[TxMt] encryption command advice for TM "journal"

Nick Hristov nick.hristov at gmail.com
Thu Mar 3 00:18:11 UTC 2005


This is good... for a start.

alright some dark scripting magic below (enter this EXACTLY as it is 
below, including newlines):

openssl enc -e -aes128 -base64 -pass:`osascript -e "set answr to \"\"
tell app \"Finder\"
activate
display dialog \"Please enter your secret magic word:\" default answer 
answr buttons{\"OK\"} default button 1
set answr to text returned of the result
return the answr
end tell
"`

Please also note that the example that Alan gave is somewhat inaccurate 
in how it handles base64 encodings. I do not have the time right now to 
resolve this issue (will play with it tonight and send you the actual 
decryption command too). Now you do not have to worry about 
environmental variables or TM preferences security (btw. the security 
implications now are that nobody should be doing a process list on your 
system at the time of the encryption... that could compromise the 
password, but the timing must be very accurate).

Now, who in this forum said that Applescript is useless and did not 
want to implement it in TM ;) ?

Nick

On Feb 26, 2005, at 8:53 AM, Allan Odgaard wrote:

> On Feb 26, 2005, at 15:15, Paul Nordstrom August wrote:
>
>> What I would like is an on-the-fly encryption -- i.e. select the text 
>> and run a command to encrypt it (with a pre-set password). Then I 
>> could store bank data etc securely.
>
> You can set the password as a custom shell variable for TextMate, go 
> to preferences / advanced (name it e.g. TM_PASSWD). Then use this 
> command to encrypt input (which you'd probably set to “selected text”) 
> as AES-128:
>    openssl enc -e -aes128 -base64 -pass env:TM_PASSWD
>
> To decrypt the block again, use this command:
>    openssl enc -d -aes128 -base64 -pass env:TM_PASSWD
>
> Anyone who has access to your TextMate preferences file would be able 
> to read the password. If this is sufficient security, then I'd suggest 
> the above. You could also provide the password directly to the command 
> using: “-pass pass:<password>”, this is less secure than the variable 
> because other processes running on your machine might be able to 
> intercept launch arguments.
>
> If you need better security, you could have the command ask for the 
> password (e.g. using an applescript dialog) and maybe cache it in a 
> file (readable only by current user) and maybe even have that file 
> removed after n minutes.
>
> ______________________________________________________________________
> For new threads USE THIS: textmate at lists.macromates.com
> (threading gets destroyed and the universe will collapse if you don't)
> http://lists.macromates.com/mailman/listinfo/textmate
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: text/enriched
Size: 2670 bytes
Desc: not available
URL: <http://lists.macromates.com/textmate/attachments/20050302/216cc943/attachment.bin>


More information about the textmate mailing list