Tags:
create new tag
, view all tags

Encrypt Plugin (WORK IN PROGRESS)

Securely encrypt text in TWiki topics to be accessible by selected users only

Introduction

This plugin can be used to securely hide some text in a TWiki topic, such as passwords that should be accessible by an individual or a small group only. Currently Crypt::Blowfish Blowfish is used to encrypt text.

This will be expanded to include RSA RC4 is used to encrypt text, which is the same technology used in Secure Sockets Layer (SSL) to protect Internet traffic and WEP to secure wireless networks.

Syntax Rules

Add %ENCRYPT{"any text"}% anywhere in a TWiki page.

Write this: Renders as: (for author) Renders as: (for others)
%ENCRYPT{"Password: Abracadabra"}% Password: Abracadabra *****

Supported parameters:

  • "any text": Text to encrypt
  • allow="...": A list of TWiki groups and/or users who are allowed to view/edit encrypted text (comma space delimited list of WikiWords)
  • display="...": The string to display when the viewer/editor is not allowed (Default is: ******)
  • _dont_change="...": Identifier, added automatically after saving the page for the first time. Do not change.

Users who are allowed to view the encrypted text see:

  • the plain text in view mode
  • the plain text inside the %ENCRYPT{...}% variable when in edit mode

Users who are not allowed to view the encrypted text see:

  • ***** asterisks in view mode
  • a hash string inside the %ENCRYPT{...}% variable when in edit mode

Note that search cannot find encrypted text. This can be an advantage or a disadvantage depending how you look at it.

Examples

1. Encrypt text for my own use only

%ENCRYPT{"Jimmy Neutron"}% encrypts text "Jimmy Neutron" to be viewable/editable only by the user who added the ENCRYPT variable.

  • %ENCRYPT{" Jimmy Neutron " allow="CraigMeyer" display="You can't see this! "}%
  • This is what is coded: %ENCRYPT{" Jimmy Neutron " allow="CraigMeyer" display="You can't see this! "}%
  • Second copy for testing %ENCRYPT{" Jimmy Neutron " allow="CraigMeyer" display="You can't see this! "}%

2. Encrypt text for my group

%ENCRYPT{"Helpdesk password: h3lp-Cu$t" allow="SupportGroup"}% encrypts text to be viewable/editable by SupportGroup members only.

After saving, the ENCRYPT variable is changed to %ENCRYPT{_dont_change="PPq2ez7j"}%. A member of the group sees Helpdesk password: h3lp-Cu$t when looking at the topic, and %ENCRYPT{"Helpdesk password: h3lp-Cu$t" allow="SupportGroup" _dont_change="PPq2ez7j"}% when editing the topic. That is, members can change the encrypted text and the access restriction.

Other people see ***** when looking at the page, and %ENCRYPT{_dont_change="PPq2ez7j"}% when editing the page. A non-member could change the ENCRYPT parameter the wiki way, which would invalidate the encrypted text. If this happens, anyone can view and restore the original text from a previous topic version, thus it is possible restore the encrypted text.

Plugin Info

Plugin Author: TWiki:Main.PeterThoeny, Twiki, Inc., TWiki:Main.CraigMeyer
Copyright: © 2010 TWiki:Main.CraigMeyer, © 2010, TWiki:Main.PeterThoeny
© 2010, TWiki:TWiki.TWikiContributor
License: GPL (GNU General Public License)
Plugin Version: %$VERSION%
Change History:  
2010-12-5: First working version - still some loose ends
2010-11-15: Initial version
TWiki Dependency: $TWiki::Plugins::VERSION 1.1
CPAN Dependencies: CPAN:Mime::Base64, CPAN:Crypt::CBC, CPAN:Crypt::Rijndael_PP, CPAN:Crypt::RC4, CPAN:Crypt::OpenSSL::RSA
Other Dependencies: openssl to generate the asymetric key
Perl Version: 5.008
Benchmarks: GoodStyle nn%, FormattedSearch nn%, EncryptPlugin nn%
Plugin Home: http://TWiki.org/cgi-bin/view/Plugins/EncryptPlugin
Feedback: http://TWiki.org/cgi-bin/view/Plugins/EncryptPluginDev
Appraisal: http://TWiki.org/cgi-bin/view/Plugins/EncryptPluginAppraisal

Related Topics: VarENCRYPT, TWikiPlugins, DeveloperDocumentationCategory, AdminDocumentationCategory, TWikiPreferences

-- PeterThoeny - 2010-11-15

Topic attachments
I Attachment History Action Size Date Who Comment
Unknown file formatmd5 EncryptPlugin.md5 r2 r1 manage 0.2 K 2010-12-05 - 06:22 CraigMeyer  
Compressed Zip archivetgz EncryptPlugin.tgz r2 r1 manage 10.3 K 2010-12-05 - 06:22 CraigMeyer  
Compressed Zip archivezip EncryptPlugin.zip r2 r1 manage 12.1 K 2010-12-05 - 06:22 CraigMeyer  
Unknown file formatEXT EncryptPlugin_installer r1 manage 3.4 K 2010-12-05 - 06:22 CraigMeyer  
Edit | Attach | Watch | Print version | History: r5 < r4 < r3 < r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r5 - 2013-10-16 - PeterThoeny
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2017 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.