On Wed, Mar 6, 2013 at 6:59 PM, Vincent Pazeller <vincentpazel...@gmail.com> wrote: > I am new to FtpServer and I am planning tu use it. Before, I would like to > know if anyone could confirm it will suit my needs... Basically, I would > like to ensure secure storage on the server by transparently encrypting a > file as soon it is uploaded and decrypting a file as soon it is downloaded. > Has anyone any experience with this? > > My feeling is that Ftplets would allow to do this. Here is what I would > like to do: > > For uploads: create a onUploadEnd Ftplet and use a symmetric encryption > algorithm (or PGP) to encrypt the uploaded file automatically > To ensure this is feasible, I would need (I think): > > 1) Possibility to obtain the user plain password or a session key noone can > obtain and is constant per user (so I can use something like SHA2(password > + salt) as the key) > 2) Possibility to easily access the uploaded file's data (to change the > content). Ideally before it is even written to disk (So that the plain file > is never actually stored on the disk before being encrypted) > > For downloads: create a onDownloadStart Ftplet and use a symmetric > encryption algorithm to decrypt the file automatically before the download > To ensure this is feasable, I would need (I think): > > 1) Possibility to obtain the user plain password/session key (so I can use > something like SHA2(password + salt) as the key) > 2) Possibility to change the data before file is downloaded. The best would > be to be able to access the file, decrypt it and send the decrypted data... > > Has anyone any idea on the feasibility of this? > > The crypto-system will be more complicated than this of course (this one > only allows one user to access the data), but if this one is feasable, > there is no limit to use something like PGP to allow multi-user access > > I would appreciate any advise from people knowing FtpServer deeper than me > and more precisely on what we can do with FtpLets or if there is a much > simpler solution to my needs, of course :)
I would recommend you to have a look at implementing this using a custom file system instead of as an Ftplet. Doing so will be a more natural way to intercept files as they are needed. In particular, look at FtpFile.createOutputStream() and FtpFile.createInputStream(). /niklas
