Commit 5f37df31 authored by Regis's avatar Regis
Browse files

Merge branch '78_map_image_security_and_encryption' into 'master'

78 map image security and encryption

See merge request a_boiteau/site-vikazimut-stage!39
parents 4aab7764 1a90f1fe
......@@ -21,3 +21,4 @@ prototype-uml/*
/upload
/config/secret/.Halite.key
/var/
/config/secret/image_keys.json
......@@ -39,7 +39,8 @@
"symfony/twig-pack": "*",
"symfony/validator": "5.1.*",
"symfony/web-link": "5.1.*",
"symfony/yaml": "5.1.*"
"symfony/yaml": "5.1.*",
"ext-zlib": "*"
},
"require-dev": {
"dama/doctrine-test-bundle": "^6.3",
......
......@@ -3,8 +3,6 @@
namespace App\Controller;
use App\Entity\Event;
use App\Entity\EventCourse;
use App\Entity\Participant;
use App\Entity\ParticipantMakeEventCourse;
use App\Entity\Track;
use PHPUnit\Util\Exception;
......@@ -79,6 +77,102 @@ class DataController extends AbstractController
return $this->file($course->getImage());
}
// TODO refactor
function encryptFile($encKey, $encIV, $inPath, $outPath): int
{
$sourceFile = file_get_contents($inPath);
$key = base64_decode($encKey);
$iv = base64_decode($encIV);
$path_parts = pathinfo($inPath);
$fileName = $path_parts['filename'];
$outFile = $outPath.$fileName.'.bin';
$encrypter = 'aes-256-cbc';
$encryptedString = openssl_encrypt($sourceFile, $encrypter, $key, 0, $iv);
if (file_put_contents($outFile, $encryptedString) != false) {
return 1;
} else {
return 0;
}
}
// kept for future use.
function decryptFile($encKey, $encIV, $inPath, $outPath): int
{
$encryptedString = file_get_contents($inPath);
$key = base64_decode($encKey);
$iv = base64_decode($encIV);
$path_parts = pathinfo($inPath);
$fileName = $path_parts['filename'];
$outFile = $outPath.$fileName.'.jpeg';
$encrypter = 'aes-256-cbc';
$decrypted = openssl_decrypt($encryptedString, $encrypter, $key, 0, $iv);
if (file_put_contents($outFile, $decrypted) != false) {
return 1;
} else {
return 0;
}
}
/**
* @Route("/data/{id}/img", name="img")
*/
public function get_image_encrypted_archive($id): Response
{
// TODO refactor
$course = $this->getDoctrine()->getRepository(Course::class)->find($id);
if (!$course) {
return $this->json(["error" => "invalid id"]);
}
$key = 'eCAcaDxYWEQYFCAcEA0HBAoRGyALBQIQPBxcXHgAFDg=';
$iv = 'kaFADB4gHxkKCxoRGBkcBQ==';
$encryptedFilename = $id.".bin";
$compressedFilename = $encryptedFilename.".gz";
$this->encryptFile($key, $iv, $course->getImage(), "");
$data = file_get_contents($encryptedFilename);
$gzData = gzencode($data);
file_put_contents($compressedFilename, $gzData);
$response = new Response(file_get_contents($compressedFilename));
$disposition = HeaderUtils::makeDisposition(HeaderUtils::DISPOSITION_ATTACHMENT, $compressedFilename);
$response->headers->set('Cache-Control', 'private');
$response->headers->set('Content-type', 'application/octet-stream');
$response->headers->set('Content-Disposition', $disposition);
$response->headers->set('Content-Length', filesize($compressedFilename));
return $response;
}
/**
* @Route("/data/{id}/img", name="img")
*/
/* public function get_image_encrypted_archive($id): Response
{
// TODO refactor
$course = $this->getDoctrine()->getRepository(Course::class)->find($id);
if (!$course) {
return $this->json(["error" => "invalid id"]);
}
$encryptedFilename = $id.".bin";
$compressedFilename = $encryptedFilename.".gz";
$encryptVariables = json_decode(file_get_contents((\dirname(__DIR__, 2).'/config/secret/image_keys.json')), true);
// $this->encryptFile($encryptVariables["image_file_key"], $encryptVariables["image_file_iv"], $course->getImage(), "");
$image_file_key = "eCAcaDxYWEQYFCAcEA0HBAoRGyALBQIQPBxcXHgAFDg=";
$image_file_iv = "kaFADB4gHxkKCxoRGBkcBQ==";
$this->encryptFile($image_file_key, $image_file_key, $course->getImage(), "");
$data = file_get_contents($encryptedFilename);
$gzData = gzencode($data);
file_put_contents($compressedFilename, $gzData);
$response = new Response(file_get_contents($compressedFilename));
$disposition = HeaderUtils::makeDisposition(HeaderUtils::DISPOSITION_ATTACHMENT, $compressedFilename);
$response->headers->set('Cache-Control', 'private');
$response->headers->set('Content-type', 'application/octet-stream');
$response->headers->set('Content-Disposition', $disposition);
$response->headers->set('Content-Length', filesize($compressedFilename));
return $response;
}
*/
/**
* @Route("/data/{id}/img", name="img")
*/
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment