Heratio Framework API Reference

FileEncryptionService
in package

Layer 1: Digital object file encryption.

Encrypts uploaded files (masters + derivatives) in-place on disk. Uses EncryptionService for the actual AES-256-GCM operations.

Table of Contents

Methods

decryptForStream()  : Generator
Get a streaming generator for an encrypted file.
decryptToTemp()  : string
Decrypt a file to a temporary location for streaming/viewing.
encryptDerivatives()  : int
Encrypt all derivatives (thumbnails, reference images) for a parent digital object.
encryptDerivativesEnabled()  : bool
Check if derivative encryption is enabled.
encryptDigitalObject()  : bool
Encrypt a specific digital object's master file.
encryptExisting()  : array{encrypted: int, skipped: int, failed: int, errors: string[]}
Batch-encrypt existing unencrypted digital objects on disk.
encryptUpload()  : bool
Encrypt a file in-place after upload.
isEnabled()  : bool
Check if file encryption is enabled in settings.

Methods

decryptForStream()

Get a streaming generator for an encrypted file.

public static decryptForStream(string $filePath) : Generator
Parameters
$filePath : string

Absolute path to encrypted file

Return values
Generator

yields plaintext chunks

decryptToTemp()

Decrypt a file to a temporary location for streaming/viewing.

public static decryptToTemp(string $filePath) : string
Parameters
$filePath : string

Absolute path to encrypted file

Return values
string

Path to temporary decrypted file (caller must unlink)

encryptDerivatives()

Encrypt all derivatives (thumbnails, reference images) for a parent digital object.

public static encryptDerivatives(int $parentId) : int
Parameters
$parentId : int

The parent digital object ID

Return values
int

Number of derivatives encrypted

encryptDerivativesEnabled()

Check if derivative encryption is enabled.

public static encryptDerivativesEnabled() : bool
Return values
bool

encryptDigitalObject()

Encrypt a specific digital object's master file.

public static encryptDigitalObject(int $digitalObjectId) : bool
Parameters
$digitalObjectId : int

The digital object ID

Return values
bool

true on success

encryptExisting()

Batch-encrypt existing unencrypted digital objects on disk.

public static encryptExisting([int $limit = 100 ][, callable|null $progress = null ]) : array{encrypted: int, skipped: int, failed: int, errors: string[]}
Parameters
$limit : int = 100

Max files to process

$progress : callable|null = null

Callback: function(int $current, int $total, string $path)

Return values
array{encrypted: int, skipped: int, failed: int, errors: string[]}

encryptUpload()

Encrypt a file in-place after upload.

public static encryptUpload(string $filePath) : bool
Parameters
$filePath : string

Absolute path to the plaintext file

Return values
bool

true on success

isEnabled()

Check if file encryption is enabled in settings.

public static isEnabled() : bool
Return values
bool 

        

        
    




    

    

                                

                

                                
    

        On this page

        
    


                

                            

            

    

        

            
Search results