123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275 |
- <?php
- /**
- * @file
- * A filter for encrypting bckups with AES.
- */
- /**
- * A filter for encrypting backup files.
- *
- * @ingroup backup_migrate_filters
- */
- class backup_migrate_filter_encryption extends backup_migrate_filter {
- public $op_weights = array('backup' => 170, 'restore' => -170);
- /**
- * Called on a backup file after the backup has been completed.
- */
- public function backup($file, $settings) {
- return $this->file_encrypt($file, $settings);
- }
- /**
- * Called on a backup file before importing it.
- */
- public function restore($file, $settings) {
- return $this->file_decrypt($file);
- }
- /**
- * Gets the form for the settings for this filter.
- */
- public function backup_settings_default() {
- return array('encryption' => 'none');
- }
- /**
- * Gets the form for the settings for this filter.
- */
- public function backup_settings_form($settings) {
- $form = array();
- $options = $this->_backup_migrate_get_encryption_form_item_options();
- if (array_intersect_key($options, array_flip(array('aes', 'encrypt')))) {
- $form['file']['encryption'] = array(
- "#type" => "select",
- "#title" => t("File Encryption"),
- "#options" => $options,
- "#default_value" => @$settings['encryption'],
- '#description' => t('Encrypted files can only be restored by Backup and Migrate and only on sites with the same encryption key.'),
- );
- }
- else {
- $form['file']['encryption'] = array(
- "#type" => 'item',
- "#title" => t("File Encryption"),
- "#markup" => t('Install the !link to enable backup file encryption.', array('!link' => l(t('Encrypt module'), 'http://drupal.org/project/encrypt'))),
- );
- }
- // If the Encrypt method is available add a configuration field.
- if (array_key_exists('encrypt', $options)) {
- $form['file']['encrypt_config'] = array(
- '#type' => 'select',
- '#title' => t('Encryption Configuration'),
- '#options' => encrypt_get_configs_as_options(),
- '#default_value' => @$settings['encrypt_config'],
- '#description' => t('Select a configuration to use for encryption.'),
- '#states' => array(
- 'visible' => array(
- ':input[name="filters[encryption]"]' => array('value' => 'encrypt'),
- ),
- ),
- );
- }
- return $form;
- }
- /**
- * Returns a list of backup filetypes.
- */
- public function file_types() {
- return array(
- "aes" => array(
- "extension" => "aes",
- "filemime" => "application/octet-stream",
- "backup" => TRUE,
- "restore" => TRUE,
- ),
- "encrypt" => array(
- "extension" => "encrypt",
- "filemime" => "application/octet-stream",
- "backup" => TRUE,
- "restore" => TRUE,
- ),
- );
- }
- /**
- * Gets the compression options as an options array for a form item.
- */
- public function _backup_migrate_get_encryption_form_item_options() {
- $options = array();
- $options = array('' => t('No Encryption'));
- if (@function_exists("aes_encrypt")) {
- $options['aes'] = t("AES Encryption");
- }
- if (@function_exists("encrypt")) {
- $options['encrypt'] = t("Encryption With Encrypt Module");
- }
- return $options;
- }
- /**
- * AES encrypts a file.
- */
- public function aes_encrypt($source, $dest) {
- $success = FALSE;
- if (function_exists('aes_encrypt')) {
- if ($data = $source->get_contents()) {
- // Add a marker to the end of the data so we can trim the padding on
- // decrpypt.
- $data = pack("a*H2", $data, "80");
- if ($data = aes_encrypt($data, FALSE)) {
- $dest->put_contents($data);
- $success = TRUE;
- }
- }
- }
- return $success;
- }
- /**
- * AES decodes a file.
- */
- public function aes_decrypt($source, $dest) {
- $success = FALSE;
- if (function_exists('aes_decrypt')) {
- if ($data = $source->get_contents()) {
- if ($data = aes_decrypt($data, FALSE)) {
- // Trim all the padding zeros plus our non-zero marker.
- $data = substr(rtrim($data, "\0"), 0, -1);
- $dest->put_contents($data);
- $success = TRUE;
- }
- }
- }
- return $success;
- }
- /**
- * Encrypts a file with the Encrypt module.
- */
- public function encrypt($source, $dest, $settings) {
- $success = FALSE;
- if (function_exists('encrypt')) {
- if (!empty($settings->filters['encrypt_config'])) {
- $config_name = $settings->filters['encrypt_config'];
- }
- else {
- $config = encrypt_get_default_config();
- $config_name = $config['name'];
- }
- if ($data = $source->get_contents()) {
- // Add a marker to the end of the data so we can trim the padding on decrypt.
- $data = pack("a*H2", $data, "80");
- if ($data = encrypt($data, array('base64' => FALSE), NULL, NULL, $config_name)) {
- $dest->put_contents($data);
- $success = TRUE;
- }
- }
- }
- return $success;
- }
- /**
- * Decrypts a file with the Encrypt module.
- */
- public function decrypt($source, $dest) {
- $success = FALSE;
- if (function_exists('decrypt')) {
- if ($data = $source->get_contents()) {
- if ($data = decrypt($data)) {
- // Trim all the padding zeros plus our non-zero marker.
- $data = substr(rtrim($data, "\0"), 0, -1);
- $dest->put_contents($data);
- $success = TRUE;
- }
- }
- }
- return $success;
- }
- /**
- * Encrypts a file with the given settings.
- *
- * Also updates settings to reflect new file mime and file extension.
- */
- public function file_encrypt($file, $settings) {
- if (!empty($settings->filters['encryption'])) {
- switch ($settings->filters['encryption']) {
- case "aes":
- $from = $file->push_type('aes');
- $from = new backup_file(array('filepath' => $from));
- if (!$success = $this->aes_encrypt($from, $file)) {
- $file = NULL;
- }
- break;
- case "encrypt":
- $from = $file->push_type('encrypt');
- $from = new backup_file(array('filepath' => $from));
- if (!$success = $this->encrypt($from, $file, $settings)) {
- $file = NULL;
- }
- break;
- }
- if (!$file) {
- _backup_migrate_message("Could not encrypt backup file. Try backing up without encryption.", array(), 'error');
- }
- }
- return $file;
- }
- /**
- * Decrypts a file with the given settings.
- *
- * Also updates settings to reflect new file mime and file extension.
- */
- public function file_decrypt($file) {
- $success = FALSE;
- if ($file) {
- switch ($file->type_id()) {
- case "aes":
- $from = $file->pop_type();
- $success = $this->aes_decrypt($from, $file);
- break;
- case "encrypt":
- $from = $file->pop_type();
- $success = $this->decrypt($from, $file);
- break;
- default:
- return $file;
- }
- if (!$success) {
- switch ($file->type_id()) {
- case 'aes':
- if (function_exists('aes_decrypt')) {
- _backup_migrate_message("Could not decrpyt backup file. Please check that the file is valid and that the encryption key of the server matches the server that created the backup.", array(), 'error');
- }
- else {
- _backup_migrate_message('You must install the !link to restore encrypted backkups.', array('!link' => l(t('AES Encryption Module'), 'http://drupal.org/project/aes')), 'error');
- }
- break;
- case 'encrypt':
- if (function_exists('decrypt')) {
- _backup_migrate_message("Could not decrypt backup file. Please check that the file is valid and that the encryption key of the server matches the server that created the backup.", array(), 'error');
- }
- else {
- _backup_migrate_message('You must install the !link to restore encrypted backups.', array('!link' => l(t('Encrypt module'), 'http://drupal.org/project/encrypt')), 'error');
- }
- break;
- }
- }
- }
- return $success ? $file : NULL;
- }
- }
|