I need some sort of file encryption that I can invoke from my PHP web pages,
to protect sensitive files uploaded/downloaded by clients.
I use https (SSL) for the upload/download, but once the transfer is
complete, the files will reside on the server in unencrypted form. I want to
be able to apply at least one form of file encryption (Blowfish, AES, etc.).
Every PHP solution that I've found so far seems too slow or too limited. The
files I need to encrypt average from 5MB to 10MB in size. How can I use
mcrypt() with files this large? It seems like my server is killing the PHP
process before it can complete (maybe taking too long?). It can run to
completion if I use a smaller file (e.g. 50KB).
My server is a version of Redhat with Apache.
Can anyone recommend the easiest/fastest way to integrate file encryption
into my website? Using a PHP class? Using shell_exec? Using CGI/Perl?
If the encryption process would take too long to occur in real-time while
the user is waiting for the page to complete, I can probably trigger a cron
job to do the encryption in background.
Thanks in advance for any advice.
Ed
4  3160 
In article <OY********************@adelphia.com>,
"Ed J" <je*@privacy.net> wrote: It seems like my server is killing the PHP
process before it can complete (maybe taking too long?). It can run to
completion if I use a smaller file (e.g. 50KB).
You could issue a
set_time_limit(0);
before starting the encryption process.
JP
--
Sorry, <de*****@cauce.org> is een "spam trap".
E-mail adres is <jpk"at"akamail.com>, waarbij "at" = @.
"Jan Pieter Kunst" <de*****@cauce.org> wrote in message
news:de***************************@news1.news.xs4a ll.nl... In article <OY********************@adelphia.com>,
"Ed J" <je*@privacy.net> wrote:
It seems like my server is killing the PHP
process before it can complete (maybe taking too long?). It can run to
completion if I use a smaller file (e.g. 50KB).
You could issue a
set_time_limit(0);
before starting the encryption process.
JP
JP! How could you! set_time_limit(1000); by all means! But never 0! 8)
Garp
"Ed J" <je*@privacy.net> wrote in message
news:OY********************@adelphia.com... I need some sort of file encryption that I can invoke from my PHP web
pages, to protect sensitive files uploaded/downloaded by clients.
I use https (SSL) for the upload/download, but once the transfer is
complete, the files will reside on the server in unencrypted form. I want
to be able to apply at least one form of file encryption (Blowfish, AES,
etc.).
Using a symmetric cypher like Blowfish or AES alone won't give you any
additional security, because the key would reside in your PHP file. You need
to use some kind of public-key-private-key encryption, like RSA, so that the
web server can encrypt but not decrypt the files.
The easiest way is probably to spawn an instance of PGP or something
similiar.
On 4/14/04 7:48 PM, in article zv********************@comcast.com, "Chung
Leong" <ch***********@hotmail.com> wrote: "Ed J" <je*@privacy.net> wrote in message
news:OY********************@adelphia.com... I need some sort of file encryption that I can invoke from my PHP web pages, to protect sensitive files uploaded/downloaded by clients.
I use https (SSL) for the upload/download, but once the transfer is
complete, the files will reside on the server in unencrypted form. I want
to be able to apply at least one form of file encryption (Blowfish, AES,
etc.).
Using a symmetric cypher like Blowfish or AES alone won't give you any
additional security, because the key would reside in your PHP file. You need
to use some kind of public-key-private-key encryption, like RSA, so that the
web server can encrypt but not decrypt the files.
Actually, I just finished an article for International PHP Magazine (
http://www.phpmag.net ) that addresses the issues involved with symmetric
cyphers in interpreted languages like PHP. There *are* lots of options.
Should hit the newsstands at the end of the month.
The easiest way is probably to spawn an instance of PGP or something
similiar.
Spawning an instance is not secure on multi-user systems. See: http://www.zend.com/zend/tut/tutorial-brogdon.php
Last time I checked John Coggeshall was working on a PECL module for
libgcrypt.
Cheers,
Robert
--
Robert Peake | Peake Professional Consulting Ro****@PeakePro.com | http://www.peakepro.com/ This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: steve |
last post by:
Hi,
I know there are a few free and paid php source code encryption
scripts around. Has anyone used one, and any feedback?
I am interested in encrypting source that is placed on a remote host....
|
by: David Williams |
last post by:
Hello all. Anyone know of a free program I can use
to encrypt my php code? I would like it to be secure as possible.
i.e. not viewable from the web.
Also, is there an html encryptor or will...
|
by: Piotr |
last post by:
MS has published on its sites javascript encoder, which enables "encrypting"
javascript code. It allows hiding js code from being seen as a text file.
There is a decoder for it, available in the...
|
by: Dayne |
last post by:
Guys,
I am writing a database application(vb.net , sql server) and is presently
storing the connection settings in a xml file...not very secure though. What
is a safer method in a dynamic...
|
by: Brian P. Hammer |
last post by:
All - I have an app that saves data to a xml file via a dataset. Our company stores some data in various xml files that is now considered a risk under its security policy. What's the best way to...
|
by: viktor9990 |
last post by:
I wonder if it is possible to encrypt images(like .tiff or .gif files) in
asp.net? How? Any exampel code or url will be appreciated. Thanks
|
by: rsm |
last post by:
Hi,
We want to encrypt MS Sql Server data files - .mdf and .ldf with
logged in user certificate and make sure that MS Sql Server service
(running as Local System Account) can decrypt it.
Is...
|
by: dfa_geko |
last post by:
Hi All,
I had a question about encrypting and decrypting XML files using asymmetric
keys. I copied some sample code from MSDN, here are the samples:
...
|
by: SeeSharp Bint |
last post by:
Visual Studio 2005, dotnet, c#. Microsoft SQL Server. Windows XP forms
application.
Temporarily, for my database application, I have been storing the various
elements of database connection...
|
by: taylorcarr |
last post by:
A Canon printer is a smart device known for being advanced, efficient, and reliable. It is designed for home, office, and hybrid workspace use and can also be used for a variety of purposes. However,...
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: ryjfgjl |
last post by:
If we have dozens or hundreds of excel to import into the database, if we use the excel import function provided by database editors such as navicat, it will be extremely tedious and time-consuming...
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
| |
