The Encrypted Files module for Drupal 7 allows Drupal to encrypt files that users upload and decrypt files for download, keeping the unencrypted versions of files from being stored on disk. It does this by creating a custom file stream wrapper that Drupal can read from and write to and a new download method that sits alongside the regular public and private methods. So you can make Encrypted Files the default download method, or only use it as the download method for specific file-type fields.
Important note regarding file access:
Though Encrypted Files encrypts your files for storage, it does not provide any access checking for file downloads. Rather, it simply gives each encrypted file the same access as the node it is attached to. This allows you to leverage the Node Access System, permissions, and other access techniques available to Drupal to control access to encrypted files by restricting viewing access to their nodes.
Installation
Download and enable the AES Encryption module first. Then download and enable Encrypted Files like any other module. For more info on installing modules, see: http://drupal.org/documentation/install/modules-themes/modules-7
Requirements
To install and function correctly, Encrypted Files must:
- Be able to write to a site's private files directory
- Be able to create a directory within private files to store encrypted files
The module will report on install and on the site status report if it encounters problems with the above. If you encounter such issues, check:
- That you have configured your private files directory at admin/config/media/file-system. The setting is "Private file system path"
- That your private files directory is writable by your web server. The proper permission scheme for this directory depends on the configuration of your server and the user it's running under.
Note: By default, AES Encryption enables on install a feature that encodes new users' passwords with an algorithm that allows administrators to decrypt them. If you do not want this functionality, you can disable it by visiting admin/settings/aes and unchecking "Create AES passwords"
Usage
You can use Encrypted Files by selecting it as the default download method for all your site's files or as the upload destination for specific file fields. For convenience, the module provides two fields that you can add to your entities:
- Encrypted File (encrypted_files_basic_file)
Stores files using the site-wide encryption keys and the default file field widget and formatter - Password-protected File (encrypted_files_pass_protected)
Stores each file with its own user-supplied encryption password and uses a custom widget and formatter for uploading and downloading files with passwords
Setting Encrypted Files as the default download method
Encrypting all files uploaded to your site is easy. Just set your site's default download method to "Private, encrypted files".