Encrypt/decrypt using a key file

meld-cp / obsidian-encrypt

Hide secrets in your Obsidian.md vault

MIT License

539 stars 31 forks source link

Encrypt/decrypt using a key file #162

Open fedemengo opened 1 month ago

fedemengo commented 1 month ago

is it possible to load the password/encryption key from file/env variable?

meld-cp commented 1 month ago

Possibly.

Presumably this is so you wouldn't need to type in a password and you could then use an extra long password/key?

To have a file, the mobile and desktop versions would need separate paths set up in settings.

Env var might be easier, as the interface to get/set would be the same for all platforms.

fedemengo commented 1 month ago

you wouldn't need to type in a password and you could then use an extra long password/key

yep exactly

meld-cp commented 1 month ago

Env var might be easier, as the interface to get/set would be the same for all platforms.

ok, yeah, I explored this a little last night... desktop platforms would work with an env var but I can't see a way for a user to set a semi-permanent env var on mobile devices. The pw/key retrieval method needs to work for both desktop and mobile, and getting it working for mobile is the roadblock currently.

The other option is to use multiple paths to some file outside your vault as the key. 'Outside your vault' to prevent it being sync'd with your notes, and 'multiple paths' because each one of your devices may have that file stored in different locations.

meld-cp commented 1 month ago

I had a bit more success using files.

If you are able to test, I can attach a version for you to try.

fedemengo commented 1 month ago

yep, I can test it in the next couple of days

Btw, thank you so much for the effort 🙏

meld-cp commented 1 month ago

No problem @fedemengo,

Backup your notes before you test, just in case.

key-file-test.zip contains main.js. Use this to replace the version in .....\.obsidian\plugins\meld-encrypt\ and restart the plugin.

Add the paths to your key files in settings (paths need to be relative to your vault):

You can use the 'Check Paths' button to check if the files can be seen by the plugin on the current device:

Let me know how it goes.

fedemengo commented 4 weeks ago

Looks pretty awesome 🚀🚀

The only odd behavior I noticed (tested only on my laptop) is

set key from file
create note
open note (everything's ok at this point, encryption/decryption works automatically)
manually decrypt note (right click on file)
decryption works automatically
manually encrypt note (right click on file)
plugin asks for password and confirmation (I was expecting auto encryption from key file)
password is pre-filled, copying password to confirmation shows "Password don't match"
copied password from file to both input boxes
at this point I need to insert the password manually each time I open the note

meld-cp commented 4 weeks ago

Thanks for testing, I must have missed that, will look into it 👍

meld-cp commented 4 weeks ago

This should fix that prompting for password issue: key-file-test.zip

meld-cp commented 3 weeks ago

Released to 2.4.0-beta.3

fedemengo commented 1 day ago

sorry for the delay, tested the beta! Looks very good!

meld-cp commented 1 day ago

That's great to hear @fedemengo, thanks for testing. 😊