Improved backup efficiency and security.

olssonm · olssonm · commit 23d91a89825f · 2018-06-05T08:50:27.000+02:00
diff --git a/README.md b/README.md
@@ -17,7 +17,9 @@ Backup Shield simply listens for when the .zip-file generated by Laravel-backup
 
 ## Installation
 
-`composer require olssonm/laravel-backup-shield`
+```bash
+composer require olssonm/laravel-backup-shield
+```
 
 Requires `PHP: "^7.0"` and `laravel/framework: "^5.3"`.
 
@@ -58,7 +60,11 @@ Set your type of encryption. Available options are:
 `\Olssonm\BackupShield\Encryption::ENCRYPTION_WINZIP_AES_192` (AES 192)  
 `\Olssonm\BackupShield\Encryption::ENCRYPTION_WINZIP_AES_256` (AES 256)  
 
-Note that macOS among other does *not* support the Winzip AES-encryption methods as standard. You might have to buy a separate app and/or license to decrypt and open the protected file. However, if you have the option for AES 256 you should go with that as ZipCrypto may be weak.
+**Important information regarding encryption**
+
+Using the `ENCRYPTION_DEFAULT` (PKWARE/ZipCrypto) crypto gives you the best portability as most operating systems can natively unzip the file – however, ZipCrypto might be weak. The Winzip AES-methods on the other hand might require a separate app and/or licence to be able to unzip depending on your OS; suggestions for macOS are [Keka](http://www.kekaosx.com/en/) and [Stuffit Expander](https://itunes.apple.com/us/app/stuffit-expander-16/id919269455).
+
+Also to note is that when zipping very large files ZipCrypto might be very inefficient as the entire data-set will have to be loaded into memory to perform the encryption, if the zipped file's content is bigger than your available RAM you *will* run out of memory.
 
 ## Testing
 
diff --git a/composer.json b/composer.json
@@ -24,7 +24,7 @@
         "spatie/laravel-backup": "~4.0|~5.0"
     },
     "require-dev": {
-        "phpunit/phpunit": "~5.4 || ~6.0 || ~7.0",
+        "phpunit/phpunit": "~5.4 || ~6.0 || ~7.1",
         "orchestra/testbench": "^3.3"
     },
     "autoload": {
diff --git a/src/Factories/Password.php b/src/Factories/Password.php
@@ -18,20 +18,16 @@ class Password
      */
     function __construct(string $path)
     {
-        consoleOutput()->comment('Applying password and encryption to zipped file...');
+        consoleOutput()->info('Applying password and encryption to zip...');
 
-        // Create a new zip, add the existing from spatie/backup and encrypt
+        // Create a new zip, add the zip from spatie/backup, encrypt and resave
         $zipFile = new ZipFile();
-        $zipFile->addFile($path, 'backup.zip');
+        $zipFile->addFile($path, 'backup.zip', ZipFile::METHOD_DEFLATED);
         $zipFile->setPassword(config('backup-shield.password'), config('backup-shield.encryption'));
         $zipFile->saveAsFile($path);
         $zipFile->close();
 
-        // $zip = (new ZipFile())->openFile($path);
-        // $zip->setPassword(config('backup-shield.password'), config('backup-shield.encryption'));
-        // $zip->saveAsFile($path);
-
-        consoleOutput()->comment('Applied password and encryption to zipped file.');
+        consoleOutput()->info('Applied password and encryption to zip.');
 
         $this->path = $path;
     }
diff --git a/tests/BackupShieldTests.php b/tests/BackupShieldTests.php
@@ -3,6 +3,7 @@
 namespace Olssonm\BackupShield\Tests;
 
 use Spatie\Backup\Events\BackupZipWasCreated;
+use PhpZip\ZipFile;
 
 use Artisan;
 
@@ -52,15 +53,15 @@ public function test_config_file_is_installed()
 	public function test_listener_return_data()
 	{
 		// Set parameters for testing
-		$path = __DIR__ . '/resources/test-big.zip';
+		$path = __DIR__ . '/resources/test.zip';
 		$pathTest = __DIR__ . '/resources/processed.zip';
 
 		// Make backup
 		copy($path, $pathTest);
 
 		// Manually set config
 		config()->set('backup-shield.password', 'W2psdtBz9KWX49tccsr6mYwevyciTdJnJjLjtKSGkVTN1hFLH7YuaMsCBFo7AsAn');
-		config()->set('backup-shield.encruption',  \Olssonm\BackupShield\Encryption::ENCRYPTION_DEFAULT);
+		config()->set('backup-shield.encryption',  \Olssonm\BackupShield\Encryption::ENCRYPTION_WINZIP_AES_256);
 
 		$data = event(new BackupZipWasCreated($pathTest));
 
@@ -71,12 +72,21 @@ public function test_listener_return_data()
 	public function test_encryption_protection()
 	{
 		// Test that the archive actually is encrypted and password protected
+		$path = __DIR__ . '/resources/processed.zip';
+
+		$zipFile = (new ZipFile())->openFile($path);
+		$zipInfo = $zipFile->getAllInfo();
+
+		$this->assertEquals(true, $zipInfo['backup.zip']->isEncrypted());
+		$this->assertEquals('backup.zip', $zipInfo['backup.zip']->getName());
+		$this->assertEquals(config('backup-shield.encryption'), $zipInfo['backup.zip']->getEncryptionMethod());
 	}
 
 	/** Teardown */
 	public static function tearDownAfterClass()
 	{
-		// Delete config-file
+		// Delete config and test-files
+		unlink(__DIR__ . '/resources/processed.zip');
 		unlink(__DIR__ . '/../vendor/orchestra/testbench-core/laravel/config/backup-shield.php');
 		parent::tearDownAfterClass();
 	}
