我想建立一个网站,人们可以在其中通过 rails 应用程序将文件上传到我的 S3 存储桶。我希望对上传进行加密,以便我不知道上传的内容,并且我只希望用户拥有解密它的密钥。
有人可以给我一些关于如何去做这个或实现这个的方法的建议吗?
问问题
64 次
2 回答
0
Lichtamberg is right, the best and most secure way would be for the user to do it clientside. Perhaps you could tell them what encryption types are accepted (such as GPG) and provide instructions for doing so, or recommend tools that might make it easier.
You could probably enforce this in your code by checking whether an uploaded file is encrypted, and rejecting it if not. The check would be similar to an image upload feature that rejects non-image files, for instance.
于 2013-04-14T19:46:18.730 回答
0
您只能在本地对其进行加密,服务器端(甚至是 ISP)上的所有其他内容都可以以某种方式被操纵
于 2013-04-14T18:47:27.190 回答