emacs-orgmode@gnu.org archives
 help / color / mirror / code / Atom feed
* mobileorg encryption in iOS vs. Android
@ 2013-01-14 16:34 John Hendy
  2013-01-14 16:43 ` Greg Troxel
  0 siblings, 1 reply; 4+ messages in thread
From: John Hendy @ 2013-01-14 16:34 UTC (permalink / raw)
  To: emacs-orgmode

See this thread on the Android mobileorg mailing list for reference:
- https://groups.google.com/forum/#!topic/mobileorg-android/IELoLsOCvos

I was having issues with org-mobile-use-encryption, and think it ended
up being that this variable is only for the iOS version. It encrypts
with openssl (at least from what I could tell) evidenced by this in
org-mobile.el:
----------
(defun org-mobile-encrypt-file (infile outfile)
  "Encrypt INFILE to OUTFILE, using `org-mobile-encryption-password'."
  (shell-command
   (format "openssl enc -aes-256-cbc -salt -pass %s -in %s -out %s"
	   (shell-quote-argument (concat "pass:"
					 (org-mobile-encryption-password)))
	   (shell-quote-argument (expand-file-name infile))
	   (shell-quote-argument (expand-file-name outfile)))))
----------

The Android version integrates encryption via Android Privacy Guard
(http://thialfihar.org/projects/apg/), which decrypts gpg files. Thus,
the Android procedure is:

1) Encrypt the desired org files:
$ gpg -c file.org

2) Get org-mobile-files to update by either:
- Adding file.org.gpg (or whatever you renamed the encrypted file to)
to org-agenda-files
- Adding the encrypted gpg file to org-mobile-files

3) M-x org-mobile-push

4) I was asked for the password three times; looks like once to
decrypt and then twice for a new password to re-encrypt when pushing

5) Make sure Android Privacy Guard is installed on phone

6) Setup sync settings and syncronize

7) A popup via APG should ask for symmetric password

Also, add this text at the top of the file so that emacs knows this is
an orgmode file even thought it ends in .gpg:
-*-mode:org-*-

I'm wondering if there's a way to add some sort of variable, say
`org-mobile-os` that could take "ios" or "android" as the inputs so
that org-mobile-use-encryption worked more as expected for Android
users?

Just a thought and wanted to inquire about this. At the very least, it
looks like the manual should be updated to reflect that the process is
not the same for both mobileorg's when it comes to encryption.


Thanks for any feedback,
John

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: mobileorg encryption in iOS vs. Android
  2013-01-14 16:34 mobileorg encryption in iOS vs. Android John Hendy
@ 2013-01-14 16:43 ` Greg Troxel
  2013-01-14 17:42   ` John Hendy
  0 siblings, 1 reply; 4+ messages in thread
From: Greg Troxel @ 2013-01-14 16:43 UTC (permalink / raw)
  To: John Hendy; +Cc: emacs-orgmode

[-- Attachment #1: Type: text/plain, Size: 244 bytes --]


It seems that the android version should act like the ios version and
just use the symmetric cipher.  Is that hard, or is there some advantage
to the gpg scheme?   Or perhaps the android-style encryption should be
supported directly in org?



[-- Attachment #2: Type: application/pgp-signature, Size: 194 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: mobileorg encryption in iOS vs. Android
  2013-01-14 16:43 ` Greg Troxel
@ 2013-01-14 17:42   ` John Hendy
  2013-01-14 21:10     ` Greg Troxel
  0 siblings, 1 reply; 4+ messages in thread
From: John Hendy @ 2013-01-14 17:42 UTC (permalink / raw)
  To: Greg Troxel; +Cc: emacs-orgmode

On Mon, Jan 14, 2013 at 10:43 AM, Greg Troxel <gdt@ir.bbn.com> wrote:
>
> It seems that the android version should act like the ios version and
> just use the symmetric cipher.  Is that hard, or is there some advantage
> to the gpg scheme?   Or perhaps the android-style encryption should be
> supported directly in org?
>

I think it has to do with the method used. org-mobile-use-encryption
uses openssl based encryption. From the APG entry on wikipedia [1]:
----------
The application provides strong, user-based encryption which is
compatible with the Pretty Good Privacy (PGP) and GNU Privacy Guard
(GPG) programs.
----------

When I encrypt with org-mobile-use-encryption, I get an APG popup with
a blank entry field expecting a PGP message, and it features a
"Decrypt" button at the bottom. When using gpg manually, I get a popup
for a symmetric key password.

Does this make sense? If so, this is my reasoning for thinking the
change has to be on the org side. Alternatively, an openssl decryption
method could be integrated into mobileorg Android.

[1] http://en.wikipedia.org/wiki/Android_Privacy_Guard


John

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: mobileorg encryption in iOS vs. Android
  2013-01-14 17:42   ` John Hendy
@ 2013-01-14 21:10     ` Greg Troxel
  0 siblings, 0 replies; 4+ messages in thread
From: Greg Troxel @ 2013-01-14 21:10 UTC (permalink / raw)
  To: John Hendy; +Cc: emacs-orgmode

[-- Attachment #1: Type: text/plain, Size: 708 bytes --]


John Hendy <jw.hendy@gmail.com> writes:

> Does this make sense? If so, this is my reasoning for thinking the
> change has to be on the org side. Alternatively, an openssl decryption
> method could be integrated into mobileorg Android.

What I meant was that it would be nice if there were a single scheme to
encrypt org files, and all mobile clients implemented it.  The use of
openssl by ios mobileorg seems reasonable, and I don't know why android
mobileorg doesn't use the same scheme.  But if android mobileorg uses
APG, then it seems that there should be elisp support to encrypt the
files and put them in place.

Is the use of APG for symmetric encryption, or is there a phone/org
pubkey involved?



[-- Attachment #2: Type: application/pgp-signature, Size: 194 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2013-01-14 21:11 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-01-14 16:34 mobileorg encryption in iOS vs. Android John Hendy
2013-01-14 16:43 ` Greg Troxel
2013-01-14 17:42   ` John Hendy
2013-01-14 21:10     ` Greg Troxel

Code repositories for project(s) associated with this inbox:

	https://git.savannah.gnu.org/cgit/emacs/org-mode.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).