How to encrypt/decrypt uploaded file on the fly

This topic is locked

How to encrypt/decrypt uploaded file on the fly	2/20/2014 10:20:56 AM
PHPRunner General questions
A Abul author Here is another problem I am facing. I have to upload confidential report (word or pdf) and the file must be encrypted on the fly and the file will be decrypted on the fly again when appropriate authority login. I have created a table called "Report" where rportid (PK), employeeid (FK), userid (FK), report (blob) fields. what I would like to upload report for specific employee and the file will be encrypted and stored in the database not in the the root folder. the Report list page shows only file link under report field, so when the appropriate authority click on the link then the file will be decrypted on the fly and popup in a separate window either in word or pdf it does not matter. I appreciate any ideas to accomplish this in my phpr7.0 project. I am using MySQL as my database. Thanks in Advance.


J	jmlphp 2/24/2014
	Since no one has replied, i'll give my 2 cents... The issue that i see isn't decrypting the fields, but rather, how to securely pass the credentials (like the key) to actually perform the decryption. Sure, you can check if the person logged in and retrieve the proper records. But, you'll still need to securely obtain the key and send it to your decrypting program to display the de-encrypted record. If you have many records, where do you "store" this key? Cookies and session variables are not secure. And if you hold it only while the program is running, you'll need to retrieve it again for every page. I don't have a simple solution that will keep your key secure. I would be interested in hearing from others on possible solutions. But i suspect, the security of the key is going to cause problems in any solution.