Say you want users of your site to be able to upload and download documents, but you also want these documents to be protected in case someone breaks into your server. This module allows Drupal to encrypt files that users upload and decrypt files for download, keeping the unencrypted versions of files from ever being stored on disk. It does this by creating a custom file stream wrapper that Drupal can read from and write to and a new download method that sits alongside the regular public and private methods. So you can make Encrypted Files the default download method, or only use it as the download method for specific file-type fields.
- Uses the Encrypt module to provide options for encryption method and key provider
- Provides the ability to encrypt file fields
- Uses AES-256 encryption via the AES module.
- Uses two symmetric keys for encryption by default.
- Provides two fields that you can add to your entities: one that stores files using site-wide encryption keys and one that stores files with a user-supplied password.
Though Encrypted Files encrypts your files for storage, it does not provide any access checking for file downloads. Rather, it simply gives each encrypted file the same access as the node it is attached to. This allows you to leverage the Node Access System, permissions, and other access techniques available to Drupal to control access to encrypted files by restricting viewing access to their nodes.