a base. Auto-calculated options will override these parameters. If you need more granularity over parameters to each sub-command, use the before_* options detailed above to update the commands directly.
- part_size: (int, default=int(5242880)) Part size, in bytes, to use when doing a multipart upload. This must between 5 MB and 5 GB, inclusive.
- state: (Aws\Multipart\UploadState) An object that represents the state
of the multipart upload and that is used to resume a previous upload.
When this option is provided, the
bucket
,key
, andpart_size
options are ignored.
Parameters
- $client : S3ClientInterface
-
Client used for the upload.
- $source : mixed
-
Source of the data to upload.
- $config : array<string|int, mixed> = []
-
Configuration used to perform the upload.
getStateFromService()
Creates an UploadState object for a multipart upload by querying the service for the specified upload's information.
public
static getStateFromService(S3ClientInterface $client, string $bucket, string $key, string $uploadId) : UploadState
Parameters
- $client : S3ClientInterface
-
S3Client used for the upload.
- $bucket : string
-
Bucket for the multipart upload.
- $key : string
-
Object key for the multipart upload.
- $uploadId : string
-
Upload ID for the multipart upload.
Return values
UploadStateisSupportedCipher()
Returns if the passed cipher name is supported for encryption by the SDK.
public
static isSupportedCipher(string $cipherName) : bool
Parameters
- $cipherName : string
-
The name of a cipher to verify is registered.
Return values
bool —If the cipher passed is in our supported list.