Tags:
create new tag
view all tags

Question

Hello, I am looking for a solution to encrypt a twiki page, i try through openssl, but it is not that obvious, is there a known solution ? i find a java plugins but it was not finished.

it will be great to create a encrypted twiki page that will ask a password to be able to read through Twiki (and not possible to read on the OS level)

Thanks for your help Chris

Environment

TWiki version: TWikiRelease02Sep2004
TWiki plugins: DefaultPlugin, EmptyPlugin, InterwikiPlugin
Server OS: AIX
Web server: APACHE
Perl version: 5.8
Client OS: WIN XP
Web Browser: Firefox
Categories: Security

-- ChrisKloker - 30 Mar 2005

Answer

SSL is for encrypting the data link between the browser and the server.

I'm unclear from your wording whether you want to encrypt the page on the storage, which will mean that the rendering pipeline will see it as gibberish, or password protect the page.

-- AntonAylward - 31 Mar 2005

Long ago MartinCleaver mentioned an EncryptedPagesPlugin done by RichardEllery which should be in CVS.

-- FranzJosefSilli - 31 Mar 2005


thanks for your answer, what i am looking for is to be able to encrypt on the storage, and to be able to decrypt and read from the browser after putting a password.

I find a workaroud, using a MS Word crypted doc attach in twiki, but could not modify it.

when i was mentionning openssl it was the command that i was using, with that i could encrypt and decrypt a file, what i wanted to do is to put this inside the rendering of Twiki so that for example if the file is not .txt but .cryp it will prompt for a password and then use openssl to decrypte...

the command:

openssl enc -in ./toto -out toto.crp -pass stdin -e -des
openssl enc -in ./toto.crp -out ./tutu -pass stdin -d -des

for a Twiki Master should be possible wink

-- ChrisKloker - 31 Mar 2005

I very strongly suggest you forget about using "opnssl". RTFM: SSL is a Transport Layer tool intended for networking. Your problems arrise, for the most part, from it simply being used inappropriately.

It intended as a pipeline to be placed in front of a network service. You could use it, for example, to make IMAP into IMAP-S or HTTP into HTTP-S.

TWiki reads files, not pipelines. This isnt to say that Store.pm couldn't be re-written to deal with other storage "plugins". I have sketched out a possible future form where each web could be stored on a dfferent media, with different versioning -- files, ftp, http, and rcs, svn or just backup files. This is sketched out, along with other ideas, in DataAndCodeSeparation.

Let me ask again: can you please differentiate between what you are tryoing to do and what you are trying to acheive. Encryption is a means to an end, not an end in itself.

  • Do you want to password protect pages?
    If so, TWiki has its own mechanisms for this. You can also combine te basic access control with redirection, the %INCLUDE of protected pages and many other 'tricks'.
  • Do you want to hide the data on the disk from other users of the system?
    If so, then you may want to make use of a loopback mechanism to mount all or part of /data/ See the manual page on losetup Once again, you can use tricks like having a 'hidden' web that is the encrypted loopback and redirecting to that, combining with access control and so forth.

But please, stop doing the equivilent os using a screwdriver to hammer in a nail. openssl was not inteded to be used like this!

-- AntonAylward - 02 Apr 2005

There is nothing existing that does what you want, AFAIK. Personally I would use an encrypted disc (supported by most operating systems) and an SSL server, and use the existing TWiki mechanisms to password protect data.

-- CrawfordCurrie - 03 Apr 2005

thanks for your answer, ok i will not use openssl, I was just looking for a solution to encrypt a page made by twiki, this is a page where we store all our password, so should be easy to access/modify but not readable at os level. what I did is to create a MS word document encrypted and link it into twiki.

-- ChrisKloker - 07 Apr 2005

Edit | Attach | Watch | Print version | History: r7 < r6 < r5 < r4 < r3 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r7 - 2005-04-07 - ChrisKloker
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.