Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Password based file encryption #39

Open
nkprince007 opened this issue Oct 15, 2017 · 10 comments
Open

Password based file encryption #39

nkprince007 opened this issue Oct 15, 2017 · 10 comments
Assignees
@pranay414
Labels
difficulty/medium

Comments

@nkprince007
Copy link
Member

nkprince007 commented Oct 15, 2017
edited
Loading

Reference: https://stackoverflow.com/questions/35449630/how-to-encrypt-file-using-express-multer
@pranay414
Copy link
Collaborator

@nkprince007 I would like to up this issue.

@nkprince007
Copy link
Member Author

Sure, go ahead.

@pranay414
Copy link
Collaborator

@nkprince007 can you elaborate this issue?

@nkprince007
Copy link
Member Author

Sure, multer provides an event onFileUploadComplete which can be configured to our requirement. Once the file upload is done, use any encryptor of your liking (preferably file-encryptor) and encrypt the file with the same name. When user tries to access that resource, you'd need to a password based verification which, on acceptance should be able to download the file.

However, make sure that encryption is only optional and not enforced.

@pranay414
Copy link
Collaborator

@nkprince007 I found that event callbacks don't work. Ref: https://stackoverflow.com/questions/32045027/multer-callbacks-not-working. What to do in this case?

@nkprince007
Copy link
Member Author

Well, in that case we could ditch multer and use some other library like formidable perhaps and write a handler for the /upload route which parses the form POSTed by the frontend dropzone.

Reference: https://gist.github.com/paambaati/db2df71d80f20c10857d#file-upload_demo_nodejs-js

@pranay414
Copy link
Collaborator

@nkprince007 can you tell me how will a user download an uploaded file from the server?, btw I have implemented formidable and have encrypted the file successfully. Also is it necessary to store encrypted file in uploads directory and delete the original file after encryption?

@nkprince007
Copy link
Member Author

Yes, you'd need to delete the original once encryption is done. Actually, for now, I'm serving the entire directory statically instead of a standard download procedure. I'd rather want to proceed with the same thing than writing a download procedure. So, if possible, try to compress the files once uploaded and then use encryption on the zipped file rather than encrypting the file. And it should be possible to manually decrypt the file (offline too) with a password.

@pranay414
Copy link
Collaborator

@nkprince007 any references on how to manually decrypt(offline too) with a password. I compressed the files using fs.exec() and then encrypted it as a .dat file, is it ok?

@nkprince007
Copy link
Member Author

https://stackoverflow.com/questions/14829782/generate-a-password-protected-zip-file-in-node-js

pranay414 added a commit to pranay414/PiZilla that referenced this issue Dec 31, 2017
@pranay414
Feature: Password based file encryption
5a37766 
Adds encryption to uploaded files

Fixes issue NITDgpOS#39
@pranay414 pranay414 mentioned this issue Dec 31, 2017
Open
pranay414 added a commit to pranay414/PiZilla that referenced this issue Dec 31, 2017
@pranay414
Feature: Password based file encryption
cc4c77e 
Adds encryption to uploaded files

Fixes issue NITDgpOS#39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pranay414 pranay414

Labels
difficulty/medium
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@pranay414 @nkprince007