Mar 20, 2008, 10:32 AM
Post #3 of 14
Re: [KevinR] Perl CGI app - encrypting uploaded file before it hits the disk?
[In reply to]
I don't think you can encrypt a file during transfer. The entire file will have to be encrypted at the same time, you can't encrypt it in bits and pieces while its being read and before it's written to a file, or at least I don't know how. I don't even know what to suggest.
Read the below (taken from http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation):
"In cryptography, a block cipher operates on blocks of fixed length, often 64 or 128 bits. Because messages may be of any length, and because encrypting the same plaintext under the same key always produces the same output (as described in the ECB section below), several modes of operation have been invented which allow block ciphers to provide confidentiality for messages of arbitrary length.
The earliest modes described in the literature (eg, ECB, CBC, OFB and CFB) provide only confidentiality, and do not ensure message integrity. Other modes have since been designed which ensure both confidentiality and message integrity, such as IAPM, CCM, EAX, GCM, and OCB modes. Tweakable narrow-block encryption (LRW) mode, and wide-block encryption (CMC and EME) modes, designed to securely encrypt sectors of a disk, are described in the article devoted to disk encryption theory."
With Crypt::CBC I should (according to the documentation on the module) be able to accomplish exactly what I need to do (it even pads data less than the required block size). I guess I'm just unsure about how to buffer the input during the upload so I can perform the operation on the buffered set of bits. Maybe that's how I should have worded my question. :-) So, I guess the real question is, how do I buffer the file upload during the upload process?