Skip to content
Permalink
master
Switch branches/tags

CryptIt-ObsidianPlugin/README.md

Go to file
 
 
Cannot retrieve contributors at this time
Crypt-It - Simple Obsidian text encryption Encryption specifications Usage Encrypting Decrypting Parts of Crypt-It data: Text content a 'cryptoCode' value: seed password: Example Credits
157 lines (86 sloc) 6.11 KB
Raw Blame

Crypt-It - Simple Obsidian text encryption

version 0.1

I frequently would find myself hesitant to store sensitive information on Obsidian. So after not finding a good encryption plugin, I took a stab at making my own.

Currently isn't working for me on Android?

Encryption specifications

Uses 128-bit AES encryption by GCM.

While it is said that brute-forcing 128-bit encryption with modern hardware would take billions of years, this is my first attempt at any cryptographic functioning, my first Obsidian plugin, and even my first time using Node.js - so it is entirely possible probable for my code to have a few security flaws.

The crypto IV is stored basically in plain text but passwords are hashed every time, from the user-inputted passphrase.

So as of this version I would be wary of using this plugin to encrypt anything of which secrecy is of the utmost importance (passwords, incriminating information, nuclear launch codes, etc.).

Usage

To use, you must first be selecting some text, and in editor mode.

Then, by clicking the icon on the left ribbon bar, or by running the Crypt-It command, the Crypt-It dialog modal will appear: Pasted image 20220102185346

When you click one of the buttons, the password in the text field will be hashed into the 128-bit cryptographic key, the text will be encrypted/decrypted, and the currently selected text will be replaced

Encrypting

  1. Select some text you would like to encrypt:

    Pasted image 20220102194700

  2. Click the ribbon icon or run the Crypt-It command to bring up the dialog modal:

    Pasted image 20220102185346

  3. Enter a seed password and click the encrypt button

  4. The selected text will be encrypted and replaced: Pasted image 20220102195003

    • the cryptoKey will be generated, and prepended to the top of the encrypted text, nested in comments (%%)

  5. Your text is now encrypted, and your secrets safe!

    Pasted image 20220102195129

Note that if you have File Recovery or some simliar plugin enabled, versions of your unencrypted text may have been backed up.

Decrypting

  1. Select some text you would like to decrypt, including the cryptoKey: Pasted image 20220102201755

    • include the cryptoKey in your selection to be parsed
    • any white space will get automatically trimmed

  2. Click the ribbon icon or run the Crypt-It command to bring up the dialog modal:

    Pasted image 20220102185346

  3. Enter a seed password and click the decrypt button

  4. The selected text will be decrypted and replaced with the now decrypted and readable text: Pasted image 20220102202226

  5. Your text is now decrypted!

  • Note that if you have File Recovery or some simliar plugin enabled, versions of your unencrypted text may have been backed up elsewhere.

Parts of Crypt-It data:

Encrypted data consists of 3 parts:

  • The text content to encrypt or decrypt
  • the cryptoCode that stays with the text content
  • the hash from the password entry

Pasted image 20220102192331

  • When decrypting, 2 of these 3 parts (text content & cryptoCode) are already present - we just need to supply the password,
  • and when encrypting, the text content is selected, the cryptoKey is generated, and we supply the password.

Text content

  • the text content to encrypt/decrypt
  • after cryptoCode in comment (%%)

a 'cryptoCode' value:

  • unique to each encryption
  • before text content
  • is stored with the encrypted data (in the file) just before the encrypted text:
    • enclosed with comment tags (%%) on either side
    • designated with cryptoCode- + IV as a hex string
    • gets prepended when encrypting, and parsed again to use when decrypting - you shouldn't have to worry about it manually
    • always 16 bytes (128 bits) of hex
  • ( really a representation of the crypto IV)

seed password:

  • password hashed then used as the crypto key
  • is not stored at all - gets hashed from password input every time

Example

required format to parse for decryption:

%% cryptoCode-[CRYPTO_CODE_WITHOUT_BRACKETS] %%

encryptedtextcontentencryptedtextcontentencryptedtextcontent

Correct formatting will output automatically when encrypting.

You must select the entire cryptoCode and the entire text contents.

Credits

Source code and releases on Github

In the Obsidian Community Plugins?

Anonymous feedback/comments are welcome.