%META:TOPICINFO{author="CraigMeyer" date="1291529456" format="1.1" reprev="1.4" version="1.4"}%
---+!! Encrypt Plugin (WORK IN PROGRESS)
<!--
   Contributions to this plugin are appreciated. Please update the plugin page at
   http://twiki.org/cgi-bin/view/Plugins/EncryptPlugin or provide feedback at
   http://twiki.org/cgi-bin/view/Plugins/EncryptPluginDev.
   If you are a TWiki contributor please update the plugin in the SVN repository.

   * Set SHORTDESCRIPTION = Securely encrypt text in TWiki topics to be accessible by selected users only
-->
<sticky>
<div style="float:right; margin:0 0 10px 10px">
<div style="background-color:#eeeeee; padding: 0 10px 0 10px">
%TOC{title="Page contents"}%
</div>
</div>
</sticky>
%SHORTDESCRIPTION%

---++ Introduction

This plugin can be used to securely hide some text in a TWiki topic, such as passwords that should be accessible by an individual or a small group only. [[http://en.wikipedia.org/wiki/RC4][RSA RC4]] is used to encrypt text, which is the same technology used in Secure Sockets Layer (SSL) to protect Internet traffic and WEP to secure wireless networks.

---++ Syntax Rules

Add =%<nop>ENCRYPT{"any text"}%= anywhere in a TWiki page.

| *Write this:* | *Renders as: (for author)* | *Renders as: (for others)* |
| =%<nop>ENCRYPT{"Password: Abracadabra"}%= | =Password: Abracadabra= | =<nop>*****<nop>= |

Supported parameters:
   * ="any text"=: Text to encrypt
   * =allow="..."=: TWiki group or list of users allowed to view/edit encrypted text (comma space delimited list of !WikiWords)
   * =_dont_change="..."=: Identifier, added automatically after saving the page for the first time. Do not change.

Users who are allowed to view the encrypted text see:
   * the plain text in view mode
   * the plain text inside the =%<nop>ENCRYPT{...}%= variable when in edit mode

Users who are _not_ allowed to view the encrypted text see:
   * =<nop>*****<nop>= asterisks in view mode
   * a hash string inside the =%<nop>ENCRYPT{...}%= variable when in edit mode

Note that search cannot find encrypted text. This can be an advantage or a disadvantage depending how you look at it.

---++ Examples

*1. Encrypt text for my own use only*

=%<nop>ENCRYPT{"Jimmy Neutron"}%= encrypts text ="Jimmy Neutron"= to be viewable/editable only by the user who added the ENCRYPT variable.

   * %ENCRYPT{_dont_change="6zyX2xxTIITqBl6Z3S63UpUpA8AsuDZY74l389BPaBs"}%
   * This is what is coded: %<nop>ENCRYPT{"%GREEN% Jimmy Neutron %ENDCOLOR%" allow="CraigMeyer" display="%RED%You can't see this! %ENDCOLOR%"}%
   * Second copy for testing %ENCRYPT{_dont_change="G5HFYJ6ZI05+Uiz7dUB9vswg6mgDP7M58XNugfjhzeA"}%


*2. Encrypt text for my group*

=%<nop>ENCRYPT{"Helpdesk password: h3lp-Cu$t" allow="SupportGroup"}%= encrypts text to be viewable/editable by !SupportGroup members only.

After saving, the ENCRYPT variable is changed to =%<nop>ENCRYPT{_dont_change="PPq2ez7j"}%=. A member of the group sees =Helpdesk password: h3lp-Cu$t= when looking at the topic, and  =%<nop>ENCRYPT{"Helpdesk password: h3lp-Cu$t" allow="SupportGroup" _dont_change="PPq2ez7j"}%= when editing the topic. That is, members can change the encrypted text and the access restriction.

Other people see =<nop>*****<nop>= when looking at the page, and =%<nop>ENCRYPT{_dont_change="PPq2ez7j"}%= when editing the page. A non-member could change the ENCRYPT parameter the wiki way, which would invalidate the encrypted text. If this happens, anyone can view and restore the original text from a previous topic version, thus it is possible restore the encrypted text.

---++ Plugin Info

|  Plugin Author: | TWiki:Main.PeterThoeny, [[http://twiki.net/][Twiki, Inc.]], TWiki:Main.CraigMeyer |
|  Copyright: | &copy; 2010 TWiki:Main.CraigMeyer, &copy; 2010, TWiki:Main.PeterThoeny %BR% &copy; 2010, TWiki:TWiki.TWikiContributor |
|  License: | GPL ([[http://www.gnu.org/copyleft/gpl.html][GNU General Public License]]) |
|  Plugin Version: | 19921 (2010-12-05) |
|  Change History: | <!-- versions below in reverse order -->&nbsp; |
|  2010-12-5: | First working version - still some loose ends |
|  2010-11-15: | Initial version |
|  TWiki Dependency: | $TWiki::Plugins::VERSION 1.1 |
|  CPAN Dependencies: | CPAN:Mime::Base64, CPAN:Crypt::CBC, CPAN:Crypt::Rijndael_PP, CPAN:Crypt::RC4, CPAN:Crypt::OpenSSL::RSA |
|  Other Dependencies: | openssl to generate the asymetric key |
|  Perl Version: | 5.008 |
|  [[TWiki:Plugins/Benchmark][Benchmarks]]: | %SYSTEMWEB%.GoodStyle nn%, %SYSTEMWEB%.FormattedSearch nn%, %TOPIC% nn% |
|  Plugin Home: | http://TWiki.org/cgi-bin/view/Plugins/%TOPIC% |
|  Feedback: | http://TWiki.org/cgi-bin/view/Plugins/%TOPIC%Dev |
|  Appraisal: | http://TWiki.org/cgi-bin/view/Plugins/%TOPIC%Appraisal |

__Related Topics:__ VarENCRYPT, %SYSTEMWEB%.TWikiPlugins, %SYSTEMWEB%.DeveloperDocumentationCategory, %SYSTEMWEB%.AdminDocumentationCategory, %SYSTEMWEB%.TWikiPreferences

-- Main.PeterThoeny - 2010-11-15

%META:ENCRYPTPLUGIN{name="DcoCU7Q8mB+M0P9LHCfULwxUTlMK7zwRcFQ3URdWg/w" allow="SmallGroup" display="%25RED%25You can't see this! %25ENDCOLOR%25" index="0" value="U2FsdGVkX18UiqhEdPJvKlkUSVKWnLlBbS03AfH55/67pa94rw0caIcs4rNRc7g2z0bayxjo/T4=%0a"}%
%META:ENCRYPTPLUGIN{name="dBEVUsm8SVElzzXZzBkvuCTWuTk5opcVlKH/+IVu2Mc" allow="SmallGroup" display="%25RED%25You can't see this! %25ENDCOLOR%25" index="1" value="U2FsdGVkX1/y1lktK109xGAlVWRtzc29cWp4tvP5chyToijdaRREmu5O5SbXXr0w8laeHdRLTDw=%0a"}%
%META:ENCRYPTPLUGIN{name="cJGOYU+3cUm4VDwL9tvtLTthJ1V+GQGlkrOyFNkqGbE" allow="SmallGroup" display="%25RED%25You can't see this! %25ENDCOLOR%25" index="2" value="U2FsdGVkX18nGg3HJ1M3SomaqkcgrRSzwBQxDLGzqnDDCGWjoei7d7n9eVEQHEilPw99/yVP8I4=%0a"}%
%META:ENCRYPTPLUGIN{name="6zyX2xxTIITqBl6Z3S63UpUpA8AsuDZY74l389BPaBs" allow="CraigMeyer" display="%25RED%25You can't see this! %25ENDCOLOR%25" index="0" value="U2FsdGVkX19/kK0FGd0cZsqz92olhlG3MxvLrsfabQy9sTqDpgjEkQZ/heChlI60S9188grylP4=%0a"}%
%META:ENCRYPTPLUGIN{name="G5HFYJ6ZI05+Uiz7dUB9vswg6mgDP7M58XNugfjhzeA" allow="CraigMeyer" display="%25RED%25You can't see this! %25ENDCOLOR%25" index="1" value="U2FsdGVkX1/w8qq3FMwrfNMVBXEBK6bftGTDMrxvqNynhQqMRpBlAimJaODG0TzUdu+hm0j4RTs=%0a"}%
%META:ENCRYPTPLUGIN{name="JiSMaFKDs66GTj5K6rTVOj/c107+kXjwaAa0SmFppGw" allow="CraigMeyer" display="%25RED%25You can't see this! %25ENDCOLOR%25" index="2" value="U2FsdGVkX19g0fX3xdZkT+/oz7zFHtC4eQwwAaqX6oOLo7I6KmOiuowbbQjVCiTAKztCQNhTxso=%0a"}%
