SDK for PHP V3

S3EncryptionMultipartUploaderV2 extends MultipartUploader
in package
Uses CipherBuilderTrait, CryptoParamsTraitV2, EncryptionTraitV2, UserAgentTrait

Encapsulates the execution of a multipart upload of an encrypted object to S3.

Note that for PHP versions of < 7.1, this class uses an AES-GCM polyfill for encryption since there is no native PHP support. The performance for large inputs will be a lot slower than for PHP 7.1+, so upgrading older PHP version environments may be necessary to use this effectively.

Table of Contents

Constants

CRYPTO_VERSION  = '2.1'
PART_MAX_NUM  = 10000
PART_MAX_SIZE  = 5368709120
PART_MIN_SIZE  = 5242880

Methods

__construct()  : mixed
Creates a multipart upload for an S3 object after encrypting it.
getStateFromService()  : UploadState
Creates an UploadState object for a multipart upload by querying the service for the specified upload's information.
isSupportedCipher()  : bool
Returns if the passed cipher name is supported for encryption by the SDK.

Constants

CRYPTO_VERSION

public mixed CRYPTO_VERSION = '2.1'

PART_MAX_NUM

public mixed PART_MAX_NUM = 10000

PART_MAX_SIZE

public mixed PART_MAX_SIZE = 5368709120

PART_MIN_SIZE

public mixed PART_MIN_SIZE = 5242880

Methods

__construct()

Creates a multipart upload for an S3 object after encrypting it.

public __construct(S3ClientInterface $client, mixed $source[, array<string|int, mixed> $config = [] ]) : mixed

Note that for PHP versions of < 7.1, this class uses an AES-GCM polyfill for encryption since there is no native PHP support. The performance for large inputs will be a lot slower than for PHP 7.1+, so upgrading older PHP version environments may be necessary to use this effectively.

The required configuration options are as follows:

  • @MaterialsProvider: (MaterialsProviderV2) Provides Cek, Iv, and Cek encrypting/decrypting for encryption metadata.
  • @CipherOptions: (array) Cipher options for encrypting data. A Cipher is required. Accepts the following options: - Cipher: (string) gcm See also: AbstractCryptoClientV2::$supportedCiphers - KeySize: (int) 128|256 See also: MaterialsProvider::$supportedKeySizes - Aad: (string) Additional authentication data. This option is passed directly to OpenSSL when using gcm.
  • @KmsEncryptionContext: (array) Only required if using KmsMaterialsProviderV2. An associative array of key-value pairs to be added to the encryption context for KMS key encryption. An empty array may be passed if no additional context is desired.
  • bucket: (string) Name of the bucket to which the object is being uploaded.
  • key: (string) Key to use for the object being uploaded.

The optional configuration arguments are as follows:

  • @MetadataStrategy: (MetadataStrategy|string|null) Strategy for storing MetadataEnvelope information. Defaults to using a HeadersMetadataStrategy. Can either be a class implementing MetadataStrategy, a class name of a predefined strategy, or empty/null to default.
  • @InstructionFileSuffix: (string|null) Suffix used when writing to an instruction file if an using an InstructionFileMetadataHandler was determined.
  • acl: (string) ACL to set on the object being upload. Objects are private by default.
  • before_complete: (callable) Callback to invoke before the CompleteMultipartUpload operation. The callback should have a function signature like function (Aws\Command $command) {...}.
  • before_initiate: (callable) Callback to invoke before the CreateMultipartUpload operation. The callback should have a function signature like function (Aws\Command $command) {...}.
  • before_upload: (callable) Callback to invoke before any UploadPart operations. The callback should have a function signature like function (Aws\Command $command) {...}.
  • concurrency: (int, default=int(5)) Maximum number of concurrent UploadPart operations allowed during the multipart upload.
  • params: (array) An array of key/value parameters that will be applied to each of the sub-commands run by the uploader as a base. Auto-calculated options will override these parameters. If you need more granularity over parameters to each sub-command, use the before_* options detailed above to update the commands directly.
  • part_size: (int, default=int(5242880)) Part size, in bytes, to use when doing a multipart upload. This must between 5 MB and 5 GB, inclusive.
  • state: (Aws\Multipart\UploadState) An object that represents the state of the multipart upload and that is used to resume a previous upload. When this option is provided, the bucket, key, and part_size options are ignored.
Parameters
$client : S3ClientInterface

Client used for the upload.

$source : mixed

Source of the data to upload.

$config : array<string|int, mixed> = []

Configuration used to perform the upload.

getStateFromService()

Creates an UploadState object for a multipart upload by querying the service for the specified upload's information.

public static getStateFromService(S3ClientInterface $client, string $bucket, string $key, string $uploadId[, array<string|int, mixed> $config = [] ]) : UploadState
Parameters
$client : S3ClientInterface

S3Client used for the upload.

$bucket : string

Bucket for the multipart upload.

$key : string

Object key for the multipart upload.

$uploadId : string

Upload ID for the multipart upload.

$config : array<string|int, mixed> = []

Optional config to retain on the state. Pass the directive keys (metadata_directive, tags_directive, annotations_directive) the original copy was launched with so a resumed MultipartCopy replays Phase 3 with the same behavior. The caller can also override directives on the resume by passing them again to the MultipartCopy constructor.

Return values
UploadState

isSupportedCipher()

Returns if the passed cipher name is supported for encryption by the SDK.

public static isSupportedCipher(string $cipherName) : bool
Parameters
$cipherName : string

The name of a cipher to verify is registered.

Return values
bool

If the cipher passed is in our supported list.

<-- modeled_exceptions -->
On this page