• View
• Edit
• History
• Attach
• Print
• Backlinks

DesCrypt

DesCrypt provides client-side DES and 3DES encryption support for PmWiki.

Version 0.1

Why?

Like most people, in addition to using PmWiki for public uses I also use it as personal scratch space and a memory dump. Over time I found myself starting to use it to store information that I'd rather other people not see; website passwords, financial information, etc. PmWiki.Passwords, .htaccess files, and https are great for keeping web surfers out of my stuff, but what if my sever was compromised or my admin turned rogue? In that case all my info was sitting in flat files easily copied and read.

How?

Client-side DES encryption implemented in Javascript provides a method of (en|de)crypting data with out the plain text data or passwords ever landing on the remote server.

Extract the file :des-0.1.tgzΔ into pmwiki. It should contain the files:

• pmwiki/cookbook/des.php
• pmwiki/pub/descrypt/des.js

 
And add the lines: 
   ## des.php loads descrypt loads a module that provides client-side encryption

include_once('cookbook/des.php');

to pmwiki/local/config.php

This will add a button to the top of the edit text box labeled "DESCRYPT". Set up your edit text like this:

  This is some text.
  This is some text.  
  (:descrypt:) [= Encrypt this text =]
   But not this text (:descrypt:) [= Encrypt this as well =]

And then before pressing "Save" or "Preview" press "DESCRYPT". This will prompt for a password and then change the markup to (:descrypted:). You may now click "Save". In standard viewing your encrypted text will show as a link that, when clicked, prompts for a decrypt password.

Encryption Strength

The DES protocol for encryption has been compromised through brute force attacks over time (though more on the scale of server cluster, than fast desktop) and the 3DES method was provided as a stop gap solution to increase protection. Even still DES should provide ample protection from all but the most serious attempts to crack.

DesCrypt uses password length to determine whether DES or 3DES is to be performed. 8 character passwords use DES and 24 character passwords perform 3DES.

Vulnerabilities

DesCrypt protects the data stored on the web server from being directly read. Anyone with access to the PmWiki files could easily change the des.js file to transmit passwords or data back to the server, compromising the data. Further, DesCrypt provides no protection from a client machine or browser that has been previously compromised.

Limitations

• Only tested under Firefox 1.0 on WinXp, Mozilla 1.7.2 [ok]
• and no promises that your data wont be forever lost, this is alpha code {works for me - csc}

Comments and Suggestions

Very practical tool, thanks! -pog

What about integrating or using AES (see e.g. http://www.fourmilab.ch/javascript )Klonk

--- Start of comment from dent

Here's how I got DesCrypt to work on pmwiki-2.2.24.

I know nothing about the internals of pmwiki so this is quite possibly the wrong way to go about things but i managed to get DesCrypt to work for me:

I changed the descrypt.src as mentioned below by Cynthia. I then replaced

$EditMessageFmt = $EditMessageFmt ."<input type='button' name='desButton' value='DESCRYPT' onClick='desClick(this.form,0);'/><P>";

with the new style (since pmwiki 2.0 I think)

$MessagesFmt[] = "<input type=\"button\" name=\"desButton\" value=\"DESCRYPT\" onClick=\"desClick(document.forms[1],0);\"/><P>";

Without this change you won't see the DESCRYPT button (see Roy's comment below).

I was reluctant to change pmwiki's core files (scripts/form.php) as Cynthia did so I had to reference the input form some other way. The method I used is pretty brittle, it simply picks the second form on the page. The smarter approach would be to take the first form after document.getElementById('wikiedit'). Change the onClick handler above as necessary to do things properly. Does anyone know why the pmwiki input form is unnamed?

--- Start of comment from Cynthia Oldham

Once I got this cookbook working, it is definitely an asset to my wiki.
I had two issues with trying to get descrypt to work.

1) The browser was not finding the javascript file.
I solved this problem by changing line 13 of des.php

from

 desscript.src = 'pub/descrypt/des.js';

to:

  desscript.src = 'http://www.. <insert full path> ../pmwiki/pub/descrypt/des.js'; 

The universal solution would be to use the "PubDirUrl" variable in the local/config.php

2) this.form was transfering "null" when passed when the "DESCRYPT" button was pushed. This is probably because the button is outside the form.

I solved this problem by:
a) Adding a form name of "EditForm" to the form by editing line 83 of scripts/form.php from:

 ':html' => "<form action='\$PageUrl?action=edit' method='post'><input

to:

 ':html' => "<form name='EditForm' action='\$PageUrl?action=edit' method='post'><input

b) Editing cookbook/des.php from:

$EditMessageFmt = $EditMessageFmt ."<input type='button' name='desButton' value='DESCRYPT' onClick='desClick(this.form,0);'/><P>";

to:

$EditMessageFmt = $EditMessageFmt ."<input type='button' name='desButton' value='DESCRYPT' onClick='desClick(document.EditForm,0);'/><P>";

I hope that these comments help the next person or for next version of descrypt. Thank-you for making this cookbook. Cynthia Oldham

--- Start of comment from Roy van Pelt

I've tried to configure this recipe for the latest stable pmwiki (2.1.27), including the changes suggested by Cynthia. Unfortunately no button shows up on the edit form.

At this point I don't have time to dive into the code, but it might be a change in the way the buttons are placed in the edit form ('insButton').

If anyone could help out it would be great. I could use this functionality!

Regards,

Roy

--- Start of comment/question from Michael

Is there any possibility to automatically encrypt every saving-action using a pre-defined password? That is: No need to enter a password and pressing the encrypt button after editing, no need of the descrypt markup, but pressing the save button would automatically encrypt the whole page? And accessing a page would automatically decrypt and display it, so without a link to have to be pressed for an password prompt? Just for ease of use. But so that, however, all the data would be transmitted and stored encryptedly.

Thank you for any idea.

Todo, Bugs

• Add IE support - if it doesn't already work (MSIE5.0: incompatible js -pog)
• minor bug: (Moz. 1.72) uncrypt-link is only generated when (:descrypted:) on col1 unlike:
  foo (:descrypted:) [= 0x2ba0c46e21296d43047452ea9deb1bdb =]
• wikifarm: adjustment in: dec.php line 13: place of js!

See Also

• WikiSh gives an alternate approach to encryption/decryption. It depends on the mcrypt extension to PHP. It allows encryption/decryption of any page or file to which WikiSh has read/write access. (Other text can be encrypted/decrypted as well - it is in-memory-text based rather than file- or page-based -- the file/page capabilities come as a side effect of the WikiSh file/page capabilities.)
• EditCrypt is based on the underlying WikiSh and WikiShCrypt capabilities but gives a more user-friendly, form-based approach. It includes capabilities to encrypt and decrypt entire pages using any of the algorithms supported by MCRYPT. Encryption/Decryption is done in the EditForm and also provides a markup for encrypted pages to be decrypted "on-the-fly" (in-memory only) for viewing.

Contributor

• Christopher Strider Cook

DesCrypt is based on the encryption work and functions provided by Paul Tero http://www.tero.co.uk/des/index.php