tiddler encryption reinvented (EncryptionPlugin)
FND
play well with TiddlyWeb:
http://groups.google.com/group/tiddlyweb/browse_thread/thread/7eb9500c2b49f010
So I set out to create a proof of concept demonstrating how to utilize
TiddlyWiki's API(s) to ensure compatibility - and ended up writing my
own encryption plugin:
http://fnd.lewcid.org/misc/EncryptionPluginDemo.html
http://svn.tiddlywiki.org/Trunk/contributors/FND/plugins/EncryptionPlugin.js
It's quite rough and somewhat confusing in terms of user experience, but
I don't intend for it to replace anyone's plugin.
However, I hope the code will prove instructive for plugin writers, as
it touches upon various layers of TiddlyWiki's internals.[1] (The actual
cryptography is abstracted away - I don't actually know too much about
that topic myself.) So I'd greatly welcome feedback.
Disclaimer: I only did limited research regarding prior art[2].
-- F.
[1] I'd argue that work on projects like TiddlyWeb, as well as the
influence of jQuery, has greatly improved our collective understanding
of TiddlyWiki's API in recent years.
[2] http://tiddlywiki.org/wiki/Encryption
Lyall
I must admit, however, the TiddlerEncryptionPlugin was created for my
use, when I knew very little about tiddlywiki or Javascript, and, I
admit, still don't :-)
...Lyall
On Jun 1, 1:05 am, FND <F...@gmx.net> wrote:
> Unfortunately, Lyall's popular TiddlerEncryptionPlugin currently doesn't
> So I set out to create a proof of concept demonstrating how to utilize
> TiddlyWiki's API(s) to ensure compatibility - and ended up writing my
Lyall
Any chance you could point me to some docs on coding for the new
TiddlyWiki way?
I tried looking in the TiddlyWiki wiki, but all that is in there is
the stuff I wrote 1 and a half years ago.
Assume a basic understanding of Javascript :)
...Lyall
On Jun 6, 9:05 pm, Lyall <lyall.pea...@gmail.com> wrote:
> I will have a look at what you have done.
>
> I must admit, however, the TiddlerEncryptionPlugin was created for my
> use, when I knew very little about tiddlywiki or Javascript, and, I
> admit, still don't :-)
>
> ...Lyall
>
> On Jun 1, 1:05 am, FND <F...@gmx.net> wrote:
>
> > Unfortunately, Lyall's popular TiddlerEncryptionPlugin currently doesn't
> > play well with TiddlyWeb:http://groups.google.com/group/tiddlyweb/browse_thread/thread/7eb9500...
>
> > So I set out to create a proof of concept demonstrating how to utilize
> > TiddlyWiki's API(s) to ensure compatibility - and ended up writing my
FND
Thanks Lyall - much appreciate it!
> Any chance you could point me to some docs on coding for the new
> TiddlyWiki way?
I'm not sure what you mean by "new way" here. TiddlyWiki's APIs haven't
changed much in a long time - except that you now have access to jQuery
as well, which simplifies working with the DOM and provides some other
handy utilities.
Do you have any particular questions or are you looking for a general
overview?
Apart from the stuff on tiddlywiki.org, here are a few efforts to tackle
the perennial issue of documentation:
http://softwareas.com/tiddlywiki-internals-1-of-3-architectural-concepts
http://www.tiddlytools.com/insideTW/
http://hoster.peermore.com/recipes/tiddlywiki-reference/tiddlers.wiki
-- F.
Lyall
I hope you don't mind, I will be using your example as a starting
point, as I become used to JQuery (I am reading up on that as well).
After all, the old existing TiddlerEncryptionPlugin is almost as
confusing as it's encrypted tiddlers ;)
Thanks for the links.
...Lyall
Lyall
and I have horrible flickering on the edit buttons, they still work,
but flicker badly.
Is this something you encountered and why you are using 2.6.1 alpha?
On Jun 8, 8:59 pm, Lyall <lyall.pea...@gmail.com> wrote:
> I will dig around.
> I hope you don't mind, I will be using your example as a starting
> point, as I become used to JQuery (I am reading up on that as well).
> After all, the old existing TiddlerEncryptionPlugin is almost as
> confusing as it's encrypted tiddlers ;)
>
> Thanks for the links.
>
> ...Lyall
>
> On Jun 8, 12:15 am, FND <F...@gmx.net> wrote:
>
> > > I will have a look at what you have done.
>
> > Thanks Lyall - much appreciate it!
>
> > > Any chance you could point me to some docs on coding for the new
> > > TiddlyWiki way?
>
> > I'm not sure what you mean by "new way" here. TiddlyWiki's APIs haven't
> > changed much in a long time - except that you now have access to jQuery
> > as well, which simplifies working with the DOM and provides some other
> > handy utilities.
>
> > Do you have any particular questions or are you looking for a general
> > overview?
>
> > Apart from the stuff on tiddlywiki.org, here are a few efforts to tackle
>
> > -- F.
FND
Quite the opposite - I was hoping it would be used that way!
> I am playing around with your example, but I am using TiddlyWiki 2.6.0
> and I have horrible flickering on the edit buttons
I can't recall having experienced this myself - although I do have
similar issues with Google Reader in Prism every so often. A page
refresh usually remedies that.
> why you are using 2.6.1 alpha?
Laziness, basically (cooking against Trunk) - it shouldn't make a
difference though?
> After all, the old existing TiddlerEncryptionPlugin is almost as
> confusing as it's encrypted tiddlers ;)
Hehe...
-- F.
Lyall
after I had posted the query. Sorry bout the false alarm.
Would you mind commenting up a version for me and making it available?
Assume a little bit of ignorance.
Things like, why some functions are being executed and what their
consequences are, the parameters, what they mean.
Feel free to email it to me, if you like.
By the way, I can get your demo to 'encrypt' a tiddler, on the net,
but I can't seem to convince it to pop up a password prompt at home.
Finally, I prefer not to 'develop' in the tiddler, it's painful
(basically following my own method in the wiki). I am using a
LoadJavascript plugin to load my dev plugin. Has anyone managed to get
FireBug to work usefully with TiddlyWiki in this context? If so, how?
FireBug seems to consolidate the entire plugin into a single line.
(but then, I am a noob at FireBug so who knows?)
...Lyall
Lyall
Only works if I have the plugin as a tiddler with systemConfig, not
using my 'dynamic loading' technique.
Lyall
FireBug certainly helps!
...Lyall
FND
I'd be happy to do so - unfortunately, I'm currently swamped, so it
might have to wait a week or two.
> By the way, I can get your demo to 'encrypt' a tiddler, on the net,
> but I can't seem to convince it to pop up a password prompt at home.
That's curious - any hints on how to reproduce this?
> I prefer not to 'develop' in the tiddler
Same here - I prefer to use a regular .js file, which means I either use
TiddlyWeb's devstore or dynamic loading of scripts:
http://fnd.lewcid.org/misc/PluginLoader.html
The latter has some significant caveats (eval time, variable scope):
http://groups.google.com/group/tiddlywikidev/t/41ccf8970297b673
-- F.
Lyall
Last night, double entry of password (password confirmation) done,
including wrapping encrypted text in {{{ }}} with a warning, eg.
Do NOT edit this tiddler
{{{
encrypted text
}}}
This way, no spurious links being shown/reported.
Tonight, using Tags rather than titles to key passwords (like my old
plugin).
Maybe even encrypt/decrypt all :-)
...Lyall
Mike
I love the original plugin, looking forward to the new incarnation !
Will it work with normal TW as well as tiddlyweb?
Mike
Lyall
I hope the foundation that FND has provided is the 'current' way of
doing things and integrates best.
I hope to include *all* the original features (including using tags as
the prompt) plus the following :-
* auto re-encrypt on timeout (I thought that was cool)
* Ability to encrypt a tiddler without tagging it using the 'encrypt'
button - you won't have a password prompt - it's up to you to remember
the password
* Ability to decrypt a tiddler, encrypted with the previous point,
using the 'decrypt' button
* Easier localisation
This would probably form my initial release of TiddlerEncryptionPlugin
4.0
Next,
My current usage pattern is to have an unencrypted tiddler (contains
the non-sensetive stuff, still allowing me to search) [include]
relevant slices of an encrypted tiddler (which contains the sensetive
stuff like passwords). This pattern means I can still search (for
example, a web site user/password) but can't see the password till I
decrypt the password tiddler.
What *I* would really like to have is some way of identifying
portion(s) of a tiddler and and only encrypting those portions! My
initial thoughts are something like special tags <encrypt "Password
prompt"></encrypt> which only show in edit mode. Encrypted text would
still be surrounded by the <encrypt> tags (which only show in edit
mode) but would also be surrounded by {{{}}} to prevent wikiword
translation in normal display. Maybe even the <encrypt> tags would
cause a 'tooltip' to be shown, indicating that the text is encrypted.
I don't know how this would sit with those that use 'pretty editors',
though.
If I could sort this whole concept out, then, it's possible, I might
discard the 'tagged' method of encryption in favour of this new
mechanism.
I am also looking for guidance on how to make a plugin 'localisation
friendly' - are there standard frameworks in place in TW?
Suggestions would be welcomed.
...Lyall
Lyall
After a bit of looking, I am unsure as to what is fundamentally
different between your demo and my old plugin, other than using JQuery
to setup the prompts - which seems much nicer - and using an external
encryption module - again, nicer but bulkier - and an interesting
coding style with variables being defined as functions - which
confused the hell out of me.
Assuming I need to tweak TEP to work with your TiddlyWeb - what
functions am I not calling if a user presses the 'Decrypt This' or
'Decrypt All' buttons such that your application works?
Additionally, 'Save' currently re-encrypts tiddlers prior to writing
to storage, are you asking for a 'Re-encrypt This' and a 'Re-Encrypt
All' button which does not 'save' but simply operates locally? This
requirement was a bit silly, from my original perspective but times
change :)
...Lyall
FND
moment, so I didn't get around to replying...
> After a bit of looking, I am unsure as to what is fundamentally
> different between your demo and my old plugin
I now realize this isn't obvious at all - mainly due to the fact that
the code has grown far beyond what was originally anticipated...
The basic difference is that my plugin operates directly on individual
tiddlers rather than the document as a whole. If I recall correctly,
your plugin's encryption occurs during serialization, when writing the
document to file. However, this is never triggered when sync'ing changes
to a server (whether manually or via the ServerSideSavingPlugin*).
> are you asking for a 'Re-encrypt This' and a 'Re-Encrypt All' button
> which does not 'save' but simply operates locally?
I'm not sure whether separate buttons are desirable - it seems like this
should be handled automatically, ensuring that the decrypted text is
never persisted.
> This requirement was a bit silly, from my original perspective but
> times change
This (even) more tiddler-centric view, with the tiddler (rather than the
document) as the basic unit, was brought about by various explorations
and experiences in recent years, including of course TiddlyWeb. It seems
to be in line with where the web is moving (again); individually
addressable chunks of atomic content.
> an interesting coding style with variables being defined as functions
Indeed, it can take some time to get used to functions as first-class
objects - but it's quite a powerful concept...
-- F.
* as used by both TiddlyWeb and ccTiddly:
http://svn.tiddlywiki.org/Trunk/association/plugins/ServerSideSavingPlugin.js
Lyall
the encyrption?
If so, that should be a simple matter of overriding the save function,
as you have done.
I guess that would remove the need to override the serialisation
function.
Might have a look tonight.
...Lyall