Drupal is a registered trademark of Dries Buytaert
Protected Pages 3.0.0 Major update available for module protected_pages (3.0.0). Commerce Core 3.3.8 Minor update available for module commerce (3.3.8). Search API HTML Element Filter 1.0.7 Minor update available for module search_api_html_element_filter (1.0.7). Layout Builder Reorder 2.0.1 Minor update available for module layout_builder_reorder (2.0.1). Ban 1.1.0 Minor update available for module ban (1.1.0). Field Formatter Range 2.0.0 Major update available for module field_formatter_range (2.0.0). Field Formatter Range 8.x-1.8 Minor update available for module field_formatter_range (8.x-1.8). UI Patterns (SDC in Drupal UI) 2.0.18 Minor update available for module ui_patterns (2.0.18). Search API Solr 4.3.11 Module search_api_solr updated after 14 months of inactivity (4.3.11). Provus Mega Menu Module provus_mega_menu crossed 1,000 active installs.

Encrypt RSA

16 sites No security coverage
View on drupal.org

This module provides a way to encrypt data using RSA public-key cryptography, which uses separate public and private keys for encryption and decryption. It helps secure sensitive data by allowing you to encrypt it with a public key that can be shared freely, while only the corresponding private key can decrypt it. The module uses an "envelope" technique to handle data amounts larger than RSA can directly encrypt.

Encrypt RSA provides public-keys (asymmetrical) encryption method plugins for the Encrypt module, using RSA algorithm . These plugins offer a variety of solution to use public/private key to encrypt - and send - your date safely.

With normal symmetrical cryptography you use the same key to both encrypt and decrypt. Depending by the scenario, this has 2 downside:

  1. Anyone with enough permissions or even an external attacker can access your key and decrypt your data.
  2. You need to make sure your key is securely stored, because its the only thing ensuring data safety and privacy.
  3. You can decrypt the data too, which is something you probably want to avoid if there is a SLA/NDA in place with your client

Asymmetrical cryptography let you encrypt your data with a public key which you can safely store wherever you want, as the only key able to decrypt your data is the private key.

As RSA has got limits on the amount of data you can encrypt, this module use a technique called "Envelope", through standard libraries like OpenSSL or phpseclib.

Cryptography is always an evolving science. This module will try to be compatible with any underlying architecture, however this can have consequences on the level of security you will be able to achieve.

Currently the best solution is to:

  • Run this module on PHP 7.x, where the OpenSSL extension allows using AES256 method for encrypting the random key
  • Create a public/private RSA key pair, protected by passcode
  • Select "Public OpenSSL Seal" encryption method. Protect the private key safely in the environment meant to decrypt.

Check the README.txt for additional info.

Activity

Total releases
2
First release
Mar 2025
Latest release
1 year ago
Releases (12 mo)
0 ▼ from 2
Maintenance
Dormant

Releases

Version Type Release date
2.0.0-beta1 Pre-release May 17, 2025
2.x-dev Dev Mar 7, 2025