nextcloud / server

lib/private/Files/Stream/Encryption.php

Indentation +500 added lines, -500 removed lines

@@ -37,505 +37,505 @@
 
 class Encryption extends Wrapper {
 
-	/** @var \OC\Encryption\Util */
-	protected $util;
-
-	/** @var \OC\Encryption\File */
-	protected $file;
-
-	/** @var \OCP\Encryption\IEncryptionModule */
-	protected $encryptionModule;
-
-	/** @var \OC\Files\Storage\Storage */
-	protected $storage;
-
-	/** @var \OC\Files\Storage\Wrapper\Encryption */
-	protected $encryptionStorage;
-
-	/** @var string */
-	protected $internalPath;
-
-	/** @var string */
-	protected $cache;
-
-	/** @var integer */
-	protected $size;
-
-	/** @var integer */
-	protected $position;
-
-	/** @var integer */
-	protected $unencryptedSize;
-
-	/** @var integer */
-	protected $headerSize;
-
-	/** @var integer */
-	protected $unencryptedBlockSize;
-
-	/** @var array */
-	protected $header;
-
-	/** @var string */
-	protected $fullPath;
-
-	/** @var  bool */
-	protected $signed;
-
-	/**
-	 * header data returned by the encryption module, will be written to the file
-	 * in case of a write operation
-	 *
-	 * @var array
-	 */
-	protected $newHeader;
-
-	/**
-	 * user who perform the read/write operation null for public access
-	 *
-	 * @var string
-	 */
-	protected $uid;
-
-	/** @var bool */
-	protected $readOnly;
-
-	/** @var bool */
-	protected $writeFlag;
-
-	/** @var array */
-	protected $expectedContextProperties;
-
-	/** @var bool */
-	protected $fileUpdated;
-
-	public function __construct() {
-		$this->expectedContextProperties = [
-			'source',
-			'storage',
-			'internalPath',
-			'fullPath',
-			'encryptionModule',
-			'header',
-			'uid',
-			'file',
-			'util',
-			'size',
-			'unencryptedSize',
-			'encryptionStorage',
-			'headerSize',
-			'signed'
-		];
-	}
-
-
-	/**
-	 * Wraps a stream with the provided callbacks
-	 *
-	 * @param resource $source
-	 * @param string $internalPath relative to mount point
-	 * @param string $fullPath relative to data/
-	 * @param array $header
-	 * @param string $uid
-	 * @param \OCP\Encryption\IEncryptionModule $encryptionModule
-	 * @param \OC\Files\Storage\Storage $storage
-	 * @param \OC\Files\Storage\Wrapper\Encryption $encStorage
-	 * @param \OC\Encryption\Util $util
-	 * @param \OC\Encryption\File $file
-	 * @param string $mode
-	 * @param int $size
-	 * @param int $unencryptedSize
-	 * @param int $headerSize
-	 * @param bool $signed
-	 * @param string $wrapper stream wrapper class
-	 * @return resource
-	 *
-	 * @throws \BadMethodCallException
-	 */
-	public static function wrap($source, $internalPath, $fullPath, array $header,
-								$uid,
-								\OCP\Encryption\IEncryptionModule $encryptionModule,
-								\OC\Files\Storage\Storage $storage,
-								\OC\Files\Storage\Wrapper\Encryption $encStorage,
-								\OC\Encryption\Util $util,
-								 \OC\Encryption\File $file,
-								$mode,
-								$size,
-								$unencryptedSize,
-								$headerSize,
-								$signed,
-								$wrapper = Encryption::class) {
-		$context = stream_context_create([
-			'ocencryption' => [
-				'source' => $source,
-				'storage' => $storage,
-				'internalPath' => $internalPath,
-				'fullPath' => $fullPath,
-				'encryptionModule' => $encryptionModule,
-				'header' => $header,
-				'uid' => $uid,
-				'util' => $util,
-				'file' => $file,
-				'size' => $size,
-				'unencryptedSize' => $unencryptedSize,
-				'encryptionStorage' => $encStorage,
-				'headerSize' => $headerSize,
-				'signed' => $signed
-			]
-		]);
-
-		return self::wrapSource($source, $context, 'ocencryption', $wrapper, $mode);
-	}
-
-	/**
-	 * add stream wrapper
-	 *
-	 * @param resource $source
-	 * @param string $mode
-	 * @param resource $context
-	 * @param string $protocol
-	 * @param string $class
-	 * @return resource
-	 * @throws \BadMethodCallException
-	 */
-	protected static function wrapSource($source, $context, $protocol, $class, $mode = 'r+') {
-		try {
-			stream_wrapper_register($protocol, $class);
-			if (self::isDirectoryHandle($source)) {
-				$wrapped = opendir($protocol . '://', $context);
-			} else {
-				$wrapped = fopen($protocol . '://', $mode, false, $context);
-			}
-		} catch (\BadMethodCallException $e) {
-			stream_wrapper_unregister($protocol);
-			throw $e;
-		}
-		stream_wrapper_unregister($protocol);
-		return $wrapped;
-	}
-
-	/**
-	 * Load the source from the stream context and return the context options
-	 *
-	 * @param string $name
-	 * @return array
-	 * @throws \BadMethodCallException
-	 */
-	protected function loadContext($name) {
-		$context = parent::loadContext($name);
-
-		foreach ($this->expectedContextProperties as $property) {
-			if (array_key_exists($property, $context)) {
-				$this->{$property} = $context[$property];
-			} else {
-				throw new \BadMethodCallException('Invalid context, "' . $property . '" options not set');
-			}
-		}
-		return $context;
-	}
-
-	public function stream_open($path, $mode, $options, &$opened_path) {
-		$this->loadContext('ocencryption');
-
-		$this->position = 0;
-		$this->cache = '';
-		$this->writeFlag = false;
-		$this->fileUpdated = false;
-		$this->unencryptedBlockSize = $this->encryptionModule->getUnencryptedBlockSize($this->signed);
-
-		if (
-			$mode === 'w'
-			|| $mode === 'w+'
-			|| $mode === 'wb'
-			|| $mode === 'wb+'
-			|| $mode === 'r+'
-			|| $mode === 'rb+'
-		) {
-			$this->readOnly = false;
-		} else {
-			$this->readOnly = true;
-		}
-
-		$sharePath = $this->fullPath;
-		if (!$this->storage->file_exists($this->internalPath)) {
-			$sharePath = dirname($sharePath);
-		}
-
-		$accessList = [];
-		if ($this->encryptionModule->needDetailedAccessList()) {
-			$accessList = $this->file->getAccessList($sharePath);
-		}
-		$this->newHeader = $this->encryptionModule->begin($this->fullPath, $this->uid, $mode, $this->header, $accessList);
-
-		if (
-			$mode === 'w'
-			|| $mode === 'w+'
-			|| $mode === 'wb'
-			|| $mode === 'wb+'
-		) {
-			// We're writing a new file so start write counter with 0 bytes
-			$this->unencryptedSize = 0;
-			$this->writeHeader();
-			$this->headerSize = $this->util->getHeaderSize();
-			$this->size = $this->headerSize;
-		} else {
-			$this->skipHeader();
-		}
-
-		return true;
-	}
-
-	public function stream_eof() {
-		return $this->position >= $this->unencryptedSize;
-	}
-
-	public function stream_read($count) {
-		$result = '';
-
-		$count = min($count, $this->unencryptedSize - $this->position);
-		while ($count > 0) {
-			$remainingLength = $count;
-			// update the cache of the current block
-			$this->readCache();
-			// determine the relative position in the current block
-			$blockPosition = ($this->position % $this->unencryptedBlockSize);
-			// if entire read inside current block then only position needs to be updated
-			if ($remainingLength < ($this->unencryptedBlockSize - $blockPosition)) {
-				$result .= substr($this->cache, $blockPosition, $remainingLength);
-				$this->position += $remainingLength;
-				$count = 0;
-			// otherwise remainder of current block is fetched, the block is flushed and the position updated
-			} else {
-				$result .= substr($this->cache, $blockPosition);
-				$this->flush();
-				$this->position += ($this->unencryptedBlockSize - $blockPosition);
-				$count -= ($this->unencryptedBlockSize - $blockPosition);
-			}
-		}
-		return $result;
-	}
+    /** @var \OC\Encryption\Util */
+    protected $util;
+
+    /** @var \OC\Encryption\File */
+    protected $file;
+
+    /** @var \OCP\Encryption\IEncryptionModule */
+    protected $encryptionModule;
+
+    /** @var \OC\Files\Storage\Storage */
+    protected $storage;
+
+    /** @var \OC\Files\Storage\Wrapper\Encryption */
+    protected $encryptionStorage;
+
+    /** @var string */
+    protected $internalPath;
+
+    /** @var string */
+    protected $cache;
+
+    /** @var integer */
+    protected $size;
+
+    /** @var integer */
+    protected $position;
+
+    /** @var integer */
+    protected $unencryptedSize;
+
+    /** @var integer */
+    protected $headerSize;
+
+    /** @var integer */
+    protected $unencryptedBlockSize;
+
+    /** @var array */
+    protected $header;
+
+    /** @var string */
+    protected $fullPath;
+
+    /** @var  bool */
+    protected $signed;
+
+    /**
+     * header data returned by the encryption module, will be written to the file
+     * in case of a write operation
+     *
+     * @var array
+     */
+    protected $newHeader;
+
+    /**
+     * user who perform the read/write operation null for public access
+     *
+     * @var string
+     */
+    protected $uid;
+
+    /** @var bool */
+    protected $readOnly;
+
+    /** @var bool */
+    protected $writeFlag;
+
+    /** @var array */
+    protected $expectedContextProperties;
+
+    /** @var bool */
+    protected $fileUpdated;
+
+    public function __construct() {
+        $this->expectedContextProperties = [
+            'source',
+            'storage',
+            'internalPath',
+            'fullPath',
+            'encryptionModule',
+            'header',
+            'uid',
+            'file',
+            'util',
+            'size',
+            'unencryptedSize',
+            'encryptionStorage',
+            'headerSize',
+            'signed'
+        ];
+    }
+
+
+    /**
+     * Wraps a stream with the provided callbacks
+     *
+     * @param resource $source
+     * @param string $internalPath relative to mount point
+     * @param string $fullPath relative to data/
+     * @param array $header
+     * @param string $uid
+     * @param \OCP\Encryption\IEncryptionModule $encryptionModule
+     * @param \OC\Files\Storage\Storage $storage
+     * @param \OC\Files\Storage\Wrapper\Encryption $encStorage
+     * @param \OC\Encryption\Util $util
+     * @param \OC\Encryption\File $file
+     * @param string $mode
+     * @param int $size
+     * @param int $unencryptedSize
+     * @param int $headerSize
+     * @param bool $signed
+     * @param string $wrapper stream wrapper class
+     * @return resource
+     *
+     * @throws \BadMethodCallException
+     */
+    public static function wrap($source, $internalPath, $fullPath, array $header,
+                                $uid,
+                                \OCP\Encryption\IEncryptionModule $encryptionModule,
+                                \OC\Files\Storage\Storage $storage,
+                                \OC\Files\Storage\Wrapper\Encryption $encStorage,
+                                \OC\Encryption\Util $util,
+                                    \OC\Encryption\File $file,
+                                $mode,
+                                $size,
+                                $unencryptedSize,
+                                $headerSize,
+                                $signed,
+                                $wrapper = Encryption::class) {
+        $context = stream_context_create([
+            'ocencryption' => [
+                'source' => $source,
+                'storage' => $storage,
+                'internalPath' => $internalPath,
+                'fullPath' => $fullPath,
+                'encryptionModule' => $encryptionModule,
+                'header' => $header,
+                'uid' => $uid,
+                'util' => $util,
+                'file' => $file,
+                'size' => $size,
+                'unencryptedSize' => $unencryptedSize,
+                'encryptionStorage' => $encStorage,
+                'headerSize' => $headerSize,
+                'signed' => $signed
+            ]
+        ]);
+
+        return self::wrapSource($source, $context, 'ocencryption', $wrapper, $mode);
+    }
+
+    /**
+     * add stream wrapper
+     *
+     * @param resource $source
+     * @param string $mode
+     * @param resource $context
+     * @param string $protocol
+     * @param string $class
+     * @return resource
+     * @throws \BadMethodCallException
+     */
+    protected static function wrapSource($source, $context, $protocol, $class, $mode = 'r+') {
+        try {
+            stream_wrapper_register($protocol, $class);
+            if (self::isDirectoryHandle($source)) {
+                $wrapped = opendir($protocol . '://', $context);
+            } else {
+                $wrapped = fopen($protocol . '://', $mode, false, $context);
+            }
+        } catch (\BadMethodCallException $e) {
+            stream_wrapper_unregister($protocol);
+            throw $e;
+        }
+        stream_wrapper_unregister($protocol);
+        return $wrapped;
+    }
+
+    /**
+     * Load the source from the stream context and return the context options
+     *
+     * @param string $name
+     * @return array
+     * @throws \BadMethodCallException
+     */
+    protected function loadContext($name) {
+        $context = parent::loadContext($name);
+
+        foreach ($this->expectedContextProperties as $property) {
+            if (array_key_exists($property, $context)) {
+                $this->{$property} = $context[$property];
+            } else {
+                throw new \BadMethodCallException('Invalid context, "' . $property . '" options not set');
+            }
+        }
+        return $context;
+    }
+
+    public function stream_open($path, $mode, $options, &$opened_path) {
+        $this->loadContext('ocencryption');
+
+        $this->position = 0;
+        $this->cache = '';
+        $this->writeFlag = false;
+        $this->fileUpdated = false;
+        $this->unencryptedBlockSize = $this->encryptionModule->getUnencryptedBlockSize($this->signed);
+
+        if (
+            $mode === 'w'
+            || $mode === 'w+'
+            || $mode === 'wb'
+            || $mode === 'wb+'
+            || $mode === 'r+'
+            || $mode === 'rb+'
+        ) {
+            $this->readOnly = false;
+        } else {
+            $this->readOnly = true;
+        }
+
+        $sharePath = $this->fullPath;
+        if (!$this->storage->file_exists($this->internalPath)) {
+            $sharePath = dirname($sharePath);
+        }
+
+        $accessList = [];
+        if ($this->encryptionModule->needDetailedAccessList()) {
+            $accessList = $this->file->getAccessList($sharePath);
+        }
+        $this->newHeader = $this->encryptionModule->begin($this->fullPath, $this->uid, $mode, $this->header, $accessList);
+
+        if (
+            $mode === 'w'
+            || $mode === 'w+'
+            || $mode === 'wb'
+            || $mode === 'wb+'
+        ) {
+            // We're writing a new file so start write counter with 0 bytes
+            $this->unencryptedSize = 0;
+            $this->writeHeader();
+            $this->headerSize = $this->util->getHeaderSize();
+            $this->size = $this->headerSize;
+        } else {
+            $this->skipHeader();
+        }
+
+        return true;
+    }
+
+    public function stream_eof() {
+        return $this->position >= $this->unencryptedSize;
+    }
+
+    public function stream_read($count) {
+        $result = '';
+
+        $count = min($count, $this->unencryptedSize - $this->position);
+        while ($count > 0) {
+            $remainingLength = $count;
+            // update the cache of the current block
+            $this->readCache();
+            // determine the relative position in the current block
+            $blockPosition = ($this->position % $this->unencryptedBlockSize);
+            // if entire read inside current block then only position needs to be updated
+            if ($remainingLength < ($this->unencryptedBlockSize - $blockPosition)) {
+                $result .= substr($this->cache, $blockPosition, $remainingLength);
+                $this->position += $remainingLength;
+                $count = 0;
+            // otherwise remainder of current block is fetched, the block is flushed and the position updated
+            } else {
+                $result .= substr($this->cache, $blockPosition);
+                $this->flush();
+                $this->position += ($this->unencryptedBlockSize - $blockPosition);
+                $count -= ($this->unencryptedBlockSize - $blockPosition);
+            }
+        }
+        return $result;
+    }
 	
-	/**
-	 * stream_read_block
-	 *
-	 * This function is a wrapper for function stream_read.
-	 * It calls stream read until the requested $blockSize was received or no remaining data is present.
-	 * This is required as stream_read only returns smaller chunks of data when the stream fetches from a
-	 * remote storage over the internet and it does not care about the given $blockSize.
-	 *
-	 * @param int $blockSize Length of requested data block in bytes
-	 * @return string Data fetched from stream.
-	 */
-	private function stream_read_block(int $blockSize): string {
-		$remaining = $blockSize;
-		$data = '';
-
-		do {
-			$chunk = parent::stream_read($remaining);
-			$chunk_len = strlen($chunk);
-			$data .= $chunk;
-			$remaining -= $chunk_len;
-		} while (($remaining > 0) && ($chunk_len > 0));
-
-		return $data;
-	}
-
-	public function stream_write($data) {
-		$length = 0;
-		// loop over $data to fit it in 6126 sized unencrypted blocks
-		while (isset($data[0])) {
-			$remainingLength = strlen($data);
-
-			// set the cache to the current 6126 block
-			$this->readCache();
-
-			// for seekable streams the pointer is moved back to the beginning of the encrypted block
-			// flush will start writing there when the position moves to another block
-			$positionInFile = (int)floor($this->position / $this->unencryptedBlockSize) *
-				$this->util->getBlockSize() + $this->headerSize;
-			$resultFseek = $this->parentStreamSeek($positionInFile);
-
-			// only allow writes on seekable streams, or at the end of the encrypted stream
-			if (!$this->readOnly && ($resultFseek || $positionInFile === $this->size)) {
-
-				// switch the writeFlag so flush() will write the block
-				$this->writeFlag = true;
-				$this->fileUpdated = true;
-
-				// determine the relative position in the current block
-				$blockPosition = ($this->position % $this->unencryptedBlockSize);
-				// check if $data fits in current block
-				// if so, overwrite existing data (if any)
-				// update position and liberate $data
-				if ($remainingLength < ($this->unencryptedBlockSize - $blockPosition)) {
-					$this->cache = substr($this->cache, 0, $blockPosition)
-						. $data . substr($this->cache, $blockPosition + $remainingLength);
-					$this->position += $remainingLength;
-					$length += $remainingLength;
-					$data = '';
-				// if $data doesn't fit the current block, the fill the current block and reiterate
-					// after the block is filled, it is flushed and $data is updatedxxx
-				} else {
-					$this->cache = substr($this->cache, 0, $blockPosition) .
-						substr($data, 0, $this->unencryptedBlockSize - $blockPosition);
-					$this->flush();
-					$this->position += ($this->unencryptedBlockSize - $blockPosition);
-					$length += ($this->unencryptedBlockSize - $blockPosition);
-					$data = substr($data, $this->unencryptedBlockSize - $blockPosition);
-				}
-			} else {
-				$data = '';
-			}
-			$this->unencryptedSize = max($this->unencryptedSize, $this->position);
-		}
-		return $length;
-	}
-
-	public function stream_tell() {
-		return $this->position;
-	}
-
-	public function stream_seek($offset, $whence = SEEK_SET) {
-		$return = false;
-
-		switch ($whence) {
-			case SEEK_SET:
-				$newPosition = $offset;
-				break;
-			case SEEK_CUR:
-				$newPosition = $this->position + $offset;
-				break;
-			case SEEK_END:
-				$newPosition = $this->unencryptedSize + $offset;
-				break;
-			default:
-				return $return;
-		}
-
-		if ($newPosition > $this->unencryptedSize || $newPosition < 0) {
-			return $return;
-		}
-
-		$newFilePosition = (int)floor($newPosition / $this->unencryptedBlockSize)
-			* $this->util->getBlockSize() + $this->headerSize;
-
-		$oldFilePosition = parent::stream_tell();
-		if ($this->parentStreamSeek($newFilePosition)) {
-			$this->parentStreamSeek($oldFilePosition);
-			$this->flush();
-			$this->parentStreamSeek($newFilePosition);
-			$this->position = $newPosition;
-			$return = true;
-		}
-		return $return;
-	}
-
-	public function stream_close() {
-		$this->flush('end');
-		$position = (int)floor($this->position/$this->unencryptedBlockSize);
-		$remainingData = $this->encryptionModule->end($this->fullPath, $position . 'end');
-		if ($this->readOnly === false) {
-			if (!empty($remainingData)) {
-				parent::stream_write($remainingData);
-			}
-			$this->encryptionStorage->updateUnencryptedSize($this->fullPath, $this->unencryptedSize);
-		}
-		$result = parent::stream_close();
-
-		if ($this->fileUpdated) {
-			$cache = $this->storage->getCache();
-			$cacheEntry = $cache->get($this->internalPath);
-			if ($cacheEntry) {
-				$version = $cacheEntry['encryptedVersion'] + 1;
-				$cache->update($cacheEntry->getId(), ['encrypted' => $version, 'encryptedVersion' => $version]);
-			}
-		}
-
-		return $result;
-	}
-
-	/**
-	 * write block to file
-	 * @param string $positionPrefix
-	 */
-	protected function flush($positionPrefix = '') {
-		// write to disk only when writeFlag was set to 1
-		if ($this->writeFlag) {
-			// Disable the file proxies so that encryption is not
-			// automatically attempted when the file is written to disk -
-			// we are handling that separately here and we don't want to
-			// get into an infinite loop
-			$position = (int)floor($this->position/$this->unencryptedBlockSize);
-			$encrypted = $this->encryptionModule->encrypt($this->cache, $position . $positionPrefix);
-			$bytesWritten = parent::stream_write($encrypted);
-			$this->writeFlag = false;
-			// Check whether the write concerns the last block
-			// If so then update the encrypted filesize
-			// Note that the unencrypted pointer and filesize are NOT yet updated when flush() is called
-			// We recalculate the encrypted filesize as we do not know the context of calling flush()
-			$completeBlocksInFile=(int)floor($this->unencryptedSize/$this->unencryptedBlockSize);
-			if ($completeBlocksInFile === (int)floor($this->position/$this->unencryptedBlockSize)) {
-				$this->size = $this->util->getBlockSize() * $completeBlocksInFile;
-				$this->size += $bytesWritten;
-				$this->size += $this->headerSize;
-			}
-		}
-		// always empty the cache (otherwise readCache() will not fill it with the new block)
-		$this->cache = '';
-	}
-
-	/**
-	 * read block to file
-	 */
-	protected function readCache() {
-		// cache should always be empty string when this function is called
-		// don't try to fill the cache when trying to write at the end of the unencrypted file when it coincides with new block
-		if ($this->cache === '' && !($this->position === $this->unencryptedSize && ($this->position % $this->unencryptedBlockSize) === 0)) {
-			// Get the data from the file handle
-			$data = $this->stream_read_block($this->util->getBlockSize());
-			$position = (int)floor($this->position/$this->unencryptedBlockSize);
-			$numberOfChunks = (int)($this->unencryptedSize / $this->unencryptedBlockSize);
-			if ($numberOfChunks === $position) {
-				$position .= 'end';
-			}
-			$this->cache = $this->encryptionModule->decrypt($data, $position);
-		}
-	}
-
-	/**
-	 * write header at beginning of encrypted file
-	 *
-	 * @return integer
-	 * @throws EncryptionHeaderKeyExistsException if header key is already in use
-	 */
-	protected function writeHeader() {
-		$header = $this->util->createHeader($this->newHeader, $this->encryptionModule);
-		return parent::stream_write($header);
-	}
-
-	/**
-	 * read first block to skip the header
-	 */
-	protected function skipHeader() {
-		$this->stream_read_block($this->headerSize);
-	}
-
-	/**
-	 * call stream_seek() from parent class
-	 *
-	 * @param integer $position
-	 * @return bool
-	 */
-	protected function parentStreamSeek($position) {
-		return parent::stream_seek($position);
-	}
-
-	/**
-	 * @param string $path
-	 * @param array $options
-	 * @return bool
-	 */
-	public function dir_opendir($path, $options) {
-		return false;
-	}
+    /**
+     * stream_read_block
+     *
+     * This function is a wrapper for function stream_read.
+     * It calls stream read until the requested $blockSize was received or no remaining data is present.
+     * This is required as stream_read only returns smaller chunks of data when the stream fetches from a
+     * remote storage over the internet and it does not care about the given $blockSize.
+     *
+     * @param int $blockSize Length of requested data block in bytes
+     * @return string Data fetched from stream.
+     */
+    private function stream_read_block(int $blockSize): string {
+        $remaining = $blockSize;
+        $data = '';
+
+        do {
+            $chunk = parent::stream_read($remaining);
+            $chunk_len = strlen($chunk);
+            $data .= $chunk;
+            $remaining -= $chunk_len;
+        } while (($remaining > 0) && ($chunk_len > 0));
+
+        return $data;
+    }
+
+    public function stream_write($data) {
+        $length = 0;
+        // loop over $data to fit it in 6126 sized unencrypted blocks
+        while (isset($data[0])) {
+            $remainingLength = strlen($data);
+
+            // set the cache to the current 6126 block
+            $this->readCache();
+
+            // for seekable streams the pointer is moved back to the beginning of the encrypted block
+            // flush will start writing there when the position moves to another block
+            $positionInFile = (int)floor($this->position / $this->unencryptedBlockSize) *
+                $this->util->getBlockSize() + $this->headerSize;
+            $resultFseek = $this->parentStreamSeek($positionInFile);
+
+            // only allow writes on seekable streams, or at the end of the encrypted stream
+            if (!$this->readOnly && ($resultFseek || $positionInFile === $this->size)) {
+
+                // switch the writeFlag so flush() will write the block
+                $this->writeFlag = true;
+                $this->fileUpdated = true;
+
+                // determine the relative position in the current block
+                $blockPosition = ($this->position % $this->unencryptedBlockSize);
+                // check if $data fits in current block
+                // if so, overwrite existing data (if any)
+                // update position and liberate $data
+                if ($remainingLength < ($this->unencryptedBlockSize - $blockPosition)) {
+                    $this->cache = substr($this->cache, 0, $blockPosition)
+                        . $data . substr($this->cache, $blockPosition + $remainingLength);
+                    $this->position += $remainingLength;
+                    $length += $remainingLength;
+                    $data = '';
+                // if $data doesn't fit the current block, the fill the current block and reiterate
+                    // after the block is filled, it is flushed and $data is updatedxxx
+                } else {
+                    $this->cache = substr($this->cache, 0, $blockPosition) .
+                        substr($data, 0, $this->unencryptedBlockSize - $blockPosition);
+                    $this->flush();
+                    $this->position += ($this->unencryptedBlockSize - $blockPosition);
+                    $length += ($this->unencryptedBlockSize - $blockPosition);
+                    $data = substr($data, $this->unencryptedBlockSize - $blockPosition);
+                }
+            } else {
+                $data = '';
+            }
+            $this->unencryptedSize = max($this->unencryptedSize, $this->position);
+        }
+        return $length;
+    }
+
+    public function stream_tell() {
+        return $this->position;
+    }
+
+    public function stream_seek($offset, $whence = SEEK_SET) {
+        $return = false;
+
+        switch ($whence) {
+            case SEEK_SET:
+                $newPosition = $offset;
+                break;
+            case SEEK_CUR:
+                $newPosition = $this->position + $offset;
+                break;
+            case SEEK_END:
+                $newPosition = $this->unencryptedSize + $offset;
+                break;
+            default:
+                return $return;
+        }
+
+        if ($newPosition > $this->unencryptedSize || $newPosition < 0) {
+            return $return;
+        }
+
+        $newFilePosition = (int)floor($newPosition / $this->unencryptedBlockSize)
+            * $this->util->getBlockSize() + $this->headerSize;
+
+        $oldFilePosition = parent::stream_tell();
+        if ($this->parentStreamSeek($newFilePosition)) {
+            $this->parentStreamSeek($oldFilePosition);
+            $this->flush();
+            $this->parentStreamSeek($newFilePosition);
+            $this->position = $newPosition;
+            $return = true;
+        }
+        return $return;
+    }
+
+    public function stream_close() {
+        $this->flush('end');
+        $position = (int)floor($this->position/$this->unencryptedBlockSize);
+        $remainingData = $this->encryptionModule->end($this->fullPath, $position . 'end');
+        if ($this->readOnly === false) {
+            if (!empty($remainingData)) {
+                parent::stream_write($remainingData);
+            }
+            $this->encryptionStorage->updateUnencryptedSize($this->fullPath, $this->unencryptedSize);
+        }
+        $result = parent::stream_close();
+
+        if ($this->fileUpdated) {
+            $cache = $this->storage->getCache();
+            $cacheEntry = $cache->get($this->internalPath);
+            if ($cacheEntry) {
+                $version = $cacheEntry['encryptedVersion'] + 1;
+                $cache->update($cacheEntry->getId(), ['encrypted' => $version, 'encryptedVersion' => $version]);
+            }
+        }
+
+        return $result;
+    }
+
+    /**
+     * write block to file
+     * @param string $positionPrefix
+     */
+    protected function flush($positionPrefix = '') {
+        // write to disk only when writeFlag was set to 1
+        if ($this->writeFlag) {
+            // Disable the file proxies so that encryption is not
+            // automatically attempted when the file is written to disk -
+            // we are handling that separately here and we don't want to
+            // get into an infinite loop
+            $position = (int)floor($this->position/$this->unencryptedBlockSize);
+            $encrypted = $this->encryptionModule->encrypt($this->cache, $position . $positionPrefix);
+            $bytesWritten = parent::stream_write($encrypted);
+            $this->writeFlag = false;
+            // Check whether the write concerns the last block
+            // If so then update the encrypted filesize
+            // Note that the unencrypted pointer and filesize are NOT yet updated when flush() is called
+            // We recalculate the encrypted filesize as we do not know the context of calling flush()
+            $completeBlocksInFile=(int)floor($this->unencryptedSize/$this->unencryptedBlockSize);
+            if ($completeBlocksInFile === (int)floor($this->position/$this->unencryptedBlockSize)) {
+                $this->size = $this->util->getBlockSize() * $completeBlocksInFile;
+                $this->size += $bytesWritten;
+                $this->size += $this->headerSize;
+            }
+        }
+        // always empty the cache (otherwise readCache() will not fill it with the new block)
+        $this->cache = '';
+    }
+
+    /**
+     * read block to file
+     */
+    protected function readCache() {
+        // cache should always be empty string when this function is called
+        // don't try to fill the cache when trying to write at the end of the unencrypted file when it coincides with new block
+        if ($this->cache === '' && !($this->position === $this->unencryptedSize && ($this->position % $this->unencryptedBlockSize) === 0)) {
+            // Get the data from the file handle
+            $data = $this->stream_read_block($this->util->getBlockSize());
+            $position = (int)floor($this->position/$this->unencryptedBlockSize);
+            $numberOfChunks = (int)($this->unencryptedSize / $this->unencryptedBlockSize);
+            if ($numberOfChunks === $position) {
+                $position .= 'end';
+            }
+            $this->cache = $this->encryptionModule->decrypt($data, $position);
+        }
+    }
+
+    /**
+     * write header at beginning of encrypted file
+     *
+     * @return integer
+     * @throws EncryptionHeaderKeyExistsException if header key is already in use
+     */
+    protected function writeHeader() {
+        $header = $this->util->createHeader($this->newHeader, $this->encryptionModule);
+        return parent::stream_write($header);
+    }
+
+    /**
+     * read first block to skip the header
+     */
+    protected function skipHeader() {
+        $this->stream_read_block($this->headerSize);
+    }
+
+    /**
+     * call stream_seek() from parent class
+     *
+     * @param integer $position
+     * @return bool
+     */
+    protected function parentStreamSeek($position) {
+        return parent::stream_seek($position);
+    }
+
+    /**
+     * @param string $path
+     * @param array $options
+     * @return bool
+     */
+    public function dir_opendir($path, $options) {
+        return false;
+    }
 }

Spacing +15 added lines, -15 removed lines

@@ -202,9 +202,9 @@ 
 		try {
 			stream_wrapper_register($protocol, $class);
 			if (self::isDirectoryHandle($source)) {
-				$wrapped = opendir($protocol . '://', $context);
+				$wrapped = opendir($protocol.'://', $context);
 			} else {
-				$wrapped = fopen($protocol . '://', $mode, false, $context);
+				$wrapped = fopen($protocol.'://', $mode, false, $context);
 			}
 		} catch (\BadMethodCallException $e) {
 			stream_wrapper_unregister($protocol);
@@ -228,7 +228,7 @@ 
 			if (array_key_exists($property, $context)) {
 				$this->{$property} = $context[$property];
 			} else {
-				throw new \BadMethodCallException('Invalid context, "' . $property . '" options not set');
+				throw new \BadMethodCallException('Invalid context, "'.$property.'" options not set');
 			}
 		}
 		return $context;
@@ -351,7 +351,7 @@ 
 
 			// for seekable streams the pointer is moved back to the beginning of the encrypted block
 			// flush will start writing there when the position moves to another block
-			$positionInFile = (int)floor($this->position / $this->unencryptedBlockSize) *
+			$positionInFile = (int) floor($this->position / $this->unencryptedBlockSize) *
 				$this->util->getBlockSize() + $this->headerSize;
 			$resultFseek = $this->parentStreamSeek($positionInFile);
 
@@ -369,14 +369,14 @@ 
 				// update position and liberate $data
 				if ($remainingLength < ($this->unencryptedBlockSize - $blockPosition)) {
 					$this->cache = substr($this->cache, 0, $blockPosition)
-						. $data . substr($this->cache, $blockPosition + $remainingLength);
+						. $data.substr($this->cache, $blockPosition + $remainingLength);
 					$this->position += $remainingLength;
 					$length += $remainingLength;
 					$data = '';
 				// if $data doesn't fit the current block, the fill the current block and reiterate
 					// after the block is filled, it is flushed and $data is updatedxxx
 				} else {
-					$this->cache = substr($this->cache, 0, $blockPosition) .
+					$this->cache = substr($this->cache, 0, $blockPosition).
 						substr($data, 0, $this->unencryptedBlockSize - $blockPosition);
 					$this->flush();
 					$this->position += ($this->unencryptedBlockSize - $blockPosition);
@@ -416,7 +416,7 @@ 
 			return $return;
 		}
 
-		$newFilePosition = (int)floor($newPosition / $this->unencryptedBlockSize)
+		$newFilePosition = (int) floor($newPosition / $this->unencryptedBlockSize)
 			* $this->util->getBlockSize() + $this->headerSize;
 
 		$oldFilePosition = parent::stream_tell();
@@ -432,8 +432,8 @@ 
 
 	public function stream_close() {
 		$this->flush('end');
-		$position = (int)floor($this->position/$this->unencryptedBlockSize);
-		$remainingData = $this->encryptionModule->end($this->fullPath, $position . 'end');
+		$position = (int) floor($this->position / $this->unencryptedBlockSize);
+		$remainingData = $this->encryptionModule->end($this->fullPath, $position.'end');
 		if ($this->readOnly === false) {
 			if (!empty($remainingData)) {
 				parent::stream_write($remainingData);
@@ -465,16 +465,16 @@ 
 			// automatically attempted when the file is written to disk -
 			// we are handling that separately here and we don't want to
 			// get into an infinite loop
-			$position = (int)floor($this->position/$this->unencryptedBlockSize);
-			$encrypted = $this->encryptionModule->encrypt($this->cache, $position . $positionPrefix);
+			$position = (int) floor($this->position / $this->unencryptedBlockSize);
+			$encrypted = $this->encryptionModule->encrypt($this->cache, $position.$positionPrefix);
 			$bytesWritten = parent::stream_write($encrypted);
 			$this->writeFlag = false;
 			// Check whether the write concerns the last block
 			// If so then update the encrypted filesize
 			// Note that the unencrypted pointer and filesize are NOT yet updated when flush() is called
 			// We recalculate the encrypted filesize as we do not know the context of calling flush()
-			$completeBlocksInFile=(int)floor($this->unencryptedSize/$this->unencryptedBlockSize);
-			if ($completeBlocksInFile === (int)floor($this->position/$this->unencryptedBlockSize)) {
+			$completeBlocksInFile = (int) floor($this->unencryptedSize / $this->unencryptedBlockSize);
+			if ($completeBlocksInFile === (int) floor($this->position / $this->unencryptedBlockSize)) {
 				$this->size = $this->util->getBlockSize() * $completeBlocksInFile;
 				$this->size += $bytesWritten;
 				$this->size += $this->headerSize;
@@ -493,8 +493,8 @@ 
 		if ($this->cache === '' && !($this->position === $this->unencryptedSize && ($this->position % $this->unencryptedBlockSize) === 0)) {
 			// Get the data from the file handle
 			$data = $this->stream_read_block($this->util->getBlockSize());
-			$position = (int)floor($this->position/$this->unencryptedBlockSize);
-			$numberOfChunks = (int)($this->unencryptedSize / $this->unencryptedBlockSize);
+			$position = (int) floor($this->position / $this->unencryptedBlockSize);
+			$numberOfChunks = (int) ($this->unencryptedSize / $this->unencryptedBlockSize);
 			if ($numberOfChunks === $position) {
 				$position .= 'end';
 			}