Thank you everyone for the input, but regardless of whether it makes complete sense to do, it's something a client wants done. Ideally, the file would be be decrypted on the user's end, but that is not a possibility ( potentially thousands of not so technical users). So GPG IS what I think I should use. I'm am looking for some guidance on how to actually accomplish it with Perl.
| [reply] |
If by decrypt when the user downloads means that the server just spits out a decrypted GPG pipe, and sends plain text over the network to the client, that is fairly easy, but I would'nt call it secure. Anyone can see all your files by sniffing the network.
So you are stuck sending information thru GPG encrypted mail, because I don't think GPG has a browser plugin to decode web content. Another limited option would be making GPG encrypted files available for HTML download.
You are asking for free easy help for a big time program. Google for Perl GPG HTML and Linux GPG webmail , and you should get some pretty good guidance by going thru the links. Personally, I really like the new javascript methods around now, as I mentioned in reference to Processing.js. That way, if you could write a .pde script for Processing, you could setup a fairly secure channel to the client. And run it in the DOM , as a javascript application with a canvas id . My rational is that I don't think you can encode web content with GPG, you can only send encrypted mails. So you will need a custom Processing script to do the decoding on the client end. Maybe not GPG, but you could make up your own decoder, within the limits of what javascript will allow. You could decode on the server, and feed the data stream to a custom canvas running under Processing.js, which could run a simpler faster algorithm like RC4, Blowfish, or Rijandael.
You could just implement the old "Caesar's Cipher" for encryption... ;-)
But it isn't Perl, so all I will do, is leave it at that. From what I understand, someone is working on something similar for Perl, call Perlito, but I doubt it will ever eclipse the geniuses at M.I.T who produced Processing and Processing.js.
| [reply] |
I don't think it would be plain text would it? The files that they are downloading files are files like PDF and DOC, etc... Also, the clients would be using SSL( https ). The code I included originally is a lot simpler than what is going on....There is already security in place to handle user authentication and authorization to files via a web interface. I'm looking for help with perl code to encrypt the files( again, I'm think gpg ). And then, when a user logs in and clicks a link to download the file, the file is decrypted and the user downloads the file. I don't want to just make a decrypted copy of the file upon request, serve it up to the user and then delete the file. I need to handle it smarter than that since multiple end users can be accessing the same file at the same time. Any more help would be greatly appreciated.
| [reply] |