WP Offload S3 Lite - Version 2.4.2

Version Description

= 2.3 = This is a major upgrade that switches to using a custom table for storing data about offloaded Media Library items. Once upgraded you will not be able to downgrade without restoring data from a backup.

= 2.0 = This is a major upgrade that introduces support for DigitalOcean Spaces, renames the plugin to WP Offload Media Lite, and coincidentally upgrades some of its database settings. You may not be able to downgrade to WP Offload S3 Lite 1.x after upgrading to WP Offload Media Lite 2.0+.

= 1.1 = This is a major change, which ensures S3 URLs are no longer saved in post content. Instead, local URLs are filtered on page generation and replaced with the S3 version. If you depend on the S3 URLs being stored in post content you will need to make modifications to support this version.

= 0.6 = This version requires PHP 5.3.3+ and the Amazon Web Services plugin

Download this release

Release Info

Developer deliciousbrains
Plugin Icon 128x128 WP Offload S3 Lite
Version 2.4.2
Comparing to
See all releases

Code changes from version 2.4.1 to 2.4.2

Files changed (87) hide show
  1. README.md +9 -1
  2. assets/css/styles.css +1 -1
  3. assets/sass/styles.scss +0 -2
  4. classes/amazon-s3-and-cloudfront.php +1 -1
  5. classes/filters/as3cf-local-to-s3.php +5 -2
  6. classes/providers/storage/aws-provider.php +8 -5
  7. languages/amazon-s3-and-cloudfront-en.pot +1 -1
  8. readme.txt +9 -1
  9. vendor/Aws3/Aws/Api/DateTimeResult.php +59 -1
  10. vendor/Aws3/Aws/Api/ErrorParser/AbstractErrorParser.php +1 -0
  11. vendor/Aws3/Aws/Api/Parser/AbstractRestParser.php +1 -4
  12. vendor/Aws3/Aws/Api/Parser/JsonParser.php +1 -7
  13. vendor/Aws3/Aws/Api/Parser/MetadataParserTrait.php +1 -4
  14. vendor/Aws3/Aws/Api/Parser/XmlParser.php +4 -3
  15. vendor/Aws3/Aws/AwsClient.php +18 -6
  16. vendor/Aws3/Aws/ClientResolver.php +28 -3
  17. vendor/Aws3/Aws/ClientSideMonitoring/ConfigurationProvider.php +5 -1
  18. vendor/Aws3/Aws/CloudFront/CloudFrontClient.php +74 -46
  19. vendor/Aws3/Aws/Credentials/CredentialProvider.php +5 -1
  20. vendor/Aws3/Aws/Crypto/AbstractCryptoClient.php +8 -3
  21. vendor/Aws3/Aws/Crypto/AbstractCryptoClientV2.php +98 -0
  22. vendor/Aws3/Aws/Crypto/AesGcmDecryptingStream.php +12 -5
  23. vendor/Aws3/Aws/Crypto/AesGcmEncryptingStream.php +24 -6
  24. vendor/Aws3/Aws/Crypto/AesStreamInterfaceV2.php +29 -0
  25. vendor/Aws3/Aws/Crypto/Cipher/Cbc.php +6 -0
  26. vendor/Aws3/Aws/Crypto/Cipher/CipherBuilderTrait.php +2 -1
  27. vendor/Aws3/Aws/Crypto/DecryptionTrait.php +5 -4
  28. vendor/Aws3/Aws/Crypto/DecryptionTraitV2.php +138 -0
  29. vendor/Aws3/Aws/Crypto/EncryptionTrait.php +3 -1
  30. vendor/Aws3/Aws/Crypto/EncryptionTraitV2.php +122 -0
  31. vendor/Aws3/Aws/Crypto/KmsMaterialsProvider.php +14 -6
  32. vendor/Aws3/Aws/Crypto/KmsMaterialsProviderV2.php +69 -0
  33. vendor/Aws3/Aws/Crypto/MaterialsProvider.php +1 -1
  34. vendor/Aws3/Aws/Crypto/MaterialsProviderInterface.php +57 -0
  35. vendor/Aws3/Aws/Crypto/MaterialsProviderInterfaceV2.php +50 -0
  36. vendor/Aws3/Aws/Crypto/MaterialsProviderV2.php +57 -0
  37. vendor/Aws3/Aws/Crypto/MetadataEnvelope.php +0 -1
  38. vendor/Aws3/Aws/Crypto/Polyfill/AesGcm.php +163 -0
  39. vendor/Aws3/Aws/Crypto/Polyfill/ByteArray.php +234 -0
  40. vendor/Aws3/Aws/Crypto/Polyfill/Gmac.php +175 -0
  41. vendor/Aws3/Aws/Crypto/Polyfill/Key.php +73 -0
  42. vendor/Aws3/Aws/Crypto/Polyfill/NeedsTrait.php +38 -0
  43. vendor/Aws3/Aws/Endpoint/PartitionEndpointProvider.php +2 -2
  44. vendor/Aws3/Aws/EndpointDiscovery/ConfigurationProvider.php +25 -5
  45. vendor/Aws3/Aws/EndpointDiscovery/EndpointDiscoveryMiddleware.php +5 -2
  46. vendor/Aws3/Aws/Exception/AwsException.php +12 -0
  47. vendor/Aws3/Aws/Exception/CryptoException.php +11 -0
  48. vendor/Aws3/Aws/Exception/CryptoPolyfillException.php +11 -0
  49. vendor/Aws3/Aws/Retry/Configuration.php +44 -0
  50. vendor/Aws3/Aws/Retry/ConfigurationInterface.php +29 -0
  51. vendor/Aws3/Aws/Retry/ConfigurationProvider.php +177 -0
  52. vendor/Aws3/Aws/Retry/Exception/ConfigurationException.php +13 -0
  53. vendor/Aws3/Aws/Retry/QuotaManager.php +65 -0
  54. vendor/Aws3/Aws/Retry/RateLimiter.php +143 -0
  55. vendor/Aws3/Aws/Retry/RetryHelperTrait.php +46 -0
  56. vendor/Aws3/Aws/RetryMiddleware.php +17 -50
  57. vendor/Aws3/Aws/RetryMiddlewareV2.php +235 -0
  58. vendor/Aws3/Aws/S3/AmbiguousSuccessParser.php +7 -2
  59. vendor/Aws3/Aws/S3/ApplyChecksumMiddleware.php +12 -6
  60. vendor/Aws3/Aws/S3/Crypto/CryptoParamsTraitV2.php +16 -0
  61. vendor/Aws3/Aws/S3/Crypto/HeadersMetadataStrategy.php +2 -2
  62. vendor/Aws3/Aws/S3/Crypto/S3EncryptionClient.php +28 -6
  63. vendor/Aws3/Aws/S3/Crypto/S3EncryptionClientV2.php +371 -0
  64. vendor/Aws3/Aws/S3/Crypto/S3EncryptionMultipartUploader.php +13 -2
  65. vendor/Aws3/Aws/S3/Crypto/S3EncryptionMultipartUploaderV2.php +148 -0
  66. vendor/Aws3/Aws/S3/Crypto/UserAgentTrait.php +26 -0
  67. vendor/Aws3/Aws/S3/MultipartCopy.php +4 -3
  68. vendor/Aws3/Aws/S3/PostObjectV4.php +1 -1
  69. vendor/Aws3/Aws/S3/RegionalEndpoint/ConfigurationProvider.php +5 -1
  70. vendor/Aws3/Aws/S3/S3Client.php +46 -29
  71. vendor/Aws3/Aws/S3/S3EndpointMiddleware.php +14 -6
  72. vendor/Aws3/Aws/S3/StreamWrapper.php +1 -1
  73. vendor/Aws3/Aws/S3/UseArnRegion/ConfigurationProvider.php +5 -1
  74. vendor/Aws3/Aws/Sdk.php +17 -1
  75. vendor/Aws3/Aws/Sts/Exception/StsException.php +11 -0
  76. vendor/Aws3/Aws/Sts/RegionalEndpoints/Configuration.php +29 -0
  77. vendor/Aws3/Aws/Sts/RegionalEndpoints/ConfigurationInterface.php +22 -0
  78. vendor/Aws3/Aws/Sts/RegionalEndpoints/ConfigurationProvider.php +169 -0
  79. vendor/Aws3/Aws/Sts/RegionalEndpoints/Exception/ConfigurationException.php +13 -0
  80. vendor/Aws3/Aws/Sts/StsClient.php +74 -0
  81. vendor/Aws3/Aws/data/accessanalyzer/2019-11-01/api-2.json.php +1 -1
  82. vendor/Aws3/Aws/data/acm-pca/2017-08-22/api-2.json.php +1 -1
  83. vendor/Aws3/Aws/data/acm/2015-12-08/api-2.json.php +1 -1
  84. vendor/Aws3/Aws/data/alexaforbusiness/2017-11-09/api-2.json.php +1 -1
  85. vendor/Aws3/Aws/data/amplify/2017-07-25/api-2.json.php +1 -1
  86. vendor/Aws3/Aws/data/apigateway/2015-07-09/api-2.json.php +1 -1
  87. vendor/Aws3/Aws/data/apigatewayv2/2018-11-29/api-2.json.php +0 -1
README.md CHANGED
@@ -4,7 +4,7 @@
4
  **Requires at least:** 4.9
5
  **Tested up to:** 5.5
6
  **Requires PHP:** 5.5
7
- **Stable tag:** 2.4.1
8
  **License:** GPLv3
9
 
10
  Copies files to Amazon S3, DigitalOcean Spaces or Google Cloud Storage as they are uploaded to the Media Library. Optionally configure Amazon CloudFront or another CDN for faster delivery.
@@ -89,6 +89,14 @@ This version requires PHP 5.3.3+ and the Amazon Web Services plugin
89
 
90
  ## Changelog ##
91
 
 
 
 
 
 
 
 
 
92
  ### WP Offload Media Lite 2.4.1 - 2020-07-21 ###
93
  * Bug fix: Fatal Error with EWWW Image Optimizer 5.5 or earlier installed
94
  * Bug fix: AWS SDK "Warning: is_readable(): open_basedir restriction in effect" message when Use ARN Region in effect
4
  **Requires at least:** 4.9
5
  **Tested up to:** 5.5
6
  **Requires PHP:** 5.5
7
+ **Stable tag:** 2.4.2
8
  **License:** GPLv3
9
 
10
  Copies files to Amazon S3, DigitalOcean Spaces or Google Cloud Storage as they are uploaded to the Media Library. Optionally configure Amazon CloudFront or another CDN for faster delivery.
89
 
90
  ## Changelog ##
91
 
92
+ ### WP Offload Media Lite 2.4.2 - 2020-08-27 ###
93
+ * Improvement: Updated AWS PHP SDK to v3.150.1
94
+ * Bug fix: Image thumbnail URLs in custom HTML not rewritten to delivery provider URLs
95
+ * Bug fix: Background processes do not start when PHP memory limit in gigabytes
96
+ * Bug fix: PHP Fatal error: require(): Failed opening required '.../vendor/Aws3/Aws/Sts/StsClient.php'
97
+ * Bug fix: AWS SDK "Warning: is_readable(): open_basedir restriction in effect" message from Regional Endpoint check
98
+ * Bug fix: Bottom and right button borders in settings page are clipped when focused
99
+
100
  ### WP Offload Media Lite 2.4.1 - 2020-07-21 ###
101
  * Bug fix: Fatal Error with EWWW Image Optimizer 5.5 or earlier installed
102
  * Bug fix: AWS SDK "Warning: is_readable(): open_basedir restriction in effect" message when Use ARN Region in effect
assets/css/styles.css CHANGED
@@ -1 +1 @@
1
- .as3cf-content,.as3cf-updated,.as3cf-compatibility-notice{-webkit-box-sizing:border-box;box-sizing:border-box;max-width:650px}.settings_page_amazon-s3-and-cloudfront .error,.settings_page_amazon-s3-and-cloudfront .notice,.settings_page_amazon-s3-and-cloudfront .updated{-webkit-box-sizing:border-box;box-sizing:border-box;max-width:650px}.as3cf-main.wrap{position:relative}.as3cf-main.wrap>h1{float:left}.as3cf-main.wrap .as3cf-notice,.as3cf-main.wrap .as3cf-updated,.as3cf-main.wrap .as3cf-error{-webkit-box-sizing:border-box;box-sizing:border-box}.as3cf-main.wrap .as3cf-error.fatal{clear:both}.as3cf-main.wrap h2.nav-tab-wrapper{float:none;margin-bottom:15px;width:650px;margin-top:10px;padding:9px 0 0 5px}.as3cf-main.wrap h2.nav-tab-wrapper .nav-tab-container{float:right}.as3cf-main.wrap h2.nav-tab-wrapper .nav-tab-container :last-child{margin-right:5px}.as3cf-main.wrap h2.nav-tab-wrapper a.nav-tab-active{color:#464646;cursor:default}.as3cf-main.wrap h2.nav-tab-wrapper a:focus{-webkit-box-shadow:none;box-shadow:none}.as3cf-main.wrap .more-info{white-space:nowrap}.as3cf-main.wrap .error pre{background:#eaeaea;background:rgba(0,0,0,0.07);display:block;padding:10px 15px}.as3cf-main.wrap .error pre code{padding:0;background:none}.as3cf-main.wrap[data-tab="support"] .as3cf-notice,.as3cf-main.wrap[data-tab="support"] .error,.as3cf-main.wrap[data-tab="support"] .updated,.as3cf-main.wrap[data-tab="support"] .updated.show{display:none}.as3cf-main.wrap[data-tab="support"] .fatal .error,.as3cf-main.wrap[data-tab="support"] .as3cf-notice.important,.as3cf-main.wrap[data-tab="support"] .dbrains-api-down{display:block}.as3cf-main.wrap .as3cf-notice,.as3cf-main.wrap .error,.as3cf-main.wrap .updated{max-width:650px;margin-top:15px;-webkit-box-sizing:border-box;box-sizing:border-box}.as3cf-main.wrap .as3cf-updated{display:none}.as3cf-main.wrap .as3cf-updated.as3cf-notice,.as3cf-main.wrap .as3cf-updated.show{display:block}.as3cf-main.wrap .alignleft{margin-right:20px;margin-bottom:20px}.as3cf-main.wrap .spinner{min-width:20px}.as3cf-tab .as3cf-main-settings .as3cf-provider-select{display:none}.as3cf-tab .as3cf-main-settings .as3cf-bucket-container,.as3cf-tab .as3cf-main-settings .as3cf-change-bucket-access-prompt{display:none}.as3cf-tab .as3cf-main-settings .as3cf-bucket-container h3,.as3cf-tab .as3cf-main-settings .as3cf-change-bucket-access-prompt h3{margin-bottom:-0.5em}.as3cf-tab .as3cf-main-settings a.as3cf-change-provider{display:none}.as3cf-tab .as3cf-main-settings .as3cf-delivery-provider-select{display:none}.as3cf-tab .as3cf-main-settings .as3cf-media-settings{display:none}.as3cf-tab.as3cf-needs-access-keys .as3cf-can-write-error,.as3cf-tab.as3cf-has-access-keys.as3cf-change-provider .as3cf-can-write-error{display:none}.as3cf-tab.as3cf-needs-access-keys .as3cf-main-settings .as3cf-provider-select,.as3cf-tab.as3cf-has-access-keys.as3cf-change-provider .as3cf-main-settings .as3cf-provider-select{display:block}.as3cf-tab.as3cf-needs-access-keys .as3cf-main-settings .as3cf-bucket-container,.as3cf-tab.as3cf-has-access-keys.as3cf-change-provider .as3cf-main-settings .as3cf-bucket-container{display:none}.as3cf-tab.as3cf-needs-access-keys .as3cf-main-settings .as3cf-change-bucket-access-prompt,.as3cf-tab.as3cf-has-access-keys.as3cf-change-provider .as3cf-main-settings .as3cf-change-bucket-access-prompt{display:none}.as3cf-tab.as3cf-needs-access-keys .as3cf-main-settings .as3cf-delivery-provider-select,.as3cf-tab.as3cf-has-access-keys.as3cf-change-provider .as3cf-main-settings .as3cf-delivery-provider-select{display:none}.as3cf-tab.as3cf-needs-access-keys .as3cf-main-settings .as3cf-media-settings,.as3cf-tab.as3cf-has-access-keys.as3cf-change-provider .as3cf-main-settings .as3cf-media-settings{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-needs-bucket:not(.as3cf-change-provider) .as3cf-can-write-error,.as3cf-tab.as3cf-has-access-keys.as3cf-change-bucket:not(.as3cf-change-provider) .as3cf-can-write-error{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-needs-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-provider-select,.as3cf-tab.as3cf-has-access-keys.as3cf-change-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-needs-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-bucket-container,.as3cf-tab.as3cf-has-access-keys.as3cf-change-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-bucket-container{display:block}.as3cf-tab.as3cf-has-access-keys.as3cf-needs-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-change-bucket-access-prompt,.as3cf-tab.as3cf-has-access-keys.as3cf-change-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-change-bucket-access-prompt{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-needs-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-delivery-provider-select,.as3cf-tab.as3cf-has-access-keys.as3cf-change-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-delivery-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-needs-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-media-settings,.as3cf-tab.as3cf-has-access-keys.as3cf-change-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-media-settings{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-bucket-access .as3cf-can-write-error{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-bucket-access .as3cf-main-settings .as3cf-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-bucket-access .as3cf-main-settings .as3cf-bucket-container{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-bucket-access .as3cf-main-settings .as3cf-change-bucket-access-prompt{display:block}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-bucket-access .as3cf-main-settings .as3cf-delivery-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-bucket-access .as3cf-main-settings .as3cf-media-settings{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-delivery-provider .as3cf-can-write-error{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-delivery-provider .as3cf-main-settings .as3cf-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-delivery-provider .as3cf-main-settings .as3cf-bucket-container{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-delivery-provider .as3cf-main-settings .as3cf-change-bucket-access-prompt{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-delivery-provider .as3cf-main-settings .as3cf-delivery-provider-select{display:block}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-delivery-provider .as3cf-main-settings .as3cf-media-settings{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket:not(.as3cf-change-provider):not(.as3cf-change-bucket):not(.as3cf-change-bucket-access):not(.as3cf-change-delivery-provider) .as3cf-main-settings .as3cf-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket:not(.as3cf-change-provider):not(.as3cf-change-bucket):not(.as3cf-change-bucket-access):not(.as3cf-change-delivery-provider) .as3cf-main-settings .as3cf-bucket-container{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket:not(.as3cf-change-provider):not(.as3cf-change-bucket):not(.as3cf-change-bucket-access):not(.as3cf-change-delivery-provider) .as3cf-main-settings .as3cf-change-bucket-access-prompt{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket:not(.as3cf-change-provider):not(.as3cf-change-bucket):not(.as3cf-change-bucket-access):not(.as3cf-change-delivery-provider) .as3cf-main-settings .as3cf-delivery-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket:not(.as3cf-change-provider):not(.as3cf-change-bucket):not(.as3cf-change-bucket-access):not(.as3cf-change-delivery-provider) .as3cf-main-settings .as3cf-media-settings{display:block}.as3cf-content>section{margin-bottom:20px}.as3cf-content>section+section.as3cf-access-keys{padding-top:20px;border-top:1px solid #d3d3d3}.as3cf-content>section+section.as3cf-access-keys .as3cf-section-heading{margin-top:0}.as3cf-tab{display:none;position:relative;width:650px}.as3cf-tab .as3cf-main-settings p{font-size:13px}.as3cf-tab .as3cf-main-settings p a{color:#444}.as3cf-tab .object-prefix-desc em{white-space:nowrap}.as3cf-tab .as3cf-url-preview-wrap{background:#fff;text-align:center;padding:20px 0 0;max-width:650px;width:100%;-webkit-box-sizing:border-box;box-sizing:border-box}.as3cf-tab .as3cf-url-preview-wrap .as3cf-url-preview{margin-top:10px;padding:0 20px 10px;overflow-x:scroll}.as3cf-tab .as3cf-url-preview-wrap span{color:#aaa;text-transform:uppercase;font-weight:bold}.as3cf-tab .as3cf-radio-group label{display:block;margin-bottom:10px}.as3cf-tab .as3cf-radio-group label.disabled,.as3cf-tab .as3cf-radio-group label.disabled p{color:#bbb;cursor:default}.as3cf-tab .as3cf-radio-group p{padding-left:25px;color:#6b6b6b;margin:0;font-size:12px}.as3cf-tab .as3cf-radio-group p.as3cf-setting{margin-top:5px}.as3cf-tab .as3cf-switch{position:relative;display:inline-block;padding:2px;overflow:hidden;border-radius:2px;background-color:#d4d3d3;cursor:pointer}.as3cf-tab .as3cf-switch.on{background-color:#ade7b5}.as3cf-tab .as3cf-switch span{visibility:hidden;-webkit-box-sizing:border-box;box-sizing:border-box;float:left;display:inline-block;height:100%;font-size:12px;line-height:20px;border-radius:2px;font-weight:bold;padding:4px 8px;background:#fff;color:#8d8d8d;z-index:1}.as3cf-tab .as3cf-switch span.on{color:#82d78b}.as3cf-tab .as3cf-switch span.checked{visibility:visible}.as3cf-tab .as3cf-switch.disabled{cursor:default;background:#e6e6e6}.as3cf-tab .as3cf-switch.disabled span{background:#f1f1f1;color:#d6d6d6}.as3cf-tab .as3cf-switch input[type="checkbox"]{position:absolute !important;top:0;left:0;opacity:0;filter:alpha(opacity=0);z-index:-1}.as3cf-tab .as3cf-setting.hide{display:none}.as3cf-tab .as3cf-setting .as3cf-sub-setting .as3cf-sub-setting-heading{padding-top:15px}.as3cf-tab .as3cf-setting .as3cf-sub-setting .as3cf-defined-in-config{margin-top:15px}.as3cf-tab div.as3cf-setting{margin-top:4px}.as3cf-tab h3{font-weight:normal;text-transform:uppercase}.as3cf-tab .form-table{margin:0}.as3cf-tab .form-table tr.as3cf-border-bottom td{border-bottom:1px solid #ddd;padding:20px 0px}.as3cf-tab .form-table tr.as3cf-setting-title td{padding-bottom:0}.as3cf-tab .form-table tr.as3cf-setting-title:first-child td{padding-top:20px}.as3cf-tab .form-table tr.configure-url:first-child td{padding-top:5px;padding-bottom:0}.as3cf-tab .form-table tr.hide{display:none}.as3cf-tab .form-table tr td{padding:15px 0}.as3cf-tab .form-table tr td:first-child{vertical-align:top;min-width:120px;padding-top:20px}.as3cf-tab .form-table tr td .as3cf-notice:last-child{margin-bottom:0}.as3cf-tab .form-table tr td>p:first-child{margin-top:0}.as3cf-tab .form-table h3{padding:0;margin:0}.as3cf-tab .form-table h4{margin:0}.as3cf-tab .as3cf-active-region{font-style:italic}.as3cf-tab .as3cf-view-bucket{color:#444;text-decoration:none;margin-right:10px}.as3cf-tab .as3cf-view-bucket:hover,.as3cf-tab .as3cf-view-bucket:active{color:#00a0d2}.as3cf-tab .as3cf-view-bucket:focus{-webkit-box-shadow:none;box-shadow:none}.as3cf-tab .as3cf-view-bucket .dashicons-external{margin-top:-2px}.as3cf-tab .tooltip{position:relative;z-index:2;cursor:pointer}.as3cf-tab .tooltip:before,.as3cf-tab .tooltip:after{visibility:hidden;-ms-filter:"progid:DXImageTransform.Microsoft.Alpha(Opacity=0)";filter:progid:DXImageTransform.Microsoft.Alpha(Opacity=0);opacity:0;pointer-events:none}.as3cf-tab .tooltip:before{position:absolute;bottom:150%;left:50%;margin-bottom:5px;margin-left:-250px;padding:10px;width:500px;border-radius:3px;background-color:#000;background-color:rgba(51,51,51,0.9);color:#fff;content:attr(data-tooltip);text-align:center;font-size:14px;line-height:1.3}.as3cf-tab .tooltip:after{position:absolute;bottom:150%;left:50%;margin-left:-5px;width:0;border-top:5px solid #000;border-top:5px solid rgba(51,51,51,0.9);border-right:5px solid transparent;border-left:5px solid transparent;content:" ";font-size:0;line-height:0}.as3cf-tab .tooltip:hover:before,.as3cf-tab .tooltip:hover:after{visibility:visible;-ms-filter:"progid:DXImageTransform.Microsoft.Alpha(Opacity=100)";filter:progid:DXImageTransform.Microsoft.Alpha(Opacity=100);opacity:1}.as3cf-tab .as3cf-defined-in-config{background:#ccc;color:#fff;padding:2px 5px;margin:0 0 3px 5px;float:right;white-space:nowrap;clear:right}.as3cf-tab .as3cf-defined-setting,.as3cf-tab .as3cf-locked-setting{color:#bbb}.as3cf-tab .as3cf-defined-setting label,.as3cf-tab .as3cf-locked-setting label{cursor:default}.as3cf-tab .as3cf-defined-setting p .more-info a,.as3cf-tab .as3cf-locked-setting p .more-info a{color:#bbb}.as3cf-tab .as3cf-defined-setting .as3cf-radio-group p,.as3cf-tab .as3cf-locked-setting .as3cf-radio-group p{color:#bbb}.as3cf-tab .as3cf-defined-setting .as3cf-notice,.as3cf-tab .as3cf-locked-setting .as3cf-notice{display:none !important}.as3cf-tab p.actions{margin:30px 0;border-top:1px solid #ccc;padding-top:15px;overflow:hidden}.as3cf-tab p.actions button,.as3cf-tab p.actions .right{float:right;margin-left:15px;margin-right:0;min-width:90px}.as3cf-tab p.actions button:last-of-type,.as3cf-tab p.actions .right:last-of-type{margin-left:0}.as3cf-tab p.actions span{display:inline-block;margin-right:20px;line-height:28px}.as3cf-tab .locked .as3cf-radio-group label,.as3cf-tab .locked .as3cf-radio-group label p{color:#bbb;cursor:default}.as3cf-tab .locked .as3cf-switch{cursor:default;background:#e6e6e6}.as3cf-tab .locked .as3cf-switch span{background:#f1f1f1;color:#d6d6d6}#tab-media{display:block}#tab-media .as3cf-provider-setting td{padding-top:20px;padding-bottom:5px}#tab-media .as3cf-bucket-setting td{padding:5px 0}.as3cf-bucket-container h3{line-height:1.3;text-transform:none}.as3cf-bucket-container a:focus{-webkit-box-shadow:none;box-shadow:none;outline:none}.as3cf-bucket-container input[type=text]{-webkit-box-sizing:border-box;box-sizing:border-box;width:100%}.as3cf-bucket-container select{-webkit-box-sizing:border-box;box-sizing:border-box;width:50%}.as3cf-bucket-container .form-table .as3cf-provider-setting h4{font-weight:inherit;margin:0}.as3cf-bucket-container .form-table .as3cf-bucket-list{margin:5px 0 0 0}.as3cf-bucket-container .form-table td{padding:5px 0}.as3cf-bucket-container .form-table td:first-child{width:100px;line-height:30px;vertical-align:top}.as3cf-bucket-container .form-table td .as3cf-defined-in-config{margin-top:-1.75em}.as3cf-bucket-container .as3cf-bucket-list{padding:15px;max-height:200px;overflow-x:hidden;overflow-y:auto;background-color:#fff;font-size:14px}.as3cf-bucket-container .as3cf-bucket-list li:last-of-type{margin-bottom:0}.as3cf-bucket-container .as3cf-bucket-list a{color:#444;text-decoration:none}.as3cf-bucket-container .as3cf-bucket-list a:hover{color:#0074a2}.as3cf-bucket-container .as3cf-bucket-list a.selected{font-weight:bold;color:#0074a2}.as3cf-bucket-container .as3cf-bucket-list a .dashicons{margin-right:5px}.as3cf-change-bucket-access-prompt h3{line-height:1.3;text-transform:none}.as3cf-change-bucket-access-prompt .as3cf-radio-group{margin-bottom:25px}.as3cf-change-bucket-access-prompt .note{color:#999}.as3cf-delivery-provider-select h3{line-height:1.3;text-transform:none}.as3cf-delivery-provider-select .note{color:#999}#tab-media{display:block}#tab-support{min-height:900px}#tab-support .as3cf-sidebar{top:11px}#tab-support .support-section{border-bottom:1px solid #ccc;padding-bottom:20px;margin-bottom:20px}#tab-support .support-section h3{font-size:20px}#tab-support .debug textarea{width:100%;min-height:200px;font-family:Consolas, Monaco, monospace;margin-bottom:5px}.as3cf-sidebar{position:absolute;top:9px;left:670px;width:292px}.as3cf-sidebar.lite{margin-top:35px;background:white;border-radius:7px;border:1px solid #D9E1EB;overflow:hidden;-webkit-box-shadow:0 1px 2px 0 rgba(0,0,0,0.1);box-shadow:0 1px 2px 0 rgba(0,0,0,0.1)}.as3cf-sidebar .block{padding:20px;border:1px solid #ccc}.as3cf-sidebar .subscribe{border-top:none;text-align:center;padding:40px 20px}.as3cf-sidebar .subscribe h2{padding:0;margin:0;margin-bottom:0.5em;color:#666;font-size:17px;line-height:1.2em;float:none}.as3cf-sidebar .subscribe h3{font-size:16px;margin:20px 0 0}.as3cf-sidebar .subscribe h3 a{background-color:#E9715E;color:white;display:inline-block;font-size:13px;font-weight:bold;letter-spacing:1px;text-transform:uppercase;padding:15px 50px;border-radius:4px;margin-bottom:6px;text-decoration:none;-webkit-box-shadow:0 2px 0 #C6442F;box-shadow:0 2px 0 #C6442F}.as3cf-sidebar .subscribe h3 a:hover{color:rgba(78,13,51,0.65)}.as3cf-sidebar .subscribe p{margin:0}.as3cf-sidebar .subscribe .discount-applied{color:rgba(0,0,0,0.4);font-size:12px;line-height:1.4em;margin-top:10px}.as3cf-sidebar .credits{border-top:0;background:#2E2E31;text-align:center;padding:10px}.as3cf-sidebar .credits h4{font-size:11px;font-weight:normal;color:rgba(255,255,255,0.7);margin-top:0;margin-bottom:10px}.as3cf-sidebar .credits ul{display:inline-block;margin:0}.as3cf-sidebar .credits li{overflow:hidden}.as3cf-sidebar .credits li:last-child{margin-bottom:0}.as3cf-sidebar .credits img{display:inline-block;vertical-align:middle;margin-right:8px}.as3cf-sidebar .credits span{display:inline-block;vertical-align:middle;font-size:12px;line-height:24px}.as3cf-sidebar .credits a{display:block;text-decoration:none;color:white;font-size:12px;text-align:center}.as3cf-sidebar .credits a:hover{color:rgba(255,255,255,0.7)}@media screen and (max-width: 1052px){.as3cf-sidebar{position:relative;top:auto;right:auto}}.as3cf-active-provider,.as3cf-active-bucket{font-weight:bold;margin-right:10px}.as3cf-banner{width:292px;height:156px;display:block;background:#f8cfae url(../img/os3-banner.svg) left bottom/100% no-repeat}.as3cf-banner:focus{-webkit-box-shadow:none;box-shadow:none}.wrap .as3cf-upgrade-details{background-color:#4e0d33;padding:10px 20px 20px 20px;color:#eee;font-size:13px;margin:0;display:block;text-decoration:none}.wrap .as3cf-upgrade-details h1{font-size:27px;color:#f8cfae;margin:0 0 15px 0;padding:0;font-weight:300;line-height:1}.wrap .as3cf-upgrade-details h2{font-size:15px;color:#F8CFAE;margin:0 0 30px 0;font-weight:500;line-height:20px}.wrap .as3cf-upgrade-details p{margin:0}.wrap .as3cf-upgrade-details a{color:#eee;font-weight:bold;text-decoration:none;font-size:16px;-webkit-box-shadow:none;box-shadow:none}.wrap .as3cf-upgrade-details a:hover{color:#fff}.wrap .as3cf-upgrade-details ul{margin:0;list-style:none}.wrap .as3cf-upgrade-details ul li{margin-bottom:15px;line-height:18px;padding-left:25px;background:url(../img/icon-checked.svg) left center no-repeat}.as3cf-compatibility-notice.error{clear:both;margin:5px 20px 5px 0}.as3cf-bucket-error span.title{font-weight:bold}.as3cf-invalid-bucket-name,.as3cf-validation-error{display:block;margin-top:2px;font-size:12px;color:#a00}.as3cf-notice-toggle-content{max-height:100px;overflow-y:scroll}.as3cf-notice-toggle-content .as3cf-notice-toggle-list{margin-top:0;margin-left:0;padding-left:40px;color:#dc3232}.as3cf-need-help{background-color:white;font-size:16px;font-weight:bold;padding:1em}.as3cf-need-help a{text-decoration:none}.as3cf-settings h3{font-size:20px}.as3cf-settings p{font-size:14px}.as3cf-addons,.as3cf-tab .as3cf-compatibility-notice{max-width:cover}textarea.as3cf-access-key-constants-snippet.code{width:100%;white-space:pre;overflow:hidden;font-size:12px;padding:10px;height:53px}.as3cf-addons .as3cf-addons-list{margin:20px 0 200px;padding-top:5px}.as3cf-addons .as3cf-addon{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;padding:20px;font-size:14px}.as3cf-addons .as3cf-addon-info{min-height:100px}.as3cf-addons .as3cf-addon-links{float:right}.as3cf-addons .as3cf-addon-links span{padding:4px 6px}.as3cf-addons .as3cf-addon-icon{float:left;margin-right:20px}.as3cf-addons .as3cf-addon-details{white-space:nowrap}.as3cf-addons .as3cf-addon-title,.as3cf-addons .as3cf-addon-description{font-weight:100}.as3cf-addons .as3cf-addon+.as3cf-addon{margin-top:20px}.as3cf-addons .as3cf-addon.amazon-s3-and-cloudfront-assets-pull{background-color:#0769ad;color:white}.as3cf-addons .as3cf-addon.amazon-s3-and-cloudfront-assets-pull .as3cf-addon-title,.as3cf-addons .as3cf-addon.amazon-s3-and-cloudfront-assets-pull .as3cf-addon-description,.as3cf-addons .as3cf-addon.amazon-s3-and-cloudfront-assets-pull a{color:white}.as3cf-addons .as3cf-addon.amazon-s3-and-cloudfront-assets-pull .extra{background:white}.as3cf-addons .as3cf-addon.amazon-s3-and-cloudfront-assets-pull .extra a{color:#0769ad;text-decoration:none}
1
+ .as3cf-content,.as3cf-updated,.as3cf-compatibility-notice{-webkit-box-sizing:border-box;box-sizing:border-box;max-width:650px}.settings_page_amazon-s3-and-cloudfront .error,.settings_page_amazon-s3-and-cloudfront .notice,.settings_page_amazon-s3-and-cloudfront .updated{-webkit-box-sizing:border-box;box-sizing:border-box;max-width:650px}.as3cf-main.wrap{position:relative}.as3cf-main.wrap>h1{float:left}.as3cf-main.wrap .as3cf-notice,.as3cf-main.wrap .as3cf-updated,.as3cf-main.wrap .as3cf-error{-webkit-box-sizing:border-box;box-sizing:border-box}.as3cf-main.wrap .as3cf-error.fatal{clear:both}.as3cf-main.wrap h2.nav-tab-wrapper{float:none;margin-bottom:15px;width:650px;margin-top:10px;padding:9px 0 0 5px}.as3cf-main.wrap h2.nav-tab-wrapper .nav-tab-container{float:right}.as3cf-main.wrap h2.nav-tab-wrapper .nav-tab-container :last-child{margin-right:5px}.as3cf-main.wrap h2.nav-tab-wrapper a.nav-tab-active{color:#464646;cursor:default}.as3cf-main.wrap h2.nav-tab-wrapper a:focus{-webkit-box-shadow:none;box-shadow:none}.as3cf-main.wrap .more-info{white-space:nowrap}.as3cf-main.wrap .error pre{background:#eaeaea;background:rgba(0,0,0,0.07);display:block;padding:10px 15px}.as3cf-main.wrap .error pre code{padding:0;background:none}.as3cf-main.wrap[data-tab="support"] .as3cf-notice,.as3cf-main.wrap[data-tab="support"] .error,.as3cf-main.wrap[data-tab="support"] .updated,.as3cf-main.wrap[data-tab="support"] .updated.show{display:none}.as3cf-main.wrap[data-tab="support"] .fatal .error,.as3cf-main.wrap[data-tab="support"] .as3cf-notice.important,.as3cf-main.wrap[data-tab="support"] .dbrains-api-down{display:block}.as3cf-main.wrap .as3cf-notice,.as3cf-main.wrap .error,.as3cf-main.wrap .updated{max-width:650px;margin-top:15px;-webkit-box-sizing:border-box;box-sizing:border-box}.as3cf-main.wrap .as3cf-updated{display:none}.as3cf-main.wrap .as3cf-updated.as3cf-notice,.as3cf-main.wrap .as3cf-updated.show{display:block}.as3cf-main.wrap .alignleft{margin-right:20px;margin-bottom:20px}.as3cf-main.wrap .spinner{min-width:20px}.as3cf-tab .as3cf-main-settings .as3cf-provider-select{display:none}.as3cf-tab .as3cf-main-settings .as3cf-bucket-container,.as3cf-tab .as3cf-main-settings .as3cf-change-bucket-access-prompt{display:none}.as3cf-tab .as3cf-main-settings .as3cf-bucket-container h3,.as3cf-tab .as3cf-main-settings .as3cf-change-bucket-access-prompt h3{margin-bottom:-0.5em}.as3cf-tab .as3cf-main-settings a.as3cf-change-provider{display:none}.as3cf-tab .as3cf-main-settings .as3cf-delivery-provider-select{display:none}.as3cf-tab .as3cf-main-settings .as3cf-media-settings{display:none}.as3cf-tab.as3cf-needs-access-keys .as3cf-can-write-error,.as3cf-tab.as3cf-has-access-keys.as3cf-change-provider .as3cf-can-write-error{display:none}.as3cf-tab.as3cf-needs-access-keys .as3cf-main-settings .as3cf-provider-select,.as3cf-tab.as3cf-has-access-keys.as3cf-change-provider .as3cf-main-settings .as3cf-provider-select{display:block}.as3cf-tab.as3cf-needs-access-keys .as3cf-main-settings .as3cf-bucket-container,.as3cf-tab.as3cf-has-access-keys.as3cf-change-provider .as3cf-main-settings .as3cf-bucket-container{display:none}.as3cf-tab.as3cf-needs-access-keys .as3cf-main-settings .as3cf-change-bucket-access-prompt,.as3cf-tab.as3cf-has-access-keys.as3cf-change-provider .as3cf-main-settings .as3cf-change-bucket-access-prompt{display:none}.as3cf-tab.as3cf-needs-access-keys .as3cf-main-settings .as3cf-delivery-provider-select,.as3cf-tab.as3cf-has-access-keys.as3cf-change-provider .as3cf-main-settings .as3cf-delivery-provider-select{display:none}.as3cf-tab.as3cf-needs-access-keys .as3cf-main-settings .as3cf-media-settings,.as3cf-tab.as3cf-has-access-keys.as3cf-change-provider .as3cf-main-settings .as3cf-media-settings{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-needs-bucket:not(.as3cf-change-provider) .as3cf-can-write-error,.as3cf-tab.as3cf-has-access-keys.as3cf-change-bucket:not(.as3cf-change-provider) .as3cf-can-write-error{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-needs-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-provider-select,.as3cf-tab.as3cf-has-access-keys.as3cf-change-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-needs-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-bucket-container,.as3cf-tab.as3cf-has-access-keys.as3cf-change-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-bucket-container{display:block}.as3cf-tab.as3cf-has-access-keys.as3cf-needs-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-change-bucket-access-prompt,.as3cf-tab.as3cf-has-access-keys.as3cf-change-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-change-bucket-access-prompt{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-needs-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-delivery-provider-select,.as3cf-tab.as3cf-has-access-keys.as3cf-change-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-delivery-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-needs-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-media-settings,.as3cf-tab.as3cf-has-access-keys.as3cf-change-bucket:not(.as3cf-change-provider) .as3cf-main-settings .as3cf-media-settings{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-bucket-access .as3cf-can-write-error{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-bucket-access .as3cf-main-settings .as3cf-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-bucket-access .as3cf-main-settings .as3cf-bucket-container{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-bucket-access .as3cf-main-settings .as3cf-change-bucket-access-prompt{display:block}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-bucket-access .as3cf-main-settings .as3cf-delivery-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-bucket-access .as3cf-main-settings .as3cf-media-settings{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-delivery-provider .as3cf-can-write-error{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-delivery-provider .as3cf-main-settings .as3cf-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-delivery-provider .as3cf-main-settings .as3cf-bucket-container{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-delivery-provider .as3cf-main-settings .as3cf-change-bucket-access-prompt{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-delivery-provider .as3cf-main-settings .as3cf-delivery-provider-select{display:block}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket.as3cf-change-delivery-provider .as3cf-main-settings .as3cf-media-settings{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket:not(.as3cf-change-provider):not(.as3cf-change-bucket):not(.as3cf-change-bucket-access):not(.as3cf-change-delivery-provider) .as3cf-main-settings .as3cf-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket:not(.as3cf-change-provider):not(.as3cf-change-bucket):not(.as3cf-change-bucket-access):not(.as3cf-change-delivery-provider) .as3cf-main-settings .as3cf-bucket-container{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket:not(.as3cf-change-provider):not(.as3cf-change-bucket):not(.as3cf-change-bucket-access):not(.as3cf-change-delivery-provider) .as3cf-main-settings .as3cf-change-bucket-access-prompt{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket:not(.as3cf-change-provider):not(.as3cf-change-bucket):not(.as3cf-change-bucket-access):not(.as3cf-change-delivery-provider) .as3cf-main-settings .as3cf-delivery-provider-select{display:none}.as3cf-tab.as3cf-has-access-keys.as3cf-has-bucket:not(.as3cf-change-provider):not(.as3cf-change-bucket):not(.as3cf-change-bucket-access):not(.as3cf-change-delivery-provider) .as3cf-main-settings .as3cf-media-settings{display:block}.as3cf-content>section{margin-bottom:20px}.as3cf-content>section+section.as3cf-access-keys{padding-top:20px;border-top:1px solid #d3d3d3}.as3cf-content>section+section.as3cf-access-keys .as3cf-section-heading{margin-top:0}.as3cf-tab{display:none;position:relative;width:650px}.as3cf-tab .as3cf-main-settings p{font-size:13px}.as3cf-tab .as3cf-main-settings p a{color:#444}.as3cf-tab .object-prefix-desc em{white-space:nowrap}.as3cf-tab .as3cf-url-preview-wrap{background:#fff;text-align:center;padding:20px 0 0;max-width:650px;width:100%;-webkit-box-sizing:border-box;box-sizing:border-box}.as3cf-tab .as3cf-url-preview-wrap .as3cf-url-preview{margin-top:10px;padding:0 20px 10px;overflow-x:scroll}.as3cf-tab .as3cf-url-preview-wrap span{color:#aaa;text-transform:uppercase;font-weight:bold}.as3cf-tab .as3cf-radio-group label{display:block;margin-bottom:10px}.as3cf-tab .as3cf-radio-group label.disabled,.as3cf-tab .as3cf-radio-group label.disabled p{color:#bbb;cursor:default}.as3cf-tab .as3cf-radio-group p{padding-left:25px;color:#6b6b6b;margin:0;font-size:12px}.as3cf-tab .as3cf-radio-group p.as3cf-setting{margin-top:5px}.as3cf-tab .as3cf-switch{position:relative;display:inline-block;padding:2px;overflow:hidden;border-radius:2px;background-color:#d4d3d3;cursor:pointer}.as3cf-tab .as3cf-switch.on{background-color:#ade7b5}.as3cf-tab .as3cf-switch span{visibility:hidden;-webkit-box-sizing:border-box;box-sizing:border-box;float:left;display:inline-block;height:100%;font-size:12px;line-height:20px;border-radius:2px;font-weight:bold;padding:4px 8px;background:#fff;color:#8d8d8d;z-index:1}.as3cf-tab .as3cf-switch span.on{color:#82d78b}.as3cf-tab .as3cf-switch span.checked{visibility:visible}.as3cf-tab .as3cf-switch.disabled{cursor:default;background:#e6e6e6}.as3cf-tab .as3cf-switch.disabled span{background:#f1f1f1;color:#d6d6d6}.as3cf-tab .as3cf-switch input[type="checkbox"]{position:absolute !important;top:0;left:0;opacity:0;filter:alpha(opacity=0);z-index:-1}.as3cf-tab .as3cf-setting.hide{display:none}.as3cf-tab .as3cf-setting .as3cf-sub-setting .as3cf-sub-setting-heading{padding-top:15px}.as3cf-tab .as3cf-setting .as3cf-sub-setting .as3cf-defined-in-config{margin-top:15px}.as3cf-tab div.as3cf-setting{margin-top:4px}.as3cf-tab h3{font-weight:normal;text-transform:uppercase}.as3cf-tab .form-table{margin:0}.as3cf-tab .form-table tr.as3cf-border-bottom td{border-bottom:1px solid #ddd;padding:20px 0px}.as3cf-tab .form-table tr.as3cf-setting-title td{padding-bottom:0}.as3cf-tab .form-table tr.as3cf-setting-title:first-child td{padding-top:20px}.as3cf-tab .form-table tr.configure-url:first-child td{padding-top:5px;padding-bottom:0}.as3cf-tab .form-table tr.hide{display:none}.as3cf-tab .form-table tr td{padding:15px 0}.as3cf-tab .form-table tr td:first-child{vertical-align:top;min-width:120px;padding-top:20px}.as3cf-tab .form-table tr td .as3cf-notice:last-child{margin-bottom:0}.as3cf-tab .form-table tr td>p:first-child{margin-top:0}.as3cf-tab .form-table h3{padding:0;margin:0}.as3cf-tab .form-table h4{margin:0}.as3cf-tab .as3cf-active-region{font-style:italic}.as3cf-tab .as3cf-view-bucket{color:#444;text-decoration:none;margin-right:10px}.as3cf-tab .as3cf-view-bucket:hover,.as3cf-tab .as3cf-view-bucket:active{color:#00a0d2}.as3cf-tab .as3cf-view-bucket:focus{-webkit-box-shadow:none;box-shadow:none}.as3cf-tab .as3cf-view-bucket .dashicons-external{margin-top:-2px}.as3cf-tab .tooltip{position:relative;z-index:2;cursor:pointer}.as3cf-tab .tooltip:before,.as3cf-tab .tooltip:after{visibility:hidden;-ms-filter:"progid:DXImageTransform.Microsoft.Alpha(Opacity=0)";filter:progid:DXImageTransform.Microsoft.Alpha(Opacity=0);opacity:0;pointer-events:none}.as3cf-tab .tooltip:before{position:absolute;bottom:150%;left:50%;margin-bottom:5px;margin-left:-250px;padding:10px;width:500px;border-radius:3px;background-color:#000;background-color:rgba(51,51,51,0.9);color:#fff;content:attr(data-tooltip);text-align:center;font-size:14px;line-height:1.3}.as3cf-tab .tooltip:after{position:absolute;bottom:150%;left:50%;margin-left:-5px;width:0;border-top:5px solid #000;border-top:5px solid rgba(51,51,51,0.9);border-right:5px solid transparent;border-left:5px solid transparent;content:" ";font-size:0;line-height:0}.as3cf-tab .tooltip:hover:before,.as3cf-tab .tooltip:hover:after{visibility:visible;-ms-filter:"progid:DXImageTransform.Microsoft.Alpha(Opacity=100)";filter:progid:DXImageTransform.Microsoft.Alpha(Opacity=100);opacity:1}.as3cf-tab .as3cf-defined-in-config{background:#ccc;color:#fff;padding:2px 5px;margin:0 0 3px 5px;float:right;white-space:nowrap;clear:right}.as3cf-tab .as3cf-defined-setting,.as3cf-tab .as3cf-locked-setting{color:#bbb}.as3cf-tab .as3cf-defined-setting label,.as3cf-tab .as3cf-locked-setting label{cursor:default}.as3cf-tab .as3cf-defined-setting p .more-info a,.as3cf-tab .as3cf-locked-setting p .more-info a{color:#bbb}.as3cf-tab .as3cf-defined-setting .as3cf-radio-group p,.as3cf-tab .as3cf-locked-setting .as3cf-radio-group p{color:#bbb}.as3cf-tab .as3cf-defined-setting .as3cf-notice,.as3cf-tab .as3cf-locked-setting .as3cf-notice{display:none !important}.as3cf-tab p.actions{margin:30px 0;border-top:1px solid #ccc;padding-top:15px}.as3cf-tab p.actions button,.as3cf-tab p.actions .right{float:right;margin-left:15px;margin-right:0;min-width:90px}.as3cf-tab p.actions button:last-of-type,.as3cf-tab p.actions .right:last-of-type{margin-left:0}.as3cf-tab p.actions span{display:inline-block;margin-right:20px;line-height:28px}.as3cf-tab .locked .as3cf-radio-group label,.as3cf-tab .locked .as3cf-radio-group label p{color:#bbb;cursor:default}.as3cf-tab .locked .as3cf-switch{cursor:default;background:#e6e6e6}.as3cf-tab .locked .as3cf-switch span{background:#f1f1f1;color:#d6d6d6}#tab-media{display:block}#tab-media .as3cf-provider-setting td{padding-top:20px;padding-bottom:5px}#tab-media .as3cf-bucket-setting td{padding:5px 0}.as3cf-bucket-container h3{line-height:1.3;text-transform:none}.as3cf-bucket-container a:focus{-webkit-box-shadow:none;box-shadow:none;outline:none}.as3cf-bucket-container input[type=text]{-webkit-box-sizing:border-box;box-sizing:border-box;width:100%}.as3cf-bucket-container select{-webkit-box-sizing:border-box;box-sizing:border-box;width:50%}.as3cf-bucket-container .form-table .as3cf-provider-setting h4{font-weight:inherit;margin:0}.as3cf-bucket-container .form-table .as3cf-bucket-list{margin:5px 0 0 0}.as3cf-bucket-container .form-table td{padding:5px 0}.as3cf-bucket-container .form-table td:first-child{width:100px;line-height:30px;vertical-align:top}.as3cf-bucket-container .form-table td .as3cf-defined-in-config{margin-top:-1.75em}.as3cf-bucket-container .as3cf-bucket-list{padding:15px;max-height:200px;overflow-x:hidden;overflow-y:auto;background-color:#fff;font-size:14px}.as3cf-bucket-container .as3cf-bucket-list li:last-of-type{margin-bottom:0}.as3cf-bucket-container .as3cf-bucket-list a{color:#444;text-decoration:none}.as3cf-bucket-container .as3cf-bucket-list a:hover{color:#0074a2}.as3cf-bucket-container .as3cf-bucket-list a.selected{font-weight:bold;color:#0074a2}.as3cf-bucket-container .as3cf-bucket-list a .dashicons{margin-right:5px}.as3cf-change-bucket-access-prompt h3{line-height:1.3;text-transform:none}.as3cf-change-bucket-access-prompt .as3cf-radio-group{margin-bottom:25px}.as3cf-change-bucket-access-prompt .note{color:#999}.as3cf-delivery-provider-select h3{line-height:1.3;text-transform:none}.as3cf-delivery-provider-select .note{color:#999}#tab-media{display:block}#tab-support{min-height:900px}#tab-support .as3cf-sidebar{top:11px}#tab-support .support-section{border-bottom:1px solid #ccc;padding-bottom:20px;margin-bottom:20px}#tab-support .support-section h3{font-size:20px}#tab-support .debug textarea{width:100%;min-height:200px;font-family:Consolas, Monaco, monospace;margin-bottom:5px}.as3cf-sidebar{position:absolute;top:9px;left:670px;width:292px}.as3cf-sidebar.lite{margin-top:35px;background:white;border-radius:7px;border:1px solid #D9E1EB;overflow:hidden;-webkit-box-shadow:0 1px 2px 0 rgba(0,0,0,0.1);box-shadow:0 1px 2px 0 rgba(0,0,0,0.1)}.as3cf-sidebar .block{padding:20px;border:1px solid #ccc}.as3cf-sidebar .subscribe{border-top:none;text-align:center;padding:40px 20px}.as3cf-sidebar .subscribe h2{padding:0;margin:0;margin-bottom:0.5em;color:#666;font-size:17px;line-height:1.2em;float:none}.as3cf-sidebar .subscribe h3{font-size:16px;margin:20px 0 0}.as3cf-sidebar .subscribe h3 a{background-color:#E9715E;color:white;display:inline-block;font-size:13px;font-weight:bold;letter-spacing:1px;text-transform:uppercase;padding:15px 50px;border-radius:4px;margin-bottom:6px;text-decoration:none;-webkit-box-shadow:0 2px 0 #C6442F;box-shadow:0 2px 0 #C6442F}.as3cf-sidebar .subscribe h3 a:hover{color:rgba(78,13,51,0.65)}.as3cf-sidebar .subscribe p{margin:0}.as3cf-sidebar .subscribe .discount-applied{color:rgba(0,0,0,0.4);font-size:12px;line-height:1.4em;margin-top:10px}.as3cf-sidebar .credits{border-top:0;background:#2E2E31;text-align:center;padding:10px}.as3cf-sidebar .credits h4{font-size:11px;font-weight:normal;color:rgba(255,255,255,0.7);margin-top:0;margin-bottom:10px}.as3cf-sidebar .credits ul{display:inline-block;margin:0}.as3cf-sidebar .credits li{overflow:hidden}.as3cf-sidebar .credits li:last-child{margin-bottom:0}.as3cf-sidebar .credits img{display:inline-block;vertical-align:middle;margin-right:8px}.as3cf-sidebar .credits span{display:inline-block;vertical-align:middle;font-size:12px;line-height:24px}.as3cf-sidebar .credits a{display:block;text-decoration:none;color:white;font-size:12px;text-align:center}.as3cf-sidebar .credits a:hover{color:rgba(255,255,255,0.7)}@media screen and (max-width: 1052px){.as3cf-sidebar{position:relative;top:auto;right:auto}}.as3cf-active-provider,.as3cf-active-bucket{font-weight:bold;margin-right:10px}.as3cf-banner{width:292px;height:156px;display:block;background:#f8cfae url(../img/os3-banner.svg) left bottom/100% no-repeat}.as3cf-banner:focus{-webkit-box-shadow:none;box-shadow:none}.wrap .as3cf-upgrade-details{background-color:#4e0d33;padding:10px 20px 20px 20px;color:#eee;font-size:13px;margin:0;display:block;text-decoration:none}.wrap .as3cf-upgrade-details h1{font-size:27px;color:#f8cfae;margin:0 0 15px 0;padding:0;font-weight:300;line-height:1}.wrap .as3cf-upgrade-details h2{font-size:15px;color:#F8CFAE;margin:0 0 30px 0;font-weight:500;line-height:20px}.wrap .as3cf-upgrade-details p{margin:0}.wrap .as3cf-upgrade-details a{color:#eee;font-weight:bold;text-decoration:none;font-size:16px;-webkit-box-shadow:none;box-shadow:none}.wrap .as3cf-upgrade-details a:hover{color:#fff}.wrap .as3cf-upgrade-details ul{margin:0;list-style:none}.wrap .as3cf-upgrade-details ul li{margin-bottom:15px;line-height:18px;padding-left:25px;background:url(../img/icon-checked.svg) left center no-repeat}.as3cf-compatibility-notice.error{clear:both;margin:5px 20px 5px 0}.as3cf-bucket-error span.title{font-weight:bold}.as3cf-invalid-bucket-name,.as3cf-validation-error{display:block;margin-top:2px;font-size:12px;color:#a00}.as3cf-notice-toggle-content{max-height:100px;overflow-y:scroll}.as3cf-notice-toggle-content .as3cf-notice-toggle-list{margin-top:0;margin-left:0;padding-left:40px;color:#dc3232}.as3cf-need-help{background-color:white;font-size:16px;font-weight:bold;padding:1em}.as3cf-need-help a{text-decoration:none}.as3cf-settings h3{font-size:20px}.as3cf-settings p{font-size:14px}.as3cf-addons,.as3cf-tab .as3cf-compatibility-notice{max-width:cover}textarea.as3cf-access-key-constants-snippet.code{width:100%;white-space:pre;overflow:hidden;font-size:12px;padding:10px;height:53px}.as3cf-addons .as3cf-addons-list{margin:20px 0 200px;padding-top:5px}.as3cf-addons .as3cf-addon{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;padding:20px;font-size:14px}.as3cf-addons .as3cf-addon-info{min-height:100px}.as3cf-addons .as3cf-addon-links{float:right}.as3cf-addons .as3cf-addon-links span{padding:4px 6px}.as3cf-addons .as3cf-addon-icon{float:left;margin-right:20px}.as3cf-addons .as3cf-addon-details{white-space:nowrap}.as3cf-addons .as3cf-addon-title,.as3cf-addons .as3cf-addon-description{font-weight:100}.as3cf-addons .as3cf-addon+.as3cf-addon{margin-top:20px}.as3cf-addons .as3cf-addon.amazon-s3-and-cloudfront-assets-pull{background-color:#0769ad;color:white}.as3cf-addons .as3cf-addon.amazon-s3-and-cloudfront-assets-pull .as3cf-addon-title,.as3cf-addons .as3cf-addon.amazon-s3-and-cloudfront-assets-pull .as3cf-addon-description,.as3cf-addons .as3cf-addon.amazon-s3-and-cloudfront-assets-pull a{color:white}.as3cf-addons .as3cf-addon.amazon-s3-and-cloudfront-assets-pull .extra{background:white}.as3cf-addons .as3cf-addon.amazon-s3-and-cloudfront-assets-pull .extra a{color:#0769ad;text-decoration:none}
assets/sass/styles.scss CHANGED
@@ -617,9 +617,7 @@ $as3cf_assets: #0769ad;
617
  p.actions {
618
  margin: 30px 0;
619
  border-top: 1px solid #ccc;
620
- //padding: 20px 30px;
621
  padding-top: 15px;
622
- overflow: hidden;
623
 
624
  button,
625
  .right {
617
  p.actions {
618
  margin: 30px 0;
619
  border-top: 1px solid #ccc;
 
620
  padding-top: 15px;
 
621
 
622
  button,
623
  .right {
classes/amazon-s3-and-cloudfront.php CHANGED
@@ -4976,7 +4976,7 @@ class Amazon_S3_And_CloudFront extends AS3CF_Plugin_Base {
4976
  $memory_limit = '32000M';
4977
  }
4978
 
4979
- return intval( $memory_limit ) * 1024 * 1024;
4980
  }
4981
 
4982
  /**
4976
  $memory_limit = '32000M';
4977
  }
4978
 
4979
+ return wp_convert_hr_to_bytes( $memory_limit );
4980
  }
4981
 
4982
  /**
classes/filters/as3cf-local-to-s3.php CHANGED
@@ -250,7 +250,10 @@ class AS3CF_Local_To_S3 extends AS3CF_Filter {
250
  }
251
 
252
  foreach ( $query_set as $url ) {
253
- $full_url = AS3CF_Utils::remove_scheme( $url );
 
 
 
254
 
255
  if ( isset( $this->query_cache[ $full_url ] ) ) {
256
  // ID already cached, use it.
@@ -259,7 +262,7 @@ class AS3CF_Local_To_S3 extends AS3CF_Filter {
259
  continue;
260
  }
261
 
262
- $path = AS3CF_Utils::decode_filename_in_path( ltrim( str_replace( $this->get_bare_upload_base_urls(), '', $full_url ), '/' ) );
263
 
264
  $paths[ $path ] = $full_url;
265
  $full_urls[ $full_url ][] = $url;
250
  }
251
 
252
  foreach ( $query_set as $url ) {
253
+ // Path to search for in query set should be based on bare URL.
254
+ $bare_url = AS3CF_Utils::remove_scheme( $url );
255
+ // There can be multiple URLs in the query set that belong to the same full URL for the Media Library item.
256
+ $full_url = AS3CF_Utils::remove_size_from_filename( $bare_url );
257
 
258
  if ( isset( $this->query_cache[ $full_url ] ) ) {
259
  // ID already cached, use it.
262
  continue;
263
  }
264
 
265
+ $path = AS3CF_Utils::decode_filename_in_path( ltrim( str_replace( $this->get_bare_upload_base_urls(), '', $bare_url ), '/' ) );
266
 
267
  $paths[ $path ] = $full_url;
268
  $full_urls[ $full_url ][] = $url;
classes/providers/storage/aws-provider.php CHANGED
@@ -218,11 +218,14 @@ class AWS_Provider extends Storage_Provider {
218
  */
219
  protected function default_client_args() {
220
  return array(
221
- 'signature_version' => static::SIGNATURE_VERSION,
222
- 'version' => static::API_VERSION,
223
- 'region' => $this->default_region,
224
- 'csm' => apply_filters( 'as3cf_disable_aws_csm', true ) ? false : true,
225
- 'use_arn_region' => apply_filters( 'as3cf_disable_aws_use_arn_region', true ) ? false : true,
 
 
 
226
  );
227
  }
228
 
218
  */
219
  protected function default_client_args() {
220
  return array(
221
+ 'signature_version' => static::SIGNATURE_VERSION,
222
+ 'version' => static::API_VERSION,
223
+ 'region' => $this->default_region,
224
+ 'csm' => apply_filters( 'as3cf_disable_aws_csm', true ) ? false : true,
225
+ 'use_arn_region' => apply_filters( 'as3cf_disable_aws_use_arn_region', true ) ? false : true,
226
+ 's3_us_east_1_regional_endpoint' => apply_filters( 'as3cf_aws_s3_us_east_1_regional_endpoint', 'legacy' ),
227
+ 'endpoint_discovery' => apply_filters( 'as3cf_disable_aws_endpoint_discovery', true ) ? array( 'enabled' => false ) : array( 'enabled' => true ),
228
+ 'sts_regional_endpoints' => apply_filters( 'as3cf_aws_sts_regional_endpoints', 'legacy' ),
229
  );
230
  }
231
 
languages/amazon-s3-and-cloudfront-en.pot CHANGED
@@ -8,7 +8,7 @@ msgid ""
8
  msgstr ""
9
  "Project-Id-Version: amazon-s3-and-cloudfront\n"
10
  "Report-Msgid-Bugs-To: nom@deliciousbrains.com\n"
11
- "POT-Creation-Date: 2020-07-21 13:43+0100\n"
12
  "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
13
  "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
14
  "Language-Team: LANGUAGE <LL@li.org>\n"
8
  msgstr ""
9
  "Project-Id-Version: amazon-s3-and-cloudfront\n"
10
  "Report-Msgid-Bugs-To: nom@deliciousbrains.com\n"
11
+ "POT-Creation-Date: 2020-08-27 12:18+0100\n"
12
  "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
13
  "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
14
  "Language-Team: LANGUAGE <LL@li.org>\n"
readme.txt CHANGED
@@ -4,7 +4,7 @@ Tags: uploads, amazon, s3, amazon s3, digitalocean, digitalocean spaces, google
4
  Requires at least: 4.9
5
  Tested up to: 5.5
6
  Requires PHP: 5.5
7
- Stable tag: 2.4.1
8
  License: GPLv3
9
 
10
  Copies files to Amazon S3, DigitalOcean Spaces or Google Cloud Storage as they are uploaded to the Media Library. Optionally configure Amazon CloudFront or another CDN for faster delivery.
@@ -81,6 +81,14 @@ This version requires PHP 5.3.3+ and the Amazon Web Services plugin
81
 
82
  == Changelog ==
83
 
 
 
 
 
 
 
 
 
84
  = WP Offload Media Lite 2.4.1 - 2020-07-21 =
85
  * Bug fix: Fatal Error with EWWW Image Optimizer 5.5 or earlier installed
86
  * Bug fix: AWS SDK "Warning: is_readable(): open_basedir restriction in effect" message when Use ARN Region in effect
4
  Requires at least: 4.9
5
  Tested up to: 5.5
6
  Requires PHP: 5.5
7
+ Stable tag: 2.4.2
8
  License: GPLv3
9
 
10
  Copies files to Amazon S3, DigitalOcean Spaces or Google Cloud Storage as they are uploaded to the Media Library. Optionally configure Amazon CloudFront or another CDN for faster delivery.
81
 
82
  == Changelog ==
83
 
84
+ = WP Offload Media Lite 2.4.2 - 2020-08-27 =
85
+ * Improvement: Updated AWS PHP SDK to v3.150.1
86
+ * Bug fix: Image thumbnail URLs in custom HTML not rewritten to delivery provider URLs
87
+ * Bug fix: Background processes do not start when PHP memory limit in gigabytes
88
+ * Bug fix: PHP Fatal error: require(): Failed opening required '.../vendor/Aws3/Aws/Sts/StsClient.php'
89
+ * Bug fix: AWS SDK "Warning: is_readable(): open_basedir restriction in effect" message from Regional Endpoint check
90
+ * Bug fix: Bottom and right button borders in settings page are clipped when focused
91
+
92
  = WP Offload Media Lite 2.4.1 - 2020-07-21 =
93
  * Bug fix: Fatal Error with EWWW Image Optimizer 5.5 or earlier installed
94
  * Bug fix: AWS SDK "Warning: is_readable(): open_basedir restriction in effect" message when Use ARN Region in effect
vendor/Aws3/Aws/Api/DateTimeResult.php CHANGED
@@ -2,6 +2,8 @@
2
 
3
  namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api;
4
 
 
 
5
  /**
6
  * DateTime overrides that make DateTime work more seamlessly as a string,
7
  * with JSON documents, and with JMESPath.
@@ -10,15 +12,71 @@ class DateTimeResult extends \DateTime implements \JsonSerializable
10
  {
11
  /**
12
  * Create a new DateTimeResult from a unix timestamp.
13
- *
 
 
14
  * @param $unixTimestamp
15
  *
16
  * @return DateTimeResult
 
17
  */
18
  public static function fromEpoch($unixTimestamp)
19
  {
20
  return new self(gmdate('c', $unixTimestamp));
21
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
22
  /**
23
  * Serialize the DateTimeResult as an ISO 8601 date string.
24
  *
2
 
3
  namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api;
4
 
5
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Parser\Exception\ParserException;
6
+ use Exception;
7
  /**
8
  * DateTime overrides that make DateTime work more seamlessly as a string,
9
  * with JSON documents, and with JMESPath.
12
  {
13
  /**
14
  * Create a new DateTimeResult from a unix timestamp.
15
+ * The Unix epoch (or Unix time or POSIX time or Unix
16
+ * timestamp) is the number of seconds that have elapsed since
17
+ * January 1, 1970 (midnight UTC/GMT).
18
  * @param $unixTimestamp
19
  *
20
  * @return DateTimeResult
21
+ * @throws Exception
22
  */
23
  public static function fromEpoch($unixTimestamp)
24
  {
25
  return new self(gmdate('c', $unixTimestamp));
26
  }
27
+ /**
28
+ * @param $iso8601Timestamp
29
+ *
30
+ * @return DateTimeResult
31
+ */
32
+ public static function fromISO8601($iso8601Timestamp)
33
+ {
34
+ if (is_numeric($iso8601Timestamp) || !is_string($iso8601Timestamp)) {
35
+ throw new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Parser\Exception\ParserException('Invalid timestamp value passed to DateTimeResult::fromISO8601');
36
+ }
37
+ return new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult($iso8601Timestamp);
38
+ }
39
+ /**
40
+ * Create a new DateTimeResult from an unknown timestamp.
41
+ *
42
+ * @param $timestamp
43
+ *
44
+ * @return DateTimeResult
45
+ * @throws ParserException|Exception
46
+ */
47
+ public static function fromTimestamp($timestamp, $expectedFormat = null)
48
+ {
49
+ if (empty($timestamp)) {
50
+ return self::fromEpoch(0);
51
+ }
52
+ if (!(is_string($timestamp) || is_numeric($timestamp))) {
53
+ throw new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Parser\Exception\ParserException('Invalid timestamp value passed to DateTimeResult::fromTimestamp');
54
+ }
55
+ try {
56
+ if ($expectedFormat == 'iso8601') {
57
+ try {
58
+ return self::fromISO8601($timestamp);
59
+ } catch (Exception $exception) {
60
+ return self::fromEpoch($timestamp);
61
+ }
62
+ } else {
63
+ if ($expectedFormat == 'unixTimestamp') {
64
+ try {
65
+ return self::fromEpoch($timestamp);
66
+ } catch (Exception $exception) {
67
+ return self::fromISO8601($timestamp);
68
+ }
69
+ } else {
70
+ if (\DeliciousBrains\WP_Offload_Media\Aws3\Aws\is_valid_epoch($timestamp)) {
71
+ return self::fromEpoch($timestamp);
72
+ }
73
+ }
74
+ }
75
+ return self::fromISO8601($timestamp);
76
+ } catch (Exception $exception) {
77
+ throw new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Parser\Exception\ParserException('Invalid timestamp value passed to DateTimeResult::fromTimestamp');
78
+ }
79
+ }
80
  /**
81
  * Serialize the DateTimeResult as an ISO 8601 date string.
82
  *
vendor/Aws3/Aws/Api/ErrorParser/AbstractErrorParser.php CHANGED
@@ -46,6 +46,7 @@ abstract class AbstractErrorParser
46
  if ($data['code'] == $error['name'] && $error instanceof StructureShape) {
47
  $modeledError = $error;
48
  $data['body'] = $this->extractPayload($modeledError, $response);
 
49
  foreach ($error->getMembers() as $name => $member) {
50
  switch ($member['location']) {
51
  case 'header':
46
  if ($data['code'] == $error['name'] && $error instanceof StructureShape) {
47
  $modeledError = $error;
48
  $data['body'] = $this->extractPayload($modeledError, $response);
49
+ $data['error_shape'] = $modeledError;
50
  foreach ($error->getMembers() as $name => $member) {
51
  switch ($member['location']) {
52
  case 'header':
vendor/Aws3/Aws/Api/Parser/AbstractRestParser.php CHANGED
@@ -88,10 +88,7 @@ abstract class AbstractRestParser extends \DeliciousBrains\WP_Offload_Media\Aws3
88
  break;
89
  case 'timestamp':
90
  try {
91
- if (!empty($shape['timestampFormat']) && $shape['timestampFormat'] === 'unixTimestamp') {
92
- $value = \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult::fromEpoch($value);
93
- }
94
- $value = new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult($value);
95
  break;
96
  } catch (\Exception $e) {
97
  // If the value cannot be parsed, then do not add it to the
88
  break;
89
  case 'timestamp':
90
  try {
91
+ $value = \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult::fromTimestamp($value, !empty($shape['timestampFormat']) ? $shape['timestampFormat'] : null);
 
 
 
92
  break;
93
  } catch (\Exception $e) {
94
  // If the value cannot be parsed, then do not add it to the
vendor/Aws3/Aws/Api/Parser/JsonParser.php CHANGED
@@ -39,13 +39,7 @@ class JsonParser
39
  }
40
  return $target;
41
  case 'timestamp':
42
- if (!empty($shape['timestampFormat']) && $shape['timestampFormat'] !== 'unixTimestamp') {
43
- return new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult($value);
44
- }
45
- // The Unix epoch (or Unix time or POSIX time or Unix
46
- // timestamp) is the number of seconds that have elapsed since
47
- // January 1, 1970 (midnight UTC/GMT).
48
- return \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult::fromEpoch($value);
49
  case 'blob':
50
  return base64_decode($value);
51
  default:
39
  }
40
  return $target;
41
  case 'timestamp':
42
+ return \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult::fromTimestamp($value, !empty($shape['timestampFormat']) ? $shape['timestampFormat'] : null);
 
 
 
 
 
 
43
  case 'blob':
44
  return base64_decode($value);
45
  default:
vendor/Aws3/Aws/Api/Parser/MetadataParserTrait.php CHANGED
@@ -29,10 +29,7 @@ trait MetadataParserTrait
29
  break;
30
  case 'timestamp':
31
  try {
32
- if (!empty($shape['timestampFormat']) && $shape['timestampFormat'] === 'unixTimestamp') {
33
- $value = \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult::fromEpoch($value);
34
- }
35
- $value = new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult($value);
36
  break;
37
  } catch (\Exception $e) {
38
  // If the value cannot be parsed, then do not add it to the
29
  break;
30
  case 'timestamp':
31
  try {
32
+ $value = \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult::fromTimestamp($value, !empty($shape['timestampFormat']) ? $shape['timestampFormat'] : null);
 
 
 
33
  break;
34
  } catch (\Exception $e) {
35
  // If the value cannot be parsed, then do not add it to the
vendor/Aws3/Aws/Api/Parser/XmlParser.php CHANGED
@@ -5,6 +5,7 @@ namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Parser;
5
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult;
6
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\ListShape;
7
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\MapShape;
 
8
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Shape;
9
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\StructureShape;
10
  /**
@@ -99,10 +100,10 @@ class XmlParser
99
  }
100
  private function parse_timestamp(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Shape $shape, $value)
101
  {
102
- if (!empty($shape['timestampFormat']) && $shape['timestampFormat'] === 'unixTimestamp') {
103
- return \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult::fromEpoch((string) $value);
104
  }
105
- return new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult($value);
106
  }
107
  private function parse_xml_attribute(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Shape $shape, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Shape $memberShape, $value)
108
  {
5
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult;
6
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\ListShape;
7
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\MapShape;
8
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Parser\Exception\ParserException;
9
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Shape;
10
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\StructureShape;
11
  /**
100
  }
101
  private function parse_timestamp(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Shape $shape, $value)
102
  {
103
+ if (is_string($value) || is_int($value) || is_object($value) && method_exists($value, '__toString')) {
104
+ return \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\DateTimeResult::fromTimestamp((string) $value, !empty($shape['timestampFormat']) ? $shape['timestampFormat'] : null);
105
  }
106
+ throw new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Parser\Exception\ParserException('Invalid timestamp value passed to XmlParser::parse_timestamp');
107
  }
108
  private function parse_xml_attribute(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Shape $shape, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\Shape $memberShape, $value)
109
  {
vendor/Aws3/Aws/AwsClient.php CHANGED
@@ -101,9 +101,9 @@ class AwsClient implements \DeliciousBrains\WP_Offload_Media\Aws3\Aws\AwsClientI
101
  * Provide an instance of Aws\EndpointDiscovery\ConfigurationInterface,
102
  * an instance Aws\CacheInterface, a callable that provides a promise for
103
  * a Configuration object, or an associative array with the following
104
- * keys: enabled: (bool) Set to true to enable endpoint discovery,
105
- * defaults to false; cache_limit: (int) The maximum number of keys in the
106
- * endpoints cache, defaults to 1000.
107
  * - endpoint_provider: (callable) An optional PHP callable that
108
  * accepts a hash of options including a "service" and "region" key and
109
  * returns NULL or a hash of endpoint data, of which the "endpoint" key
@@ -136,8 +136,16 @@ class AwsClient implements \DeliciousBrains\WP_Offload_Media\Aws3\Aws\AwsClientI
136
  * - region: (string, required) Region to connect to. See
137
  * http://docs.aws.amazon.com/general/latest/gr/rande.html for a list of
138
  * available regions.
139
- * - retries: (int, default=int(3)) Configures the maximum number of
140
- * allowed retries for a client (pass 0 to disable retries).
 
 
 
 
 
 
 
 
141
  * - scheme: (string, default=string(5) "https") URI scheme to use when
142
  * connecting connect. The SDK will utilize "https" endpoints (i.e.,
143
  * utilize SSL/TLS connections) by default. You can attempt to connect to
@@ -152,6 +160,10 @@ class AwsClient implements \DeliciousBrains\WP_Offload_Media\Aws3\Aws\AwsClientI
152
  * signature version to use with a service (e.g., v4). Note that
153
  * per/operation signature version MAY override this requested signature
154
  * version.
 
 
 
 
155
  * - validate: (bool, default=bool(true)) Set to false to disable
156
  * client-side parameter validation.
157
  * - version: (string, required) The version of the webservice to
@@ -241,7 +253,7 @@ class AwsClient implements \DeliciousBrains\WP_Offload_Media\Aws3\Aws\AwsClientI
241
  *
242
  * @return callable
243
  */
244
- protected final function getSignatureProvider()
245
  {
246
  return $this->signatureProvider;
247
  }
101
  * Provide an instance of Aws\EndpointDiscovery\ConfigurationInterface,
102
  * an instance Aws\CacheInterface, a callable that provides a promise for
103
  * a Configuration object, or an associative array with the following
104
+ * keys: enabled: (bool) Set to true to enable endpoint discovery, false
105
+ * to explicitly disable it, defaults to false; cache_limit: (int) The
106
+ * maximum number of keys in the endpoints cache, defaults to 1000.
107
  * - endpoint_provider: (callable) An optional PHP callable that
108
  * accepts a hash of options including a "service" and "region" key and
109
  * returns NULL or a hash of endpoint data, of which the "endpoint" key
136
  * - region: (string, required) Region to connect to. See
137
  * http://docs.aws.amazon.com/general/latest/gr/rande.html for a list of
138
  * available regions.
139
+ * - retries: (int, Aws\Retry\ConfigurationInterface, Aws\CacheInterface,
140
+ * array, callable) Configures the retry mode and maximum number of
141
+ * allowed retries for a client (pass 0 to disable retries). Provide an
142
+ * integer for 'legacy' mode with the specified number of retries.
143
+ * Otherwise provide an instance of Aws\Retry\ConfigurationInterface, an
144
+ * instance of Aws\CacheInterface, a callable function, or an array with
145
+ * the following keys: mode: (string) Set to 'legacy', 'standard' (uses
146
+ * retry quota management), or 'adapative' (an experimental mode that adds
147
+ * client-side rate limiting to standard mode); max_attempts (int) The
148
+ * maximum number of attempts for a given request.
149
  * - scheme: (string, default=string(5) "https") URI scheme to use when
150
  * connecting connect. The SDK will utilize "https" endpoints (i.e.,
151
  * utilize SSL/TLS connections) by default. You can attempt to connect to
160
  * signature version to use with a service (e.g., v4). Note that
161
  * per/operation signature version MAY override this requested signature
162
  * version.
163
+ * - use_aws_shared_config_files: (bool, default=bool(true)) Set to false to
164
+ * disable checking for shared config file in '~/.aws/config' and
165
+ * '~/.aws/credentials'. This will override the AWS_CONFIG_FILE
166
+ * environment variable.
167
  * - validate: (bool, default=bool(true)) Set to false to disable
168
  * client-side parameter validation.
169
  * - version: (string, required) The version of the webservice to
253
  *
254
  * @return callable
255
  */
256
+ public final function getSignatureProvider()
257
  {
258
  return $this->signatureProvider;
259
  }
vendor/Aws3/Aws/ClientResolver.php CHANGED
@@ -14,6 +14,9 @@ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Endpoint\PartitionEndpointProvider
14
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\EndpointDiscovery\ConfigurationInterface;
15
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\EndpointDiscovery\ConfigurationProvider;
16
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\EndpointDiscovery\EndpointDiscoveryMiddleware;
 
 
 
17
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Signature\SignatureProvider;
18
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Endpoint\EndpointProvider;
19
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Credentials\CredentialProvider;
@@ -28,7 +31,7 @@ class ClientResolver
28
  private $argDefinitions;
29
  /** @var array Map of types to a corresponding function */
30
  private static $typeMap = ['resource' => 'is_resource', 'callable' => 'is_callable', 'int' => 'is_int', 'bool' => 'is_bool', 'string' => 'is_string', 'object' => 'is_object', 'array' => 'is_array'];
31
- private static $defaultArgs = ['service' => ['type' => 'value', 'valid' => ['string'], 'doc' => 'Name of the service to utilize. This value will be supplied by default when using one of the SDK clients (e.g., Aws\\S3\\S3Client).', 'required' => true, 'internal' => true], 'exception_class' => ['type' => 'value', 'valid' => ['string'], 'doc' => 'Exception class to create when an error occurs.', 'default' => 'DeliciousBrains\\WP_Offload_Media\\Aws3\\Aws\\Exception\\AwsException', 'internal' => true], 'scheme' => ['type' => 'value', 'valid' => ['string'], 'default' => 'https', 'doc' => 'URI scheme to use when connecting connect. The SDK will utilize "https" endpoints (i.e., utilize SSL/TLS connections) by default. You can attempt to connect to a service over an unencrypted "http" endpoint by setting ``scheme`` to "http".'], 'disable_host_prefix_injection' => ['type' => 'value', 'valid' => ['bool'], 'doc' => 'Set to true to disable host prefix injection logic for services that use it. This disables the entire prefix injection, including the portions supplied by user-defined parameters. Setting this flag will have no effect on services that do not use host prefix injection.', 'default' => false], 'endpoint' => ['type' => 'value', 'valid' => ['string'], 'doc' => 'The full URI of the webservice. This is only required when connecting to a custom endpoint (e.g., a local version of S3).', 'fn' => [__CLASS__, '_apply_endpoint']], 'region' => ['type' => 'value', 'valid' => ['string'], 'required' => [__CLASS__, '_missing_region'], 'doc' => 'Region to connect to. See http://docs.aws.amazon.com/general/latest/gr/rande.html for a list of available regions.'], 'version' => ['type' => 'value', 'valid' => ['string'], 'required' => [__CLASS__, '_missing_version'], 'doc' => 'The version of the webservice to utilize (e.g., 2006-03-01).'], 'signature_provider' => ['type' => 'value', 'valid' => ['callable'], 'doc' => 'A callable that accepts a signature version name (e.g., "v4"), a service name, and region, and returns a SignatureInterface object or null. This provider is used to create signers utilized by the client. See Aws\\Signature\\SignatureProvider for a list of built-in providers', 'default' => [__CLASS__, '_default_signature_provider']], 'api_provider' => ['type' => 'value', 'valid' => ['callable'], 'doc' => 'An optional PHP callable that accepts a type, service, and version argument, and returns an array of corresponding configuration data. The type value can be one of api, waiter, or paginator.', 'fn' => [__CLASS__, '_apply_api_provider'], 'default' => [\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\ApiProvider::class, 'defaultProvider']], 'endpoint_provider' => ['type' => 'value', 'valid' => ['callable'], 'fn' => [__CLASS__, '_apply_endpoint_provider'], 'doc' => 'An optional PHP callable that accepts a hash of options including a "service" and "region" key and returns NULL or a hash of endpoint data, of which the "endpoint" key is required. See Aws\\Endpoint\\EndpointProvider for a list of built-in providers.', 'default' => [__CLASS__, '_default_endpoint_provider']], 'serializer' => ['default' => [__CLASS__, '_default_serializer'], 'fn' => [__CLASS__, '_apply_serializer'], 'internal' => true, 'type' => 'value', 'valid' => ['callable']], 'signature_version' => ['type' => 'config', 'valid' => ['string'], 'doc' => 'A string representing a custom signature version to use with a service (e.g., v4). Note that per/operation signature version MAY override this requested signature version.', 'default' => [__CLASS__, '_default_signature_version']], 'signing_name' => ['type' => 'config', 'valid' => ['string'], 'doc' => 'A string representing a custom service name to be used when calculating a request signature.', 'default' => [__CLASS__, '_default_signing_name']], 'signing_region' => ['type' => 'config', 'valid' => ['string'], 'doc' => 'A string representing a custom region name to be used when calculating a request signature.', 'default' => [__CLASS__, '_default_signing_region']], 'profile' => ['type' => 'config', 'valid' => ['string'], 'doc' => 'Allows you to specify which profile to use when credentials are created from the AWS credentials file in your HOME directory. This setting overrides the AWS_PROFILE environment variable. Note: Specifying "profile" will cause the "credentials" key to be ignored.', 'fn' => [__CLASS__, '_apply_profile']], 'credentials' => ['type' => 'value', 'valid' => [\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Credentials\CredentialsInterface::class, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\CacheInterface::class, 'array', 'bool', 'callable'], 'doc' => 'Specifies the credentials used to sign requests. Provide an Aws\\Credentials\\CredentialsInterface object, an associative array of "key", "secret", and an optional "token" key, `false` to use null credentials, or a callable credentials provider used to create credentials or return null. See Aws\\Credentials\\CredentialProvider for a list of built-in credentials providers. If no credentials are provided, the SDK will attempt to load them from the environment.', 'fn' => [__CLASS__, '_apply_credentials'], 'default' => [__CLASS__, '_default_credential_provider']], 'endpoint_discovery' => ['type' => 'value', 'valid' => [\DeliciousBrains\WP_Offload_Media\Aws3\Aws\EndpointDiscovery\ConfigurationInterface::class, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\CacheInterface::class, 'array', 'callable'], 'doc' => 'Specifies settings for endpoint discovery. Provide an instance of Aws\\EndpointDiscovery\\ConfigurationInterface, an instance Aws\\CacheInterface, a callable that provides a promise for a Configuration object, or an associative array with the following keys: enabled: (bool) Set to true to enable endpoint discovery. Defaults to false; cache_limit: (int) The maximum number of keys in the endpoints cache. Defaults to 1000.', 'fn' => [__CLASS__, '_apply_endpoint_discovery'], 'default' => [__CLASS__, '_default_endpoint_discovery_provider']], 'stats' => ['type' => 'value', 'valid' => ['bool', 'array'], 'default' => false, 'doc' => 'Set to true to gather transfer statistics on requests sent. Alternatively, you can provide an associative array with the following keys: retries: (bool) Set to false to disable reporting on retries attempted; http: (bool) Set to true to enable collecting statistics from lower level HTTP adapters (e.g., values returned in GuzzleHttp\\TransferStats). HTTP handlers must support an http_stats_receiver option for this to have an effect; timer: (bool) Set to true to enable a command timer that reports the total wall clock time spent on an operation in seconds.', 'fn' => [__CLASS__, '_apply_stats']], 'retries' => ['type' => 'value', 'valid' => ['int'], 'doc' => 'Configures the maximum number of allowed retries for a client (pass 0 to disable retries). ', 'fn' => [__CLASS__, '_apply_retries'], 'default' => 3], 'validate' => ['type' => 'value', 'valid' => ['bool', 'array'], 'default' => true, 'doc' => 'Set to false to disable client-side parameter validation. Set to true to utilize default validation constraints. Set to an associative array of validation options to enable specific validation constraints.', 'fn' => [__CLASS__, '_apply_validate']], 'debug' => ['type' => 'value', 'valid' => ['bool', 'array'], 'doc' => 'Set to true to display debug information when sending requests. Alternatively, you can provide an associative array with the following keys: logfn: (callable) Function that is invoked with log messages; stream_size: (int) When the size of a stream is greater than this number, the stream data will not be logged (set to "0" to not log any stream data); scrub_auth: (bool) Set to false to disable the scrubbing of auth data from the logged messages; http: (bool) Set to false to disable the "debug" feature of lower level HTTP adapters (e.g., verbose curl output).', 'fn' => [__CLASS__, '_apply_debug']], 'csm' => ['type' => 'value', 'valid' => [\DeliciousBrains\WP_Offload_Media\Aws3\Aws\ClientSideMonitoring\ConfigurationInterface::class, 'callable', 'array', 'bool'], 'doc' => 'CSM options for the client. Provides a callable wrapping a promise, a boolean "false", an instance of ConfigurationInterface, or an associative array of "enabled", "host", "port", and "client_id".', 'fn' => [__CLASS__, '_apply_csm'], 'default' => [\DeliciousBrains\WP_Offload_Media\Aws3\Aws\ClientSideMonitoring\ConfigurationProvider::class, 'defaultProvider']], 'http' => ['type' => 'value', 'valid' => ['array'], 'default' => [], 'doc' => 'Set to an array of SDK request options to apply to each request (e.g., proxy, verify, etc.).'], 'http_handler' => ['type' => 'value', 'valid' => ['callable'], 'doc' => 'An HTTP handler is a function that accepts a PSR-7 request object and returns a promise that is fulfilled with a PSR-7 response object or rejected with an array of exception data. NOTE: This option supersedes any provided "handler" option.', 'fn' => [__CLASS__, '_apply_http_handler']], 'handler' => ['type' => 'value', 'valid' => ['callable'], 'doc' => 'A handler that accepts a command object, request object and returns a promise that is fulfilled with an Aws\\ResultInterface object or rejected with an Aws\\Exception\\AwsException. A handler does not accept a next handler as it is terminal and expected to fulfill a command. If no handler is provided, a default Guzzle handler will be utilized.', 'fn' => [__CLASS__, '_apply_handler'], 'default' => [__CLASS__, '_default_handler']], 'ua_append' => ['type' => 'value', 'valid' => ['string', 'array'], 'doc' => 'Provide a string or array of strings to send in the User-Agent header.', 'fn' => [__CLASS__, '_apply_user_agent'], 'default' => []], 'idempotency_auto_fill' => ['type' => 'value', 'valid' => ['bool', 'callable'], 'doc' => 'Set to false to disable SDK to populate parameters that enabled \'idempotencyToken\' trait with a random UUID v4 value on your behalf. Using default value \'true\' still allows parameter value to be overwritten when provided. Note: auto-fill only works when cryptographically secure random bytes generator functions(random_bytes, openssl_random_pseudo_bytes or mcrypt_create_iv) can be found. You may also provide a callable source of random bytes.', 'default' => true, 'fn' => [__CLASS__, '_apply_idempotency_auto_fill']]];
32
  /**
33
  * Gets an array of default client arguments, each argument containing a
34
  * hash of the following:
@@ -187,9 +190,16 @@ class ClientResolver
187
  }
188
  public static function _apply_retries($value, array &$args, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\HandlerList $list)
189
  {
 
190
  if ($value) {
191
- $decider = \DeliciousBrains\WP_Offload_Media\Aws3\Aws\RetryMiddleware::createDefaultDecider($value);
192
- $list->appendSign(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Middleware::retry($decider, null, $args['stats']['retries']), 'retry');
 
 
 
 
 
 
193
  }
194
  }
195
  public static function _apply_credentials($value, array &$args)
@@ -237,6 +247,11 @@ class ClientResolver
237
  {
238
  if (!isset($args['endpoint'])) {
239
  $endpointPrefix = isset($args['api']['metadata']['endpointPrefix']) ? $args['api']['metadata']['endpointPrefix'] : $args['service'];
 
 
 
 
 
240
  // Invoke the endpoint provider and throw if it does not resolve.
241
  $result = \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Endpoint\EndpointProvider::resolve($value, ['service' => $endpointPrefix, 'region' => $args['region'], 'scheme' => $args['scheme'], 'options' => self::getEndpointProviderOptions($args)]);
242
  $args['endpoint'] = $result['endpoint'];
@@ -437,4 +452,14 @@ EOT;
437
  }
438
  return $options;
439
  }
 
 
 
 
 
 
 
 
 
 
440
  }
14
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\EndpointDiscovery\ConfigurationInterface;
15
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\EndpointDiscovery\ConfigurationProvider;
16
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\EndpointDiscovery\EndpointDiscoveryMiddleware;
17
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Exception\InvalidRegionException;
18
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Retry\ConfigurationInterface as RetryConfigInterface;
19
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Retry\ConfigurationProvider as RetryConfigProvider;
20
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Signature\SignatureProvider;
21
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Endpoint\EndpointProvider;
22
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Credentials\CredentialProvider;
31
  private $argDefinitions;
32
  /** @var array Map of types to a corresponding function */
33
  private static $typeMap = ['resource' => 'is_resource', 'callable' => 'is_callable', 'int' => 'is_int', 'bool' => 'is_bool', 'string' => 'is_string', 'object' => 'is_object', 'array' => 'is_array'];
34
+ private static $defaultArgs = ['service' => ['type' => 'value', 'valid' => ['string'], 'doc' => 'Name of the service to utilize. This value will be supplied by default when using one of the SDK clients (e.g., Aws\\S3\\S3Client).', 'required' => true, 'internal' => true], 'exception_class' => ['type' => 'value', 'valid' => ['string'], 'doc' => 'Exception class to create when an error occurs.', 'default' => 'DeliciousBrains\\WP_Offload_Media\\Aws3\\Aws\\Exception\\AwsException', 'internal' => true], 'scheme' => ['type' => 'value', 'valid' => ['string'], 'default' => 'https', 'doc' => 'URI scheme to use when connecting connect. The SDK will utilize "https" endpoints (i.e., utilize SSL/TLS connections) by default. You can attempt to connect to a service over an unencrypted "http" endpoint by setting ``scheme`` to "http".'], 'disable_host_prefix_injection' => ['type' => 'value', 'valid' => ['bool'], 'doc' => 'Set to true to disable host prefix injection logic for services that use it. This disables the entire prefix injection, including the portions supplied by user-defined parameters. Setting this flag will have no effect on services that do not use host prefix injection.', 'default' => false], 'endpoint' => ['type' => 'value', 'valid' => ['string'], 'doc' => 'The full URI of the webservice. This is only required when connecting to a custom endpoint (e.g., a local version of S3).', 'fn' => [__CLASS__, '_apply_endpoint']], 'region' => ['type' => 'value', 'valid' => ['string'], 'required' => [__CLASS__, '_missing_region'], 'doc' => 'Region to connect to. See http://docs.aws.amazon.com/general/latest/gr/rande.html for a list of available regions.'], 'version' => ['type' => 'value', 'valid' => ['string'], 'required' => [__CLASS__, '_missing_version'], 'doc' => 'The version of the webservice to utilize (e.g., 2006-03-01).'], 'signature_provider' => ['type' => 'value', 'valid' => ['callable'], 'doc' => 'A callable that accepts a signature version name (e.g., "v4"), a service name, and region, and returns a SignatureInterface object or null. This provider is used to create signers utilized by the client. See Aws\\Signature\\SignatureProvider for a list of built-in providers', 'default' => [__CLASS__, '_default_signature_provider']], 'api_provider' => ['type' => 'value', 'valid' => ['callable'], 'doc' => 'An optional PHP callable that accepts a type, service, and version argument, and returns an array of corresponding configuration data. The type value can be one of api, waiter, or paginator.', 'fn' => [__CLASS__, '_apply_api_provider'], 'default' => [\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Api\ApiProvider::class, 'defaultProvider']], 'endpoint_provider' => ['type' => 'value', 'valid' => ['callable'], 'fn' => [__CLASS__, '_apply_endpoint_provider'], 'doc' => 'An optional PHP callable that accepts a hash of options including a "service" and "region" key and returns NULL or a hash of endpoint data, of which the "endpoint" key is required. See Aws\\Endpoint\\EndpointProvider for a list of built-in providers.', 'default' => [__CLASS__, '_default_endpoint_provider']], 'serializer' => ['default' => [__CLASS__, '_default_serializer'], 'fn' => [__CLASS__, '_apply_serializer'], 'internal' => true, 'type' => 'value', 'valid' => ['callable']], 'signature_version' => ['type' => 'config', 'valid' => ['string'], 'doc' => 'A string representing a custom signature version to use with a service (e.g., v4). Note that per/operation signature version MAY override this requested signature version.', 'default' => [__CLASS__, '_default_signature_version']], 'signing_name' => ['type' => 'config', 'valid' => ['string'], 'doc' => 'A string representing a custom service name to be used when calculating a request signature.', 'default' => [__CLASS__, '_default_signing_name']], 'signing_region' => ['type' => 'config', 'valid' => ['string'], 'doc' => 'A string representing a custom region name to be used when calculating a request signature.', 'default' => [__CLASS__, '_default_signing_region']], 'profile' => ['type' => 'config', 'valid' => ['string'], 'doc' => 'Allows you to specify which profile to use when credentials are created from the AWS credentials file in your HOME directory. This setting overrides the AWS_PROFILE environment variable. Note: Specifying "profile" will cause the "credentials" key to be ignored.', 'fn' => [__CLASS__, '_apply_profile']], 'credentials' => ['type' => 'value', 'valid' => [\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Credentials\CredentialsInterface::class, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\CacheInterface::class, 'array', 'bool', 'callable'], 'doc' => 'Specifies the credentials used to sign requests. Provide an Aws\\Credentials\\CredentialsInterface object, an associative array of "key", "secret", and an optional "token" key, `false` to use null credentials, or a callable credentials provider used to create credentials or return null. See Aws\\Credentials\\CredentialProvider for a list of built-in credentials providers. If no credentials are provided, the SDK will attempt to load them from the environment.', 'fn' => [__CLASS__, '_apply_credentials'], 'default' => [__CLASS__, '_default_credential_provider']], 'endpoint_discovery' => ['type' => 'value', 'valid' => [\DeliciousBrains\WP_Offload_Media\Aws3\Aws\EndpointDiscovery\ConfigurationInterface::class, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\CacheInterface::class, 'array', 'callable'], 'doc' => 'Specifies settings for endpoint discovery. Provide an instance of Aws\\EndpointDiscovery\\ConfigurationInterface, an instance Aws\\CacheInterface, a callable that provides a promise for a Configuration object, or an associative array with the following keys: enabled: (bool) Set to true to enable endpoint discovery, false to explicitly disable it. Defaults to false; cache_limit: (int) The maximum number of keys in the endpoints cache. Defaults to 1000.', 'fn' => [__CLASS__, '_apply_endpoint_discovery'], 'default' => [__CLASS__, '_default_endpoint_discovery_provider']], 'stats' => ['type' => 'value', 'valid' => ['bool', 'array'], 'default' => false, 'doc' => 'Set to true to gather transfer statistics on requests sent. Alternatively, you can provide an associative array with the following keys: retries: (bool) Set to false to disable reporting on retries attempted; http: (bool) Set to true to enable collecting statistics from lower level HTTP adapters (e.g., values returned in GuzzleHttp\\TransferStats). HTTP handlers must support an http_stats_receiver option for this to have an effect; timer: (bool) Set to true to enable a command timer that reports the total wall clock time spent on an operation in seconds.', 'fn' => [__CLASS__, '_apply_stats']], 'retries' => ['type' => 'value', 'valid' => ['int', \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Retry\ConfigurationInterface::class, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\CacheInterface::class, 'callable', 'array'], 'doc' => "Configures the retry mode and maximum number of allowed retries for a client (pass 0 to disable retries). Provide an integer for 'legacy' mode with the specified number of retries. Otherwise provide an instance of Aws\\Retry\\ConfigurationInterface, an instance of Aws\\CacheInterface, a callable function, or an array with the following keys: mode: (string) Set to 'legacy', 'standard' (uses retry quota management), or 'adapative' (an experimental mode that adds client-side rate limiting to standard mode); max_attempts: (int) The maximum number of attempts for a given request. ", 'fn' => [__CLASS__, '_apply_retries'], 'default' => [\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Retry\ConfigurationProvider::class, 'defaultProvider']], 'validate' => ['type' => 'value', 'valid' => ['bool', 'array'], 'default' => true, 'doc' => 'Set to false to disable client-side parameter validation. Set to true to utilize default validation constraints. Set to an associative array of validation options to enable specific validation constraints.', 'fn' => [__CLASS__, '_apply_validate']], 'debug' => ['type' => 'value', 'valid' => ['bool', 'array'], 'doc' => 'Set to true to display debug information when sending requests. Alternatively, you can provide an associative array with the following keys: logfn: (callable) Function that is invoked with log messages; stream_size: (int) When the size of a stream is greater than this number, the stream data will not be logged (set to "0" to not log any stream data); scrub_auth: (bool) Set to false to disable the scrubbing of auth data from the logged messages; http: (bool) Set to false to disable the "debug" feature of lower level HTTP adapters (e.g., verbose curl output).', 'fn' => [__CLASS__, '_apply_debug']], 'csm' => ['type' => 'value', 'valid' => [\DeliciousBrains\WP_Offload_Media\Aws3\Aws\ClientSideMonitoring\ConfigurationInterface::class, 'callable', 'array', 'bool'], 'doc' => 'CSM options for the client. Provides a callable wrapping a promise, a boolean "false", an instance of ConfigurationInterface, or an associative array of "enabled", "host", "port", and "client_id".', 'fn' => [__CLASS__, '_apply_csm'], 'default' => [\DeliciousBrains\WP_Offload_Media\Aws3\Aws\ClientSideMonitoring\ConfigurationProvider::class, 'defaultProvider']], 'http' => ['type' => 'value', 'valid' => ['array'], 'default' => [], 'doc' => 'Set to an array of SDK request options to apply to each request (e.g., proxy, verify, etc.).'], 'http_handler' => ['type' => 'value', 'valid' => ['callable'], 'doc' => 'An HTTP handler is a function that accepts a PSR-7 request object and returns a promise that is fulfilled with a PSR-7 response object or rejected with an array of exception data. NOTE: This option supersedes any provided "handler" option.', 'fn' => [__CLASS__, '_apply_http_handler']], 'handler' => ['type' => 'value', 'valid' => ['callable'], 'doc' => 'A handler that accepts a command object, request object and returns a promise that is fulfilled with an Aws\\ResultInterface object or rejected with an Aws\\Exception\\AwsException. A handler does not accept a next handler as it is terminal and expected to fulfill a command. If no handler is provided, a default Guzzle handler will be utilized.', 'fn' => [__CLASS__, '_apply_handler'], 'default' => [__CLASS__, '_default_handler']], 'ua_append' => ['type' => 'value', 'valid' => ['string', 'array'], 'doc' => 'Provide a string or array of strings to send in the User-Agent header.', 'fn' => [__CLASS__, '_apply_user_agent'], 'default' => []], 'idempotency_auto_fill' => ['type' => 'value', 'valid' => ['bool', 'callable'], 'doc' => 'Set to false to disable SDK to populate parameters that enabled \'idempotencyToken\' trait with a random UUID v4 value on your behalf. Using default value \'true\' still allows parameter value to be overwritten when provided. Note: auto-fill only works when cryptographically secure random bytes generator functions(random_bytes, openssl_random_pseudo_bytes or mcrypt_create_iv) can be found. You may also provide a callable source of random bytes.', 'default' => true, 'fn' => [__CLASS__, '_apply_idempotency_auto_fill']], 'use_aws_shared_config_files' => ['type' => 'value', 'valid' => ['bool'], 'doc' => 'Set to false to disable checking for shared aws config files usually located in \'~/.aws/config\' and \'~/.aws/credentials\'.', 'default' => true]];
35
  /**
36
  * Gets an array of default client arguments, each argument containing a
37
  * hash of the following:
190
  }
191
  public static function _apply_retries($value, array &$args, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\HandlerList $list)
192
  {
193
+ // A value of 0 for the config option disables retries
194
  if ($value) {
195
+ $config = \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Retry\ConfigurationProvider::unwrap($value);
196
+ if ($config->getMode() === 'legacy') {
197
+ // # of retries is 1 less than # of attempts
198
+ $decider = \DeliciousBrains\WP_Offload_Media\Aws3\Aws\RetryMiddleware::createDefaultDecider($config->getMaxAttempts() - 1);
199
+ $list->appendSign(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Middleware::retry($decider, null, $args['stats']['retries']), 'retry');
200
+ } else {
201
+ $list->appendSign(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\RetryMiddlewareV2::wrap($config, ['collect_stats' => $args['stats']['retries']]), 'retry');
202
+ }
203
  }
204
  }
205
  public static function _apply_credentials($value, array &$args)
247
  {
248
  if (!isset($args['endpoint'])) {
249
  $endpointPrefix = isset($args['api']['metadata']['endpointPrefix']) ? $args['api']['metadata']['endpointPrefix'] : $args['service'];
250
+ // Check region is a valid host label when it is being used to
251
+ // generate an endpoint
252
+ if (!self::isValidRegion($args['region'])) {
253
+ throw new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Exception\InvalidRegionException('Region must be a valid RFC' . ' host label.');
254
+ }
255
  // Invoke the endpoint provider and throw if it does not resolve.
256
  $result = \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Endpoint\EndpointProvider::resolve($value, ['service' => $endpointPrefix, 'region' => $args['region'], 'scheme' => $args['scheme'], 'options' => self::getEndpointProviderOptions($args)]);
257
  $args['endpoint'] = $result['endpoint'];
452
  }
453
  return $options;
454
  }
455
+ /**
456
+ * Validates a region to be used for endpoint construction
457
+ *
458
+ * @param $region
459
+ * @return bool
460
+ */
461
+ private static function isValidRegion($region)
462
+ {
463
+ return is_valid_hostlabel($region);
464
+ }
465
  }
vendor/Aws3/Aws/ClientSideMonitoring/ConfigurationProvider.php CHANGED
@@ -73,7 +73,11 @@ class ConfigurationProvider extends \DeliciousBrains\WP_Offload_Media\Aws3\Aws\A
73
  */
74
  public static function defaultProvider(array $config = [])
75
  {
76
- $configProviders = [self::env(), self::ini(), self::fallback()];
 
 
 
 
77
  $memo = self::memoize(call_user_func_array('self::chain', $configProviders));
78
  if (isset($config['csm']) && $config['csm'] instanceof CacheInterface) {
79
  return self::cache($memo, $config['csm'], self::$cacheKey);
73
  */
74
  public static function defaultProvider(array $config = [])
75
  {
76
+ $configProviders = [self::env()];
77
+ if (!isset($config['use_aws_shared_config_files']) || $config['use_aws_shared_config_files'] != false) {
78
+ $configProviders[] = self::ini();
79
+ }
80
+ $configProviders[] = self::fallback();
81
  $memo = self::memoize(call_user_func_array('self::chain', $configProviders));
82
  if (isset($config['csm']) && $config['csm'] instanceof CacheInterface) {
83
  return self::cache($memo, $config['csm'], self::$cacheKey);
vendor/Aws3/Aws/CloudFront/CloudFrontClient.php CHANGED
@@ -50,54 +50,82 @@ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\AwsClient;
50
  * @method \GuzzleHttp\Promise\Promise updateDistributionAsync(array $args = [])
51
  * @method \Aws\Result updateStreamingDistribution(array $args = [])
52
  * @method \GuzzleHttp\Promise\Promise updateStreamingDistributionAsync(array $args = [])
53
- * @method \Aws\Result createDistributionWithTags(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
54
- * @method \GuzzleHttp\Promise\Promise createDistributionWithTagsAsync(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
55
- * @method \Aws\Result createStreamingDistributionWithTags(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
56
- * @method \GuzzleHttp\Promise\Promise createStreamingDistributionWithTagsAsync(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
57
- * @method \Aws\Result listTagsForResource(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
58
- * @method \GuzzleHttp\Promise\Promise listTagsForResourceAsync(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
59
- * @method \Aws\Result tagResource(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
60
- * @method \GuzzleHttp\Promise\Promise tagResourceAsync(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
61
- * @method \Aws\Result untagResource(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
62
- * @method \GuzzleHttp\Promise\Promise untagResourceAsync(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
63
  * @method \Aws\Result deleteServiceLinkedRole(array $args = []) (supported in versions 2017-03-25)
64
  * @method \GuzzleHttp\Promise\Promise deleteServiceLinkedRoleAsync(array $args = []) (supported in versions 2017-03-25)
65
- * @method \Aws\Result createFieldLevelEncryptionConfig(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
66
- * @method \GuzzleHttp\Promise\Promise createFieldLevelEncryptionConfigAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
67
- * @method \Aws\Result createFieldLevelEncryptionProfile(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
68
- * @method \GuzzleHttp\Promise\Promise createFieldLevelEncryptionProfileAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
69
- * @method \Aws\Result createPublicKey(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
70
- * @method \GuzzleHttp\Promise\Promise createPublicKeyAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
71
- * @method \Aws\Result deleteFieldLevelEncryptionConfig(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
72
- * @method \GuzzleHttp\Promise\Promise deleteFieldLevelEncryptionConfigAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
73
- * @method \Aws\Result deleteFieldLevelEncryptionProfile(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
74
- * @method \GuzzleHttp\Promise\Promise deleteFieldLevelEncryptionProfileAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
75
- * @method \Aws\Result deletePublicKey(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
76
- * @method \GuzzleHttp\Promise\Promise deletePublicKeyAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
77
- * @method \Aws\Result getFieldLevelEncryption(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
78
- * @method \GuzzleHttp\Promise\Promise getFieldLevelEncryptionAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
79
- * @method \Aws\Result getFieldLevelEncryptionConfig(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
80
- * @method \GuzzleHttp\Promise\Promise getFieldLevelEncryptionConfigAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
81
- * @method \Aws\Result getFieldLevelEncryptionProfile(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
82
- * @method \GuzzleHttp\Promise\Promise getFieldLevelEncryptionProfileAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
83
- * @method \Aws\Result getFieldLevelEncryptionProfileConfig(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
84
- * @method \GuzzleHttp\Promise\Promise getFieldLevelEncryptionProfileConfigAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
85
- * @method \Aws\Result getPublicKey(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
86
- * @method \GuzzleHttp\Promise\Promise getPublicKeyAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
87
- * @method \Aws\Result getPublicKeyConfig(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
88
- * @method \GuzzleHttp\Promise\Promise getPublicKeyConfigAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
89
- * @method \Aws\Result listFieldLevelEncryptionConfigs(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
90
- * @method \GuzzleHttp\Promise\Promise listFieldLevelEncryptionConfigsAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
91
- * @method \Aws\Result listFieldLevelEncryptionProfiles(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
92
- * @method \GuzzleHttp\Promise\Promise listFieldLevelEncryptionProfilesAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
93
- * @method \Aws\Result listPublicKeys(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
94
- * @method \GuzzleHttp\Promise\Promise listPublicKeysAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
95
- * @method \Aws\Result updateFieldLevelEncryptionConfig(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
96
- * @method \GuzzleHttp\Promise\Promise updateFieldLevelEncryptionConfigAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
97
- * @method \Aws\Result updateFieldLevelEncryptionProfile(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
98
- * @method \GuzzleHttp\Promise\Promise updateFieldLevelEncryptionProfileAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
99
- * @method \Aws\Result updatePublicKey(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
100
- * @method \GuzzleHttp\Promise\Promise updatePublicKeyAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
101
  */
102
  class CloudFrontClient extends \DeliciousBrains\WP_Offload_Media\Aws3\Aws\AwsClient
103
  {
50
  * @method \GuzzleHttp\Promise\Promise updateDistributionAsync(array $args = [])
51
  * @method \Aws\Result updateStreamingDistribution(array $args = [])
52
  * @method \GuzzleHttp\Promise\Promise updateStreamingDistributionAsync(array $args = [])
53
+ * @method \Aws\Result createDistributionWithTags(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
54
+ * @method \GuzzleHttp\Promise\Promise createDistributionWithTagsAsync(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
55
+ * @method \Aws\Result createStreamingDistributionWithTags(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
56
+ * @method \GuzzleHttp\Promise\Promise createStreamingDistributionWithTagsAsync(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
57
+ * @method \Aws\Result listTagsForResource(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
58
+ * @method \GuzzleHttp\Promise\Promise listTagsForResourceAsync(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
59
+ * @method \Aws\Result tagResource(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
60
+ * @method \GuzzleHttp\Promise\Promise tagResourceAsync(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
61
+ * @method \Aws\Result untagResource(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
62
+ * @method \GuzzleHttp\Promise\Promise untagResourceAsync(array $args = []) (supported in versions 2016-08-01, 2016-08-20, 2016-09-07, 2016-09-29, 2016-11-25, 2017-03-25, 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
63
  * @method \Aws\Result deleteServiceLinkedRole(array $args = []) (supported in versions 2017-03-25)
64
  * @method \GuzzleHttp\Promise\Promise deleteServiceLinkedRoleAsync(array $args = []) (supported in versions 2017-03-25)
65
+ * @method \Aws\Result createFieldLevelEncryptionConfig(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
66
+ * @method \GuzzleHttp\Promise\Promise createFieldLevelEncryptionConfigAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
67
+ * @method \Aws\Result createFieldLevelEncryptionProfile(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
68
+ * @method \GuzzleHttp\Promise\Promise createFieldLevelEncryptionProfileAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
69
+ * @method \Aws\Result createPublicKey(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
70
+ * @method \GuzzleHttp\Promise\Promise createPublicKeyAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
71
+ * @method \Aws\Result deleteFieldLevelEncryptionConfig(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
72
+ * @method \GuzzleHttp\Promise\Promise deleteFieldLevelEncryptionConfigAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
73
+ * @method \Aws\Result deleteFieldLevelEncryptionProfile(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
74
+ * @method \GuzzleHttp\Promise\Promise deleteFieldLevelEncryptionProfileAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
75
+ * @method \Aws\Result deletePublicKey(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
76
+ * @method \GuzzleHttp\Promise\Promise deletePublicKeyAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
77
+ * @method \Aws\Result getFieldLevelEncryption(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
78
+ * @method \GuzzleHttp\Promise\Promise getFieldLevelEncryptionAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
79
+ * @method \Aws\Result getFieldLevelEncryptionConfig(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
80
+ * @method \GuzzleHttp\Promise\Promise getFieldLevelEncryptionConfigAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
81
+ * @method \Aws\Result getFieldLevelEncryptionProfile(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
82
+ * @method \GuzzleHttp\Promise\Promise getFieldLevelEncryptionProfileAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
83
+ * @method \Aws\Result getFieldLevelEncryptionProfileConfig(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
84
+ * @method \GuzzleHttp\Promise\Promise getFieldLevelEncryptionProfileConfigAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
85
+ * @method \Aws\Result getPublicKey(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
86
+ * @method \GuzzleHttp\Promise\Promise getPublicKeyAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
87
+ * @method \Aws\Result getPublicKeyConfig(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
88
+ * @method \GuzzleHttp\Promise\Promise getPublicKeyConfigAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
89
+ * @method \Aws\Result listFieldLevelEncryptionConfigs(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
90
+ * @method \GuzzleHttp\Promise\Promise listFieldLevelEncryptionConfigsAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
91
+ * @method \Aws\Result listFieldLevelEncryptionProfiles(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
92
+ * @method \GuzzleHttp\Promise\Promise listFieldLevelEncryptionProfilesAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
93
+ * @method \Aws\Result listPublicKeys(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
94
+ * @method \GuzzleHttp\Promise\Promise listPublicKeysAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
95
+ * @method \Aws\Result updateFieldLevelEncryptionConfig(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
96
+ * @method \GuzzleHttp\Promise\Promise updateFieldLevelEncryptionConfigAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
97
+ * @method \Aws\Result updateFieldLevelEncryptionProfile(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
98
+ * @method \GuzzleHttp\Promise\Promise updateFieldLevelEncryptionProfileAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
99
+ * @method \Aws\Result updatePublicKey(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
100
+ * @method \GuzzleHttp\Promise\Promise updatePublicKeyAsync(array $args = []) (supported in versions 2017-10-30, 2018-06-18, 2018-11-05, 2019-03-26, 2020-05-31)
101
+ * @method \Aws\Result createCachePolicy(array $args = []) (supported in versions 2020-05-31)
102
+ * @method \GuzzleHttp\Promise\Promise createCachePolicyAsync(array $args = []) (supported in versions 2020-05-31)
103
+ * @method \Aws\Result createOriginRequestPolicy(array $args = []) (supported in versions 2020-05-31)
104
+ * @method \GuzzleHttp\Promise\Promise createOriginRequestPolicyAsync(array $args = []) (supported in versions 2020-05-31)
105
+ * @method \Aws\Result deleteCachePolicy(array $args = []) (supported in versions 2020-05-31)
106
+ * @method \GuzzleHttp\Promise\Promise deleteCachePolicyAsync(array $args = []) (supported in versions 2020-05-31)
107
+ * @method \Aws\Result deleteOriginRequestPolicy(array $args = []) (supported in versions 2020-05-31)
108
+ * @method \GuzzleHttp\Promise\Promise deleteOriginRequestPolicyAsync(array $args = []) (supported in versions 2020-05-31)
109
+ * @method \Aws\Result getCachePolicy(array $args = []) (supported in versions 2020-05-31)
110
+ * @method \GuzzleHttp\Promise\Promise getCachePolicyAsync(array $args = []) (supported in versions 2020-05-31)
111
+ * @method \Aws\Result getCachePolicyConfig(array $args = []) (supported in versions 2020-05-31)
112
+ * @method \GuzzleHttp\Promise\Promise getCachePolicyConfigAsync(array $args = []) (supported in versions 2020-05-31)
113
+ * @method \Aws\Result getOriginRequestPolicy(array $args = []) (supported in versions 2020-05-31)
114
+ * @method \GuzzleHttp\Promise\Promise getOriginRequestPolicyAsync(array $args = []) (supported in versions 2020-05-31)
115
+ * @method \Aws\Result getOriginRequestPolicyConfig(array $args = []) (supported in versions 2020-05-31)
116
+ * @method \GuzzleHttp\Promise\Promise getOriginRequestPolicyConfigAsync(array $args = []) (supported in versions 2020-05-31)
117
+ * @method \Aws\Result listCachePolicies(array $args = []) (supported in versions 2020-05-31)
118
+ * @method \GuzzleHttp\Promise\Promise listCachePoliciesAsync(array $args = []) (supported in versions 2020-05-31)
119
+ * @method \Aws\Result listDistributionsByCachePolicyId(array $args = []) (supported in versions 2020-05-31)
120
+ * @method \GuzzleHttp\Promise\Promise listDistributionsByCachePolicyIdAsync(array $args = []) (supported in versions 2020-05-31)
121
+ * @method \Aws\Result listDistributionsByOriginRequestPolicyId(array $args = []) (supported in versions 2020-05-31)
122
+ * @method \GuzzleHttp\Promise\Promise listDistributionsByOriginRequestPolicyIdAsync(array $args = []) (supported in versions 2020-05-31)
123
+ * @method \Aws\Result listOriginRequestPolicies(array $args = []) (supported in versions 2020-05-31)
124
+ * @method \GuzzleHttp\Promise\Promise listOriginRequestPoliciesAsync(array $args = []) (supported in versions 2020-05-31)
125
+ * @method \Aws\Result updateCachePolicy(array $args = []) (supported in versions 2020-05-31)
126
+ * @method \GuzzleHttp\Promise\Promise updateCachePolicyAsync(array $args = []) (supported in versions 2020-05-31)
127
+ * @method \Aws\Result updateOriginRequestPolicy(array $args = []) (supported in versions 2020-05-31)
128
+ * @method \GuzzleHttp\Promise\Promise updateOriginRequestPolicyAsync(array $args = []) (supported in versions 2020-05-31)
129
  */
130
  class CloudFrontClient extends \DeliciousBrains\WP_Offload_Media\Aws3\Aws\AwsClient
131
  {
vendor/Aws3/Aws/Credentials/CredentialProvider.php CHANGED
@@ -72,7 +72,11 @@ class CredentialProvider
72
  public static function defaultProvider(array $config = [])
73
  {
74
  $cacheable = ['web_identity', 'ecs', 'process_credentials', 'process_config', 'instance'];
75
- $defaultChain = ['env' => self::env(), 'web_identity' => self::assumeRoleWithWebIdentityCredentialProvider($config), 'ini' => self::ini(), 'ini_config' => self::ini('profile default', self::getHomeDir() . '/.aws/config')];
 
 
 
 
76
  if (!empty(getenv(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Credentials\EcsCredentialProvider::ENV_URI))) {
77
  $defaultChain['ecs'] = self::ecsCredentials($config);
78
  }
72
  public static function defaultProvider(array $config = [])
73
  {
74
  $cacheable = ['web_identity', 'ecs', 'process_credentials', 'process_config', 'instance'];
75
+ $defaultChain = ['env' => self::env(), 'web_identity' => self::assumeRoleWithWebIdentityCredentialProvider($config)];
76
+ if (!isset($config['use_aws_shared_config_files']) || $config['use_aws_shared_config_files'] !== false) {
77
+ $defaultChain['ini'] = self::ini();
78
+ $defaultChain['ini_config'] = self::ini('profile default', self::getHomeDir() . '/.aws/config');
79
+ }
80
  if (!empty(getenv(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Credentials\EcsCredentialProvider::ENV_URI))) {
81
  $defaultChain['ecs'] = self::ecsCredentials($config);
82
  }
vendor/Aws3/Aws/Crypto/AbstractCryptoClient.php CHANGED
@@ -6,11 +6,16 @@ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Cipher\CipherMethod;
6
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Cipher\Cbc;
7
  use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\Stream;
8
  /**
 
 
 
 
9
  * @internal
10
  */
11
  abstract class AbstractCryptoClient
12
  {
13
  public static $supportedCiphers = ['cbc', 'gcm'];
 
14
  /**
15
  * Returns if the passed cipher name is supported for encryption by the SDK.
16
  *
@@ -83,8 +88,8 @@ abstract class AbstractCryptoClient
83
  *
84
  * @param string $cipherText Plain-text data to be decrypted using the
85
  * materials, algorithm, and data provided.
86
- * @param MaterialsProvider $provider A provider to supply and encrypt
87
- * materials used in encryption.
88
  * @param MetadataEnvelope $envelope A storage envelope for encryption
89
  * metadata to be read from.
90
  * @param array $cipherOptions Additional verification options.
@@ -93,5 +98,5 @@ abstract class AbstractCryptoClient
93
  *
94
  * @internal
95
  */
96
- public abstract function decrypt($cipherText, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProvider $provider, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope $envelope, array $cipherOptions = []);
97
  }
6
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Cipher\Cbc;
7
  use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\Stream;
8
  /**
9
+ * Legacy abstract encryption client. New workflows should use
10
+ * AbstractCryptoClientV2.
11
+ *
12
+ * @deprecated
13
  * @internal
14
  */
15
  abstract class AbstractCryptoClient
16
  {
17
  public static $supportedCiphers = ['cbc', 'gcm'];
18
+ public static $supportedKeyWraps = [\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\KmsMaterialsProvider::WRAP_ALGORITHM_NAME];
19
  /**
20
  * Returns if the passed cipher name is supported for encryption by the SDK.
21
  *
88
  *
89
  * @param string $cipherText Plain-text data to be decrypted using the
90
  * materials, algorithm, and data provided.
91
+ * @param MaterialsProviderInterface $provider A provider to supply and encrypt
92
+ * materials used in encryption.
93
  * @param MetadataEnvelope $envelope A storage envelope for encryption
94
  * metadata to be read from.
95
  * @param array $cipherOptions Additional verification options.
98
  *
99
  * @internal
100
  */
101
+ public abstract function decrypt($cipherText, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProviderInterface $provider, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope $envelope, array $cipherOptions = []);
102
  }
vendor/Aws3/Aws/Crypto/AbstractCryptoClientV2.php ADDED
@@ -0,0 +1,98 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto;
4
+
5
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Cipher\CipherMethod;
6
+ use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\Stream;
7
+ /**
8
+ * @internal
9
+ */
10
+ abstract class AbstractCryptoClientV2
11
+ {
12
+ public static $supportedCiphers = ['gcm'];
13
+ public static $supportedKeyWraps = [\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\KmsMaterialsProviderV2::WRAP_ALGORITHM_NAME];
14
+ public static $supportedSecurityProfiles = ['V2', 'V2_AND_LEGACY'];
15
+ public static $legacySecurityProfiles = ['V2_AND_LEGACY'];
16
+ /**
17
+ * Returns if the passed cipher name is supported for encryption by the SDK.
18
+ *
19
+ * @param string $cipherName The name of a cipher to verify is registered.
20
+ *
21
+ * @return bool If the cipher passed is in our supported list.
22
+ */
23
+ public static function isSupportedCipher($cipherName)
24
+ {
25
+ return in_array($cipherName, self::$supportedCiphers, true);
26
+ }
27
+ /**
28
+ * Returns an identifier recognizable by `openssl_*` functions, such as
29
+ * `aes-256-gcm`
30
+ *
31
+ * @param string $cipherName Name of the cipher being used for encrypting
32
+ * or decrypting.
33
+ * @param int $keySize Size of the encryption key, in bits, that will be
34
+ * used.
35
+ *
36
+ * @return string
37
+ */
38
+ protected abstract function getCipherOpenSslName($cipherName, $keySize);
39
+ /**
40
+ * Constructs a CipherMethod for the given name, initialized with the other
41
+ * data passed for use in encrypting or decrypting.
42
+ *
43
+ * @param string $cipherName Name of the cipher to generate for encrypting.
44
+ * @param string $iv Base Initialization Vector for the cipher.
45
+ * @param int $keySize Size of the encryption key, in bits, that will be
46
+ * used.
47
+ *
48
+ * @return CipherMethod
49
+ *
50
+ * @internal
51
+ */
52
+ protected abstract function buildCipherMethod($cipherName, $iv, $keySize);
53
+ /**
54
+ * Performs a reverse lookup to get the openssl_* cipher name from the
55
+ * AESName passed in from the MetadataEnvelope.
56
+ *
57
+ * @param $aesName
58
+ *
59
+ * @return string
60
+ *
61
+ * @internal
62
+ */
63
+ protected abstract function getCipherFromAesName($aesName);
64
+ /**
65
+ * Dependency to provide an interface for building an encryption stream for
66
+ * data given cipher details, metadata, and materials to do so.
67
+ *
68
+ * @param Stream $plaintext Plain-text data to be encrypted using the
69
+ * materials, algorithm, and data provided.
70
+ * @param array $options Options for use in encryption.
71
+ * @param MaterialsProviderV2 $provider A provider to supply and encrypt
72
+ * materials used in encryption.
73
+ * @param MetadataEnvelope $envelope A storage envelope for encryption
74
+ * metadata to be added to.
75
+ *
76
+ * @return AesStreamInterface
77
+ *
78
+ * @internal
79
+ */
80
+ public abstract function encrypt(\DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\Stream $plaintext, array $options, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProviderV2 $provider, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope $envelope);
81
+ /**
82
+ * Dependency to provide an interface for building a decryption stream for
83
+ * cipher text given metadata and materials to do so.
84
+ *
85
+ * @param string $cipherText Plain-text data to be decrypted using the
86
+ * materials, algorithm, and data provided.
87
+ * @param MaterialsProviderInterface $provider A provider to supply and encrypt
88
+ * materials used in encryption.
89
+ * @param MetadataEnvelope $envelope A storage envelope for encryption
90
+ * metadata to be read from.
91
+ * @param array $options Options used for decryption.
92
+ *
93
+ * @return AesStreamInterface
94
+ *
95
+ * @internal
96
+ */
97
+ public abstract function decrypt($cipherText, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProviderInterfaceV2 $provider, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope $envelope, array $options = []);
98
+ }
vendor/Aws3/Aws/Crypto/AesGcmDecryptingStream.php CHANGED
@@ -2,10 +2,12 @@
2
 
3
  namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto;
4
 
 
5
  use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7;
6
  use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\StreamDecoratorTrait;
7
  use DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface;
8
- use RuntimeException;
 
9
  /**
10
  * @internal Represents a stream of data to be gcm decrypted.
11
  */
@@ -30,9 +32,6 @@ class AesGcmDecryptingStream implements \DeliciousBrains\WP_Offload_Media\Aws3\A
30
  */
31
  public function __construct(\DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface $cipherText, $key, $initializationVector, $tag, $aad = '', $tagLength = 128, $keySize = 256)
32
  {
33
- if (version_compare(PHP_VERSION, '7.1', '<')) {
34
- throw new \RuntimeException('AES-GCM decryption is only supported in PHP 7.1 or greater');
35
- }
36
  $this->cipherText = $cipherText;
37
  $this->key = $key;
38
  $this->initializationVector = $initializationVector;
@@ -55,7 +54,15 @@ class AesGcmDecryptingStream implements \DeliciousBrains\WP_Offload_Media\Aws3\A
55
  }
56
  public function createStream()
57
  {
58
- return \DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\stream_for(openssl_decrypt((string) $this->cipherText, $this->getOpenSslName(), $this->key, OPENSSL_RAW_DATA, $this->initializationVector, $this->tag, $this->aad));
 
 
 
 
 
 
 
 
59
  }
60
  public function isWritable()
61
  {
2
 
3
  namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto;
4
 
5
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Exception\CryptoException;
6
  use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7;
7
  use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\StreamDecoratorTrait;
8
  use DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface;
9
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Polyfill\AesGcm;
10
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Polyfill\Key;
11
  /**
12
  * @internal Represents a stream of data to be gcm decrypted.
13
  */
32
  */
33
  public function __construct(\DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface $cipherText, $key, $initializationVector, $tag, $aad = '', $tagLength = 128, $keySize = 256)
34
  {
 
 
 
35
  $this->cipherText = $cipherText;
36
  $this->key = $key;
37
  $this->initializationVector = $initializationVector;
54
  }
55
  public function createStream()
56
  {
57
+ if (version_compare(PHP_VERSION, '7.1', '<')) {
58
+ return \DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\stream_for(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Polyfill\AesGcm::decrypt((string) $this->cipherText, $this->initializationVector, new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Polyfill\Key($this->key), $this->aad, $this->tag, $this->keySize));
59
+ } else {
60
+ $result = \openssl_decrypt((string) $this->cipherText, $this->getOpenSslName(), $this->key, OPENSSL_RAW_DATA, $this->initializationVector, $this->tag, $this->aad);
61
+ if ($result === false) {
62
+ throw new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Exception\CryptoException('The requested object could not be' . ' decrypted due to an invalid authentication tag.');
63
+ }
64
+ return \DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\stream_for($result);
65
+ }
66
  }
67
  public function isWritable()
68
  {
vendor/Aws3/Aws/Crypto/AesGcmEncryptingStream.php CHANGED
@@ -2,6 +2,8 @@
2
 
3
  namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto;
4
 
 
 
5
  use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7;
6
  use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\StreamDecoratorTrait;
7
  use DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface;
@@ -9,7 +11,7 @@ use RuntimeException;
9
  /**
10
  * @internal Represents a stream of data to be gcm encrypted.
11
  */
12
- class AesGcmEncryptingStream implements \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\AesStreamInterface
13
  {
14
  use StreamDecoratorTrait;
15
  private $aad;
@@ -19,6 +21,16 @@ class AesGcmEncryptingStream implements \DeliciousBrains\WP_Offload_Media\Aws3\A
19
  private $plaintext;
20
  private $tag = '';
21
  private $tagLength;
 
 
 
 
 
 
 
 
 
 
22
  /**
23
  * @param StreamInterface $plaintext
24
  * @param string $key
@@ -29,9 +41,6 @@ class AesGcmEncryptingStream implements \DeliciousBrains\WP_Offload_Media\Aws3\A
29
  */
30
  public function __construct(\DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface $plaintext, $key, $initializationVector, $aad = '', $tagLength = 16, $keySize = 256)
31
  {
32
- if (version_compare(PHP_VERSION, '7.1', '<')) {
33
- throw new \RuntimeException('AES-GCM decryption is only supported in PHP 7.1 or greater');
34
- }
35
  $this->plaintext = $plaintext;
36
  $this->key = $key;
37
  $this->initializationVector = $initializationVector;
@@ -43,9 +52,14 @@ class AesGcmEncryptingStream implements \DeliciousBrains\WP_Offload_Media\Aws3\A
43
  {
44
  return "aes-{$this->keySize}-gcm";
45
  }
 
 
 
 
 
46
  public function getAesName()
47
  {
48
- return 'AES/GCM/NoPadding';
49
  }
50
  public function getCurrentIv()
51
  {
@@ -53,7 +67,11 @@ class AesGcmEncryptingStream implements \DeliciousBrains\WP_Offload_Media\Aws3\A
53
  }
54
  public function createStream()
55
  {
56
- return \DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\stream_for(openssl_encrypt((string) $this->plaintext, $this->getOpenSslName(), $this->key, OPENSSL_RAW_DATA, $this->initializationVector, $this->tag, $this->aad, $this->tagLength));
 
 
 
 
57
  }
58
  /**
59
  * @return string
2
 
3
  namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto;
4
 
5
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Polyfill\AesGcm;
6
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Polyfill\Key;
7
  use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7;
8
  use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\StreamDecoratorTrait;
9
  use DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface;
11
  /**
12
  * @internal Represents a stream of data to be gcm encrypted.
13
  */
14
+ class AesGcmEncryptingStream implements \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\AesStreamInterface, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\AesStreamInterfaceV2
15
  {
16
  use StreamDecoratorTrait;
17
  private $aad;
21
  private $plaintext;
22
  private $tag = '';
23
  private $tagLength;
24
+ /**
25
+ * Same as non-static 'getAesName' method, allowing calls in a static
26
+ * context.
27
+ *
28
+ * @return string
29
+ */
30
+ public static function getStaticAesName()
31
+ {
32
+ return 'AES/GCM/NoPadding';
33
+ }
34
  /**
35
  * @param StreamInterface $plaintext
36
  * @param string $key
41
  */
42
  public function __construct(\DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface $plaintext, $key, $initializationVector, $aad = '', $tagLength = 16, $keySize = 256)
43
  {
 
 
 
44
  $this->plaintext = $plaintext;
45
  $this->key = $key;
46
  $this->initializationVector = $initializationVector;
52
  {
53
  return "aes-{$this->keySize}-gcm";
54
  }
55
+ /**
56
+ * Same as static method and retained for backwards compatibility
57
+ *
58
+ * @return string
59
+ */
60
  public function getAesName()
61
  {
62
+ return self::getStaticAesName();
63
  }
64
  public function getCurrentIv()
65
  {
67
  }
68
  public function createStream()
69
  {
70
+ if (version_compare(PHP_VERSION, '7.1', '<')) {
71
+ return \DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\stream_for(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Polyfill\AesGcm::encrypt((string) $this->plaintext, $this->initializationVector, new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Polyfill\Key($this->key), $this->aad, $this->tag, $this->keySize));
72
+ } else {
73
+ return \DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\stream_for(\openssl_encrypt((string) $this->plaintext, $this->getOpenSslName(), $this->key, OPENSSL_RAW_DATA, $this->initializationVector, $this->tag, $this->aad, $this->tagLength));
74
+ }
75
  }
76
  /**
77
  * @return string
vendor/Aws3/Aws/Crypto/AesStreamInterfaceV2.php ADDED
@@ -0,0 +1,29 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto;
4
+
5
+ use DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface;
6
+ interface AesStreamInterfaceV2 extends StreamInterface
7
+ {
8
+ /**
9
+ * Returns an AES recognizable name, such as 'AES/GCM/NoPadding'. V2
10
+ * interface is accessible from a static context.
11
+ *
12
+ * @return string
13
+ */
14
+ public static function getStaticAesName();
15
+ /**
16
+ * Returns an identifier recognizable by `openssl_*` functions, such as
17
+ * `aes-256-cbc` or `aes-128-ctr`.
18
+ *
19
+ * @return string
20
+ */
21
+ public function getOpenSslName();
22
+ /**
23
+ * Returns the IV that should be used to initialize the next block in
24
+ * encrypt or decrypt.
25
+ *
26
+ * @return string
27
+ */
28
+ public function getCurrentIv();
29
+ }
vendor/Aws3/Aws/Crypto/Cipher/Cbc.php CHANGED
@@ -7,6 +7,12 @@ use LogicException;
7
  /**
8
  * An implementation of the CBC cipher for use with an AesEncryptingStream or
9
  * AesDecrypting stream.
 
 
 
 
 
 
10
  */
11
  class Cbc implements \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Cipher\CipherMethod
12
  {
7
  /**
8
  * An implementation of the CBC cipher for use with an AesEncryptingStream or
9
  * AesDecrypting stream.
10
+ *
11
+ * This cipher method is deprecated and in maintenance mode - no new updates will be
12
+ * released. Please see https://docs.aws.amazon.com/general/latest/gr/aws_sdk_cryptography.html
13
+ * for more information.
14
+ *
15
+ * @deprecated
16
  */
17
  class Cbc implements \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Cipher\CipherMethod
18
  {
vendor/Aws3/Aws/Crypto/Cipher/CipherBuilderTrait.php CHANGED
@@ -2,6 +2,7 @@
2
 
3
  namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Cipher;
4
 
 
5
  trait CipherBuilderTrait
6
  {
7
  /**
@@ -59,7 +60,7 @@ trait CipherBuilderTrait
59
  case 'AES/CBC/PKCS5Padding':
60
  return 'cbc';
61
  default:
62
- throw new \RuntimeException('Unrecognized or unsupported' . ' AESName for reverse lookup.');
63
  }
64
  }
65
  }
2
 
3
  namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\Cipher;
4
 
5
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Exception\CryptoException;
6
  trait CipherBuilderTrait
7
  {
8
  /**
60
  case 'AES/CBC/PKCS5Padding':
61
  return 'cbc';
62
  default:
63
+ throw new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Exception\CryptoException('Unrecognized or unsupported' . ' AESName for reverse lookup.');
64
  }
65
  }
66
  }
vendor/Aws3/Aws/Crypto/DecryptionTrait.php CHANGED
@@ -34,12 +34,13 @@ trait DecryptionTrait
34
  protected abstract function buildCipherMethod($cipherName, $iv, $keySize);
35
  /**
36
  * Builds an AesStreamInterface using cipher options loaded from the
37
- * MetadataEnvelope and MaterialsProvider.
 
38
  *
39
  * @param string $cipherText Plain-text data to be encrypted using the
40
  * materials, algorithm, and data provided.
41
- * @param MaterialsProvider $provider A provider to supply and encrypt
42
- * materials used in encryption.
43
  * @param MetadataEnvelope $envelope A storage envelope for encryption
44
  * metadata to be read from.
45
  * @param array $cipherOptions Additional verification options.
@@ -51,7 +52,7 @@ trait DecryptionTrait
51
  *
52
  * @internal
53
  */
54
- public function decrypt($cipherText, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProvider $provider, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope $envelope, array $cipherOptions = [])
55
  {
56
  $cipherOptions['Iv'] = base64_decode($envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::IV_HEADER]);
57
  $cipherOptions['TagLength'] = $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CRYPTO_TAG_LENGTH_HEADER] / 8;
34
  protected abstract function buildCipherMethod($cipherName, $iv, $keySize);
35
  /**
36
  * Builds an AesStreamInterface using cipher options loaded from the
37
+ * MetadataEnvelope and MaterialsProvider. Can decrypt data from both the
38
+ * legacy and V2 encryption client workflows.
39
  *
40
  * @param string $cipherText Plain-text data to be encrypted using the
41
  * materials, algorithm, and data provided.
42
+ * @param MaterialsProviderInterface $provider A provider to supply and encrypt
43
+ * materials used in encryption.
44
  * @param MetadataEnvelope $envelope A storage envelope for encryption
45
  * metadata to be read from.
46
  * @param array $cipherOptions Additional verification options.
52
  *
53
  * @internal
54
  */
55
+ public function decrypt($cipherText, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProviderInterface $provider, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope $envelope, array $cipherOptions = [])
56
  {
57
  $cipherOptions['Iv'] = base64_decode($envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::IV_HEADER]);
58
  $cipherOptions['TagLength'] = $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CRYPTO_TAG_LENGTH_HEADER] / 8;
vendor/Aws3/Aws/Crypto/DecryptionTraitV2.php ADDED
@@ -0,0 +1,138 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto;
4
+
5
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Exception\CryptoException;
6
+ use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7;
7
+ use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\LimitStream;
8
+ use DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface;
9
+ trait DecryptionTraitV2
10
+ {
11
+ /**
12
+ * Dependency to reverse lookup the openssl_* cipher name from the AESName
13
+ * in the MetadataEnvelope.
14
+ *
15
+ * @param $aesName
16
+ *
17
+ * @return string
18
+ *
19
+ * @internal
20
+ */
21
+ protected abstract function getCipherFromAesName($aesName);
22
+ /**
23
+ * Dependency to generate a CipherMethod from a set of inputs for loading
24
+ * in to an AesDecryptingStream.
25
+ *
26
+ * @param string $cipherName Name of the cipher to generate for decrypting.
27
+ * @param string $iv Base Initialization Vector for the cipher.
28
+ * @param int $keySize Size of the encryption key, in bits, that will be
29
+ * used.
30
+ *
31
+ * @return Cipher\CipherMethod
32
+ *
33
+ * @internal
34
+ */
35
+ protected abstract function buildCipherMethod($cipherName, $iv, $keySize);
36
+ /**
37
+ * Builds an AesStreamInterface using cipher options loaded from the
38
+ * MetadataEnvelope and MaterialsProvider. Can decrypt data from both the
39
+ * legacy and V2 encryption client workflows.
40
+ *
41
+ * @param string $cipherText Plain-text data to be encrypted using the
42
+ * materials, algorithm, and data provided.
43
+ * @param MaterialsProviderInterfaceV2 $provider A provider to supply and encrypt
44
+ * materials used in encryption.
45
+ * @param MetadataEnvelope $envelope A storage envelope for encryption
46
+ * metadata to be read from.
47
+ * @param array $options Options used for decryption.
48
+ *
49
+ * @return AesStreamInterface
50
+ *
51
+ * @throws \InvalidArgumentException Thrown when a value in $cipherOptions
52
+ * is not valid.
53
+ *
54
+ * @internal
55
+ */
56
+ public function decrypt($cipherText, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProviderInterfaceV2 $provider, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope $envelope, array $options = [])
57
+ {
58
+ $options['@CipherOptions'] = !empty($options['@CipherOptions']) ? $options['@CipherOptions'] : [];
59
+ $options['@CipherOptions']['Iv'] = base64_decode($envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::IV_HEADER]);
60
+ $options['@CipherOptions']['TagLength'] = $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CRYPTO_TAG_LENGTH_HEADER] / 8;
61
+ $cek = $provider->decryptCek(base64_decode($envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CONTENT_KEY_V2_HEADER]), json_decode($envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::MATERIALS_DESCRIPTION_HEADER], true), $options);
62
+ $options['@CipherOptions']['KeySize'] = strlen($cek) * 8;
63
+ $options['@CipherOptions']['Cipher'] = $this->getCipherFromAesName($envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CONTENT_CRYPTO_SCHEME_HEADER]);
64
+ $this->validateOptionsAndEnvelope($options, $envelope);
65
+ $decryptionSteam = $this->getDecryptingStream($cipherText, $cek, $options['@CipherOptions']);
66
+ unset($cek);
67
+ return $decryptionSteam;
68
+ }
69
+ private function getTagFromCiphertextStream(\DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface $cipherText, $tagLength)
70
+ {
71
+ $cipherTextSize = $cipherText->getSize();
72
+ if ($cipherTextSize == null || $cipherTextSize <= 0) {
73
+ throw new \RuntimeException('Cannot decrypt a stream of unknown' . ' size.');
74
+ }
75
+ return (string) new \DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\LimitStream($cipherText, $tagLength, $cipherTextSize - $tagLength);
76
+ }
77
+ private function getStrippedCiphertextStream(\DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface $cipherText, $tagLength)
78
+ {
79
+ $cipherTextSize = $cipherText->getSize();
80
+ if ($cipherTextSize == null || $cipherTextSize <= 0) {
81
+ throw new \RuntimeException('Cannot decrypt a stream of unknown' . ' size.');
82
+ }
83
+ return new \DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\LimitStream($cipherText, $cipherTextSize - $tagLength, 0);
84
+ }
85
+ private function validateOptionsAndEnvelope($options, $envelope)
86
+ {
87
+ $allowedCiphers = AbstractCryptoClientV2::$supportedCiphers;
88
+ $allowedKeywraps = AbstractCryptoClientV2::$supportedKeyWraps;
89
+ if ($options['@SecurityProfile'] == 'V2_AND_LEGACY') {
90
+ $allowedCiphers = array_unique(array_merge($allowedCiphers, AbstractCryptoClient::$supportedCiphers));
91
+ $allowedKeywraps = array_unique(array_merge($allowedKeywraps, AbstractCryptoClient::$supportedKeyWraps));
92
+ }
93
+ $v1SchemaException = new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Exception\CryptoException("The requested object is encrypted" . " with V1 encryption schemas that have been disabled by" . " client configuration @SecurityProfile=V2. Retry with" . " V2_AND_LEGACY enabled or reencrypt the object.");
94
+ if (!in_array($options['@CipherOptions']['Cipher'], $allowedCiphers)) {
95
+ if (in_array($options['@CipherOptions']['Cipher'], AbstractCryptoClient::$supportedCiphers)) {
96
+ throw $v1SchemaException;
97
+ }
98
+ throw new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Exception\CryptoException("The requested object is encrypted with" . " the cipher '{$options['@CipherOptions']['Cipher']}', which is not" . " supported for decryption with the selected security profile." . " This profile allows decryption with: " . implode(", ", $allowedCiphers));
99
+ }
100
+ if (!in_array($envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::KEY_WRAP_ALGORITHM_HEADER], $allowedKeywraps)) {
101
+ if (in_array($envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::KEY_WRAP_ALGORITHM_HEADER], AbstractCryptoClient::$supportedKeyWraps)) {
102
+ throw $v1SchemaException;
103
+ }
104
+ throw new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Exception\CryptoException("The requested object is encrypted with" . " the keywrap schema '{$envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::KEY_WRAP_ALGORITHM_HEADER]}'," . " which is not supported for decryption with the current security" . " profile.");
105
+ }
106
+ $matdesc = json_decode($envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::MATERIALS_DESCRIPTION_HEADER], true);
107
+ if (isset($matdesc['aws:x-amz-cek-alg']) && $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CONTENT_CRYPTO_SCHEME_HEADER] !== $matdesc['aws:x-amz-cek-alg']) {
108
+ throw new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Exception\CryptoException("There is a mismatch in specified content" . " encryption algrithm between the materials description value" . " and the metadata envelope value: {$matdesc['aws:x-amz-cek-alg']}" . " vs. {$envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CONTENT_CRYPTO_SCHEME_HEADER]}.");
109
+ }
110
+ }
111
+ /**
112
+ * Generates a stream that wraps the cipher text with the proper cipher and
113
+ * uses the content encryption key (CEK) to decrypt the data when read.
114
+ *
115
+ * @param string $cipherText Plain-text data to be encrypted using the
116
+ * materials, algorithm, and data provided.
117
+ * @param string $cek A content encryption key for use by the stream for
118
+ * encrypting the plaintext data.
119
+ * @param array $cipherOptions Options for use in determining the cipher to
120
+ * be used for encrypting data.
121
+ *
122
+ * @return AesStreamInterface
123
+ *
124
+ * @internal
125
+ */
126
+ protected function getDecryptingStream($cipherText, $cek, $cipherOptions)
127
+ {
128
+ $cipherTextStream = \DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\stream_for($cipherText);
129
+ switch ($cipherOptions['Cipher']) {
130
+ case 'gcm':
131
+ $cipherOptions['Tag'] = $this->getTagFromCiphertextStream($cipherTextStream, $cipherOptions['TagLength']);
132
+ return new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\AesGcmDecryptingStream($this->getStrippedCiphertextStream($cipherTextStream, $cipherOptions['TagLength']), $cek, $cipherOptions['Iv'], $cipherOptions['Tag'], $cipherOptions['Aad'] = isset($cipherOptions['Aad']) ? $cipherOptions['Aad'] : null, $cipherOptions['TagLength'] ?: null, $cipherOptions['KeySize']);
133
+ default:
134
+ $cipherMethod = $this->buildCipherMethod($cipherOptions['Cipher'], $cipherOptions['Iv'], $cipherOptions['KeySize']);
135
+ return new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\AesDecryptingStream($cipherTextStream, $cek, $cipherMethod);
136
+ }
137
+ }
138
+ }
vendor/Aws3/Aws/Crypto/EncryptionTrait.php CHANGED
@@ -71,7 +71,6 @@ trait EncryptionTrait
71
  $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::KEY_WRAP_ALGORITHM_HEADER] = $provider->getWrapAlgorithmName();
72
  $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CONTENT_CRYPTO_SCHEME_HEADER] = $aesName;
73
  $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::UNENCRYPTED_CONTENT_LENGTH_HEADER] = strlen($plaintext);
74
- $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::UNENCRYPTED_CONTENT_MD5_HEADER] = base64_encode(md5($plaintext));
75
  $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::MATERIALS_DESCRIPTION_HEADER] = json_encode($materialsDescription);
76
  if (!empty($cipherOptions['Tag'])) {
77
  $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CRYPTO_TAG_LENGTH_HEADER] = strlen($cipherOptions['Tag']) * 8;
@@ -99,6 +98,9 @@ trait EncryptionTrait
99
  case 'gcm':
100
  $cipherOptions['TagLength'] = 16;
101
  $cipherTextStream = new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\AesGcmEncryptingStream($plaintext, $cek, $cipherOptions['Iv'], $cipherOptions['Aad'] = isset($cipherOptions['Aad']) ? $cipherOptions['Aad'] : null, $cipherOptions['TagLength'], $cipherOptions['KeySize']);
 
 
 
102
  $appendStream = new \DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\AppendStream([$cipherTextStream->createStream()]);
103
  $cipherOptions['Tag'] = $cipherTextStream->getTag();
104
  $appendStream->addStream(\DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\stream_for($cipherOptions['Tag']));
71
  $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::KEY_WRAP_ALGORITHM_HEADER] = $provider->getWrapAlgorithmName();
72
  $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CONTENT_CRYPTO_SCHEME_HEADER] = $aesName;
73
  $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::UNENCRYPTED_CONTENT_LENGTH_HEADER] = strlen($plaintext);
 
74
  $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::MATERIALS_DESCRIPTION_HEADER] = json_encode($materialsDescription);
75
  if (!empty($cipherOptions['Tag'])) {
76
  $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CRYPTO_TAG_LENGTH_HEADER] = strlen($cipherOptions['Tag']) * 8;
98
  case 'gcm':
99
  $cipherOptions['TagLength'] = 16;
100
  $cipherTextStream = new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\AesGcmEncryptingStream($plaintext, $cek, $cipherOptions['Iv'], $cipherOptions['Aad'] = isset($cipherOptions['Aad']) ? $cipherOptions['Aad'] : null, $cipherOptions['TagLength'], $cipherOptions['KeySize']);
101
+ if (!empty($cipherOptions['Aad'])) {
102
+ trigger_error("'Aad' has been supplied for content encryption" . " with " . $cipherTextStream->getAesName() . ". The" . " PHP SDK encryption client can decrypt an object" . " encrypted in this way, but other AWS SDKs may not be" . " able to.", E_USER_WARNING);
103
+ }
104
  $appendStream = new \DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\AppendStream([$cipherTextStream->createStream()]);
105
  $cipherOptions['Tag'] = $cipherTextStream->getTag();
106
  $appendStream->addStream(\DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\stream_for($cipherOptions['Tag']));
vendor/Aws3/Aws/Crypto/EncryptionTraitV2.php ADDED
@@ -0,0 +1,122 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto;
4
+
5
+ use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7;
6
+ use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\AppendStream;
7
+ use DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\Stream;
8
+ use DeliciousBrains\WP_Offload_Media\Aws3\Psr\Http\Message\StreamInterface;
9
+ trait EncryptionTraitV2
10
+ {
11
+ private static $allowedOptions = ['Cipher' => true, 'KeySize' => true, 'Aad' => true];
12
+ private static $encryptClasses = ['gcm' => \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\AesGcmEncryptingStream::class];
13
+ /**
14
+ * Dependency to generate a CipherMethod from a set of inputs for loading
15
+ * in to an AesEncryptingStream.
16
+ *
17
+ * @param string $cipherName Name of the cipher to generate for encrypting.
18
+ * @param string $iv Base Initialization Vector for the cipher.
19
+ * @param int $keySize Size of the encryption key, in bits, that will be
20
+ * used.
21
+ *
22
+ * @return Cipher\CipherMethod
23
+ *
24
+ * @internal
25
+ */
26
+ protected abstract function buildCipherMethod($cipherName, $iv, $keySize);
27
+ /**
28
+ * Builds an AesStreamInterface and populates encryption metadata into the
29
+ * supplied envelope.
30
+ *
31
+ * @param Stream $plaintext Plain-text data to be encrypted using the
32
+ * materials, algorithm, and data provided.
33
+ * @param array $options Options for use in encryption, including cipher
34
+ * options, and encryption context.
35
+ * @param MaterialsProviderV2 $provider A provider to supply and encrypt
36
+ * materials used in encryption.
37
+ * @param MetadataEnvelope $envelope A storage envelope for encryption
38
+ * metadata to be added to.
39
+ *
40
+ * @return StreamInterface
41
+ *
42
+ * @throws \InvalidArgumentException Thrown when a value in $options['@CipherOptions']
43
+ * is not valid.
44
+ *s
45
+ * @internal
46
+ */
47
+ public function encrypt(\DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\Stream $plaintext, array $options, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProviderV2 $provider, \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope $envelope)
48
+ {
49
+ $options = array_change_key_case($options);
50
+ $cipherOptions = array_intersect_key($options['@cipheroptions'], self::$allowedOptions);
51
+ if (empty($cipherOptions['Cipher'])) {
52
+ throw new \InvalidArgumentException('An encryption cipher must be' . ' specified in @CipherOptions["Cipher"].');
53
+ }
54
+ $cipherOptions['Cipher'] = strtolower($cipherOptions['Cipher']);
55
+ if (!self::isSupportedCipher($cipherOptions['Cipher'])) {
56
+ throw new \InvalidArgumentException('The cipher requested is not' . ' supported by the SDK.');
57
+ }
58
+ if (empty($cipherOptions['KeySize'])) {
59
+ $cipherOptions['KeySize'] = 256;
60
+ }
61
+ if (!is_int($cipherOptions['KeySize'])) {
62
+ throw new \InvalidArgumentException('The cipher "KeySize" must be' . ' an integer.');
63
+ }
64
+ if (!\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProviderV2::isSupportedKeySize($cipherOptions['KeySize'])) {
65
+ throw new \InvalidArgumentException('The cipher "KeySize" requested' . ' is not supported by AES (128 or 256).');
66
+ }
67
+ $cipherOptions['Iv'] = $provider->generateIv($this->getCipherOpenSslName($cipherOptions['Cipher'], $cipherOptions['KeySize']));
68
+ $encryptClass = self::$encryptClasses[$cipherOptions['Cipher']];
69
+ $aesName = $encryptClass::getStaticAesName();
70
+ $materialsDescription = ['aws:x-amz-cek-alg' => $aesName];
71
+ $keys = $provider->generateCek($cipherOptions['KeySize'], $materialsDescription, $options);
72
+ // Some providers modify materials description based on options
73
+ if (isset($keys['UpdatedContext'])) {
74
+ $materialsDescription = $keys['UpdatedContext'];
75
+ }
76
+ $encryptingStream = $this->getEncryptingStream($plaintext, $keys['Plaintext'], $cipherOptions);
77
+ // Populate envelope data
78
+ $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CONTENT_KEY_V2_HEADER] = $keys['Ciphertext'];
79
+ unset($keys);
80
+ $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::IV_HEADER] = base64_encode($cipherOptions['Iv']);
81
+ $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::KEY_WRAP_ALGORITHM_HEADER] = $provider->getWrapAlgorithmName();
82
+ $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CONTENT_CRYPTO_SCHEME_HEADER] = $aesName;
83
+ $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::UNENCRYPTED_CONTENT_LENGTH_HEADER] = strlen($plaintext);
84
+ $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::MATERIALS_DESCRIPTION_HEADER] = json_encode($materialsDescription);
85
+ if (!empty($cipherOptions['Tag'])) {
86
+ $envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::CRYPTO_TAG_LENGTH_HEADER] = strlen($cipherOptions['Tag']) * 8;
87
+ }
88
+ return $encryptingStream;
89
+ }
90
+ /**
91
+ * Generates a stream that wraps the plaintext with the proper cipher and
92
+ * uses the content encryption key (CEK) to encrypt the data when read.
93
+ *
94
+ * @param Stream $plaintext Plain-text data to be encrypted using the
95
+ * materials, algorithm, and data provided.
96
+ * @param string $cek A content encryption key for use by the stream for
97
+ * encrypting the plaintext data.
98
+ * @param array $cipherOptions Options for use in determining the cipher to
99
+ * be used for encrypting data.
100
+ *
101
+ * @return [AesStreamInterface, string]
102
+ *
103
+ * @internal
104
+ */
105
+ protected function getEncryptingStream(\DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\Stream $plaintext, $cek, &$cipherOptions)
106
+ {
107
+ switch ($cipherOptions['Cipher']) {
108
+ // Only 'gcm' is supported for encryption currently
109
+ case 'gcm':
110
+ $cipherOptions['TagLength'] = 16;
111
+ $encryptClass = self::$encryptClasses['gcm'];
112
+ $cipherTextStream = new $encryptClass($plaintext, $cek, $cipherOptions['Iv'], $cipherOptions['Aad'] = isset($cipherOptions['Aad']) ? $cipherOptions['Aad'] : '', $cipherOptions['TagLength'], $cipherOptions['KeySize']);
113
+ if (!empty($cipherOptions['Aad'])) {
114
+ trigger_error("'Aad' has been supplied for content encryption" . " with " . $cipherTextStream->getAesName() . ". The" . " PHP SDK encryption client can decrypt an object" . " encrypted in this way, but other AWS SDKs may not be" . " able to.", E_USER_WARNING);
115
+ }
116
+ $appendStream = new \DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\AppendStream([$cipherTextStream->createStream()]);
117
+ $cipherOptions['Tag'] = $cipherTextStream->getTag();
118
+ $appendStream->addStream(\DeliciousBrains\WP_Offload_Media\Aws3\GuzzleHttp\Psr7\stream_for($cipherOptions['Tag']));
119
+ return $appendStream;
120
+ }
121
+ }
122
+ }
vendor/Aws3/Aws/Crypto/KmsMaterialsProvider.php CHANGED
@@ -5,9 +5,17 @@ namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto;
5
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Kms\KmsClient;
6
  /**
7
  * Uses KMS to supply materials for encrypting and decrypting data.
 
 
 
 
 
 
 
8
  */
9
- class KmsMaterialsProvider extends \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProvider
10
  {
 
11
  private $kmsClient;
12
  private $kmsKeyId;
13
  /**
@@ -24,13 +32,13 @@ class KmsMaterialsProvider extends \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Cr
24
  public function fromDecryptionEnvelope(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope $envelope)
25
  {
26
  if (empty($envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::MATERIALS_DESCRIPTION_HEADER])) {
27
- throw new \RuntimeException('Not able to detect kms_cmk_id from an' . ' empty materials description.');
28
  }
29
  $materialsDescription = json_decode($envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::MATERIALS_DESCRIPTION_HEADER], true);
30
- if (empty($materialsDescription['kms_cmk_id'])) {
31
- throw new \RuntimeException('Not able to detect kms_cmk_id from kms' . ' materials description.');
32
  }
33
- return new \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\KmsMaterialsProvider($this->kmsClient, $materialsDescription['kms_cmk_id']);
34
  }
35
  /**
36
  * The KMS key id for use in matching this Provider to its keys,
@@ -44,7 +52,7 @@ class KmsMaterialsProvider extends \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Cr
44
  }
45
  public function getWrapAlgorithmName()
46
  {
47
- return 'kms';
48
  }
49
  /**
50
  * Takes a content encryption key (CEK) and description to return an encrypted
5
  use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Kms\KmsClient;
6
  /**
7
  * Uses KMS to supply materials for encrypting and decrypting data.
8
+ *
9
+ * Legacy implementation that supports legacy S3EncryptionClient and
10
+ * S3EncryptionMultipartUploader, which use an older encryption workflow. Use
11
+ * KmsMaterialsProviderV2 with S3EncryptionClientV2 or
12
+ * S3EncryptionMultipartUploaderV2 if possible.
13
+ *
14
+ * @deprecated
15
  */
16
+ class KmsMaterialsProvider extends \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProvider implements \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProviderInterface
17
  {
18
+ const WRAP_ALGORITHM_NAME = 'kms';
19
  private $kmsClient;
20
  private $kmsKeyId;
21
  /**
32
  public function fromDecryptionEnvelope(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope $envelope)
33
  {
34
  if (empty($envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::MATERIALS_DESCRIPTION_HEADER])) {
35
+ throw new \RuntimeException('Not able to detect the materials description.');
36
  }
37
  $materialsDescription = json_decode($envelope[\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MetadataEnvelope::MATERIALS_DESCRIPTION_HEADER], true);
38
+ if (empty($materialsDescription['kms_cmk_id']) && empty($materialsDescription['aws:x-amz-cek-alg'])) {
39
+ throw new \RuntimeException('Not able to detect kms_cmk_id (legacy' . ' implementation) or aws:x-amz-cek-alg (current implementation)' . ' from kms materials description.');
40
  }
41
+ return new self($this->kmsClient, isset($materialsDescription['kms_cmk_id']) ? $materialsDescription['kms_cmk_id'] : null);
42
  }
43
  /**
44
  * The KMS key id for use in matching this Provider to its keys,
52
  }
53
  public function getWrapAlgorithmName()
54
  {
55
+ return self::WRAP_ALGORITHM_NAME;
56
  }
57
  /**
58
  * Takes a content encryption key (CEK) and description to return an encrypted
vendor/Aws3/Aws/Crypto/KmsMaterialsProviderV2.php ADDED
@@ -0,0 +1,69 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ namespace DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto;
4
+
5
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Exception\CryptoException;
6
+ use DeliciousBrains\WP_Offload_Media\Aws3\Aws\Kms\KmsClient;
7
+ /**
8
+ * Uses KMS to supply materials for encrypting and decrypting data. This
9
+ * V2 implementation should be used with the V2 encryption clients (i.e.
10
+ * S3EncryptionClientV2).
11
+ */
12
+ class KmsMaterialsProviderV2 extends \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProviderV2 implements \DeliciousBrains\WP_Offload_Media\Aws3\Aws\Crypto\MaterialsProviderInterfaceV2
13
+ {
14
+ const WRAP_ALGORITHM_NAME = 'kms+context';
15
+ private $kmsClient;
16
+ private $kmsKeyId;
17
+ /**
18
+ * @param KmsClient $kmsClient A KMS Client for use encrypting and
19
+ * decrypting keys.
20
+ * @param string $kmsKeyId The private KMS key id to be used for encrypting
21
+ * and decrypting keys.
22
+ */
23
+ public function __construct(\DeliciousBrains\WP_Offload_Media\Aws3\Aws\Kms\KmsClient $kmsClient, $kmsKeyId = null)
24
+ {
25
+ $this->kmsClient = $kmsClient;
26
+ $this->kmsKeyId = $kmsKeyId;
27
+ }
28
+ /**
29
+ * @inheritDoc
30
+ */
31
+ public function getWrapAlgorithmName()
32
+ {
33
+ return self::WRAP_ALGORITHM_NAME;
34
+ }
35
+ /**
36
+ * @inheritDoc
37
+ */
38
+ public function decryptCek($encryptedCek, $materialDescription, $options)
39
+ {
40
+ $params = ['CiphertextBlob' => $encryptedCek, 'EncryptionContext' => $materialDescription];
41