README.txt

  1. 6.x README.txt
  2. 6.x modules/tinymce/README.txt
  3. 6.x modules/student_files/README.txt
  4. 6.x modules/batch/README.txt
  5. 6.x modules/lassie/README.txt
  6. 6.x modules/prereqs/README.txt
  7. 6.x themes/how_to_customize/README.txt
  8. 6.x modules/encryption/README.txt
  9. 6.x custom/files/README.txt
  10. 4.x README.txt
  11. 4.x modules/tinymce/inc/tiny_mce/plugins/style/readme.txt
  12. 4.x modules/tinymce/README.txt
  13. 5.x README.txt
  14. 5.x modules/tinymce/README.txt
  15. 5.x modules/batch/README.txt
  16. 5.x themes/basic/README.txt
  17. 5.x inc/pchart/README.txt
  18. 5.x inc/pchart/pchart/readme.txt
  19. 5.x modules/tinymce/inc/tiny_mce/plugins/style/readme.txt
Encryption module README.txt


The encryption module is meant to facilitate simple AES encryption of values
or files, which can then be stored on the server or database.

------------------
SETUP
------------------

This module assumes you have OpenSSL support for PHP already installed.  See: https://www.php.net/manual/en/openssl.setup.php
as well as other resources online if your version of PHP does not already have this common package enabled.  Changes
are, it already does.

To configure, visit the settings page, admin/config/encryption.

You may set up your key one of two ways:
  #1) Find the $GLOBALS['encryption_key_string'] value in your settings.php file and set it to at least 32 random characers.
  #2) Enter the location of a key file on your server but outside of the web root.
  
Method #2 means some extra overhead since every time you want to encrypt or decrypt a file or value, the
key file must be read into memory.

Keep your key file a relatively small size.  Ex: 100 - 300 random characters would be fine.

** See below about keeping you key safe and unchanging. **


------------------
HASHING & CIPHER
------------------

NOTE: only make changes here if you really know what you are doing.

By default, the system will use SHA256 as the hashing algorithm and a 256-bit AES cipher selected from a list.

If you wish to enforce a particular hash protocol (ex: "md5"), or cipher then add these lines
to your settings.php file:

  $GLOBALS["encryption_hash"] = "md5";
  $GLOBALS["encryption_cipher"] = "aes-128-cbc";

This will force that particular hash and/or cipher to be used.

BE AWARE that not all ciphers will work correctly with encryption hashes.  It is strongly recommended to leave the default
settings alone.

Make note of which hash & cipher protocol you are using (see below).

------------------
KEY SECURITY
------------------

Keep your key or key file SAFE.  Anyone who gains knowledge of your key could decrypt
your files or values.  To protect against loss, it is recommended you print out
your key on a sheet of paper, and then store it in a secure location.  This way you can
re-type it by hand if need be.

Be sure to also record which hash protocol/cipher was being used along with the key.

File

modules/encryption/README.txt
View source
  1. Encryption module README.txt

  2. 

  3. 

  4. The encryption module is meant to facilitate simple AES encryption of values

  5. or files, which can then be stored on the server or database.

  6. 

  7. ------------------

  8. SETUP

  9. ------------------

  10. 

  11. This module assumes you have OpenSSL support for PHP already installed.  See: https://www.php.net/manual/en/openssl.setup.php

  12. as well as other resources online if your version of PHP does not already have this common package enabled.  Changes

  13. are, it already does.

  14. 

  15. To configure, visit the settings page, admin/config/encryption.

  16. 

  17. You may set up your key one of two ways:

  18.   #1) Find the $GLOBALS['encryption_key_string'] value in your settings.php file and set it to at least 32 random characers.

  19.   #2) Enter the location of a key file on your server but outside of the web root.

  20.   

  21. Method #2 means some extra overhead since every time you want to encrypt or decrypt a file or value, the

  22. key file must be read into memory.

  23. 

  24. Keep your key file a relatively small size.  Ex: 100 - 300 random characters would be fine.

  25. 

  26. ** See below about keeping you key safe and unchanging. **

  27. 

  28. 

  29. ------------------

  30. HASHING & CIPHER

  31. ------------------

  32. 

  33. NOTE: only make changes here if you really know what you are doing.

  34. 

  35. By default, the system will use SHA256 as the hashing algorithm and a 256-bit AES cipher selected from a list.

  36. 

  37. If you wish to enforce a particular hash protocol (ex: "md5"), or cipher then add these lines

  38. to your settings.php file:

  39. 

  40.   $GLOBALS["encryption_hash"] = "md5";

  41.   $GLOBALS["encryption_cipher"] = "aes-128-cbc";

  42. 

  43. This will force that particular hash and/or cipher to be used.

  44. 

  45. BE AWARE that not all ciphers will work correctly with encryption hashes.  It is strongly recommended to leave the default

  46. settings alone.

  47. 

  48. Make note of which hash & cipher protocol you are using (see below).

  49. 

  50. ------------------

  51. KEY SECURITY

  52. ------------------

  53. 

  54. Keep your key or key file SAFE.  Anyone who gains knowledge of your key could decrypt

  55. your files or values.  To protect against loss, it is recommended you print out

  56. your key on a sheet of paper, and then store it in a secure location.  This way you can

  57. re-type it by hand if need be.

  58. 

  59. Be sure to also record which hash protocol/cipher was being used along with the key.

  60. 

  61. 

  62. 

  63. 

  64.