AesCrypt-1

Summary: Provide client-side AES encryption support
Version: 2016-01-14
Prerequisites:
Status:
Maintainer: Anomen
Categories: Security
Users: (view? / edit)
Discussion: AesCrypt-1-Talk?

Questions answered by this recipe

All sections are optional, you can remove those that do not apply to your recipe, and add new ones.

Description

Client-side AES encryption implemented in Javascript provides a method of (en|de)crypting data with out the plain text data or passwords ever landing on the remote server..

This version fixes several problems:

  • non-standard and weak (only 128bit) key derivation function replaced with SHA-256
  • rewritten low quality javascript code
  • doesn't require $EnableGUIButtons
  • disabled decrypting of already decrypted text
  • "Encrypt selection" mode
  • alternative implementation available - see Java testing application
  • padding plaintext with spaces to conceal exact length of input data (e.q. password)
  • Add javascript-controlled password input box to provide secure password entry

Installation

Download Attach:aescrypt-2016-01-14.zipΔ and extract it to pmwiki. Into local/config.php add line:

 require_once("$FarmD/cookbook/aescrypt.php");

Advanced Configuration

$AesCryptKDF
aes, sha256, sha256_dup (default)
$AesCryptCipherToken
starting token for ciphertext
$AesCryptEndToken
closing token for ciphertext
$AesCryptPadding
size of padding block
$EnableGUIButtons
affects rendering of Encrypt button (do not modify it after including aescrypt.php)

Backward compatibility

Default settings are not compatible with aescrypt-0.1?. To replace aescrypt-0.1 without losing already encrypted data use this code:

$AesCryptKDF='aes';
$AesCryptCipherToken='(:aescrypted:) [=';
$AesCryptEndToken='=]';
require_once("$FarmD/cookbook/aescrypt.php");

Usage

When editing page select text to be encrypted. Then press encrypt button in toolbar above textarea. Popup dialog for entering password will appear. After submitting password your page should contain in appropriate place something like this:

(:aes 5QN7Th0dHR2LVA/UjXTDWQ :)

Supported browsers

This recipe should work in all current browsers (as of end of 2012) with JavaScript support. It was successfully tested on:

  • Windows (IE, Firefox, Opera, Chrome)
  • Linux (Firefox, Opera, Chromium)
  • Android (Opera Mini 7.5 !!! This browser sends password to Opera servers !!!)

Notes

Java testing application

Build application using Maven:

 mvn install

Use following command to start command-line interface:

 java -jar JavaAesCryptTest-jar-with-dependencies.jar
Note: GUI interface is not yet implemented.

Change log / Release notes

If the recipe has multiple releases, then release notes can be placed here. Note that it's often easier for people to work with "release dates" instead of "version numbers".

git repo
https://github.com/anomen-s/pmwiki-recipes/tree/master/AesCrypt
download
aescrypt-2016-01-14.zipΔ

Comments

See discussion at AesCrypt-1-Talk?

User notes? : If you use, used or reviewed this recipe, you can add your name. These statistics appear in the Cookbook listings and will help newcomers browsing through the wiki.