File Encrypt

Introduction

The file encrypt module allows you to encrypt files uploaded via Drupal using the Encrypt and Key modules. When encrypted files are requested, they will be decrypted automatically.

Installation

Required provide a path in settings.php where encrypted files should be stored:

$settings['encrypted_file_path'] = 'sites/default/files-encrypted';

Next create an encryption key using your desired encryption method. E.g. https://www.drupal.org/project/real_aes.

Then create an encryption profile at /admin/config/system/encryption/profiles that uses the encryption method and key you created.

Finally, enable file encryption on a field-by-field basis on their respective "Field settings" pages by selecting "Encrypted files" as the upload destination.

Webform

For webform file uploads, create a "webform" encryption profile.

Encrypting file metadata

To encrypt metadata like title and description use the Field Encryption module.

Architecture

The module architecture revolves around a stream wrapper that provides an encrypt:// stream and applies filters that encrypt/decrypt the data that passes through it. URLs take the form encrypt://{encryption_profile}/{path/to/file.ext}, e.g., encrypt://my_profile/images/druplicon.png. The module also provides a route at which decrypted files can be accessed according to field permissions, much like private files.