PmWiki | Cookbook / DesCrypt

Summary: Provide client-side DES and 3DES encryption support

Version: 0.1

Prerequisites:

Status:

Maintainer: Christopher Strider Cook

Categories: Security

DesCrypt provides client-side DES and 3DES encryption support for PmWiki.

Version 0.1

Why?

Like most people, in addition to using PmWiki for public uses I also use it as personal scratch space and a memory dump. Over time I found myself starting to use it to store information that I'd rather other people not see; website passwords, financial information, etc. PmWiki.Passwords, .htaccess files, and https are great for keeping web surfers out of my stuff, but what if my sever was compromised or my admin turned rogue? In that case all my info was sitting in flat files easily copied and read.

How?

Client-side DES encryption implemented in Javascript provides a method of (en|de)crypting data with out the plain text data or passwords ever landing on the remote server.

Extract the file :des-0.1.tgz Δ into pmwiki. It should contain the files:

pmwiki/cookbook/des.php
pmwiki/pub/descrypt/des.js

 
And add the lines: 
   ## des.php loads descrypt loads a module that provides client-side encryption

include_once('cookbook/des.php');

to pmwiki/local/config.php

This will add a button to the top of the edit text box labeled "DESCRYPT". Set up your edit text like this:

  This is some text.
  This is some text.  
  (:descrypt:) [= Encrypt this text =]
   But not this text (:descrypt:) [= Encrypt this as well =]

And then before pressing "Save" or "Preview" press "DESCRYPT". This will prompt for a password and then change the markup to (:descrypted:). You may now click "Save". In standard viewing your encrypted text will show as a link that, when clicked, prompts for a decrypt password.

Encryption Strength

The DES protocol for encryption has been compromised through brute force attacks over time (though more on the scale of server cluster, than fast desktop) and the 3DES method was provided as a stop gap solution to increase protection. Even still DES should provide ample protection from all but the most serious attempts to crack.

DesCrypt uses password length to determine whether DES or 3DES is to be performed. 8 character passwords use DES and 24 character passwords perform 3DES.

Vulnerabilities

DesCrypt protects the data stored on the web server from being directly read. Anyone with access to the PmWiki files could easily change the des.js file to transmit passwords or data back to the server, compromising the data. Further, DesCrypt provides no protection from a client machine or browser that has been previously compromised.

Limitations

Only tested under Firefox 1.0 on WinXp, Mozilla 1.7.2 [ok]
and no promises that your data wont be forever lost, this is alpha code {works for me - csc}

Comments and Suggestions

Very practical tool, thanks! -pog

What about integrating or using AES (see e.g. http://www.fourmilab.ch/javascript )Klonk

--- Start of comment from Cynthia Oldham

Once I got this cookbook working, it is definitely an asset to my wiki.
I had two issues with trying to get descrypt to work.

1) The browser was not finding the javascript file.
I solved this problem by changing line 13 of des.php

from

 desscript.src = 'pub/descrypt/des.js';

to:

  desscript.src = 'http://www.. <insert full path> ../pmwiki/pub/descrypt/des.js';

The universal solution would be to use the "PubDirUrl" variable in the local/config.php

2) this.form was transfering "null" when passed when the "DESCRYPT" button was pushed. This is probably because the button is outside the form.

I solved this problem by:
a) Adding a form name of "EditForm" to the form by editing line 83 of scripts/form.php from:

 ':html' => "<form action='\$PageUrl?action=edit' method='post'><input

to:

 ':html' => "<form name='EditForm' action='\$PageUrl?action=edit' method='post'><input

b) Editing cookbook/des.php from:

$EditMessageFmt = $EditMessageFmt ."<input type='button' name='desButton' value='DESCRYPT' onClick='desClick(this.form,0);'/><P>";

to:

$EditMessageFmt = $EditMessageFmt ."<input type='button' name='desButton' value='DESCRYPT' onClick='desClick(document.EditForm,0);'/><P>";

I hope that these comments help the next person or for next version of descrypt. Thank-you for making this cookbook. Cynthia Oldham

--- Start of comment from Roy van Pelt

I've tried to configure this recipe for the latest stable pmwiki (2.1.27), including the changes suggested by Cynthia. Unfortunately no button shows up on the edit form.

At this point I don't have time to dive into the code, but it might be a change in the way the buttons are placed in the edit form ('insButton').

If anyone could help out it would be great. I could use this functionality!

Regards,

Roy

--- Start of comment/question from Michael

Is there any possibility to automatically encrypt every saving-action using a pre-defined password? That is: No need to enter a password and pressing the encrypt button after editing, no need of the descrypt markup, but pressing the save button would automatically encrypt the whole page? And accessing a page would automatically decrypt and display it, so without a link to have to be pressed for an password prompt? Just for ease of use. But so that, however, all the data would be transmitted and stored encryptedly.

Thank you for any idea.

Todo, Bugs

Add IE support - if it doesn't already work (MSIE5.0: incompatible js -pog)
minor bug: (Moz. 1.72) uncrypt-link is only generated when (:descrypted:) on col1 unlike:
foo (:descrypted:) [= 0x2ba0c46e21296d43047452ea9deb1bdb =]
wikifarm: adjustment in: dec.php line 13: place of js!

DesCrypt