We have a client who is concerned about file privacy. They have asked us if we can add an encryption process to encrypt files added to the file manager. They shouldn’t really be storing sensitive files in file manager but they are an educational establishment so want to be as secure as possible. I was thinking maybe using AWS S3 as a storage location and encrypting the bucket but I’m not sure how this will work when we are retrieving files for download/display for logged in users? Has anyone done this before?
1 Like
Concrete comes with a vendor library called Defuse that provides the encryption services you need. I wrote a small wrapper class for Defuse that makes it easy to access the 4 core methods Defuse offers:
public static function encrypt($cleartext)
public static function decrypt($ciphertex)
public static function encrypt_file($file_in, $file_out)
public static function decrypt_file($file_encrypted, $file_clear)
Note that Defuse uses symmetrical encryption, so you will need to store the decryption key somewhere.
Hope you find this useful.
Dave
3 Likes
Thank you. I’ll check it out.