fz0x1/jrnl
1
0
Fork 0
mirror of https://github.com/jrnl-org/jrnl.git synced 2025-05-10 08:38:32 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
jrnl/site/encryption/index.html
Toshiyuki Yoshida a50566472f
Add Japanese translations and implement I18N support 
- Add Japanese translations for documentation
- Implement I18N framework
- Update mkdocs.yml for multi-language support

This commit significantly enhances the project's internationalization.
2024-09-26 10:36:54 +09:00

362 lines
16 KiB
HTML
Raw Blame History

<!--
Copyright © 2012-2023 jrnl contributors
License: https://www.gnu.org/licenses/gpl-3.0.html
-->
<!DOCTYPE html>
<html class="writer-html5" lang="en" >
<head>
<meta charset="utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" /><meta name="author" content="jrnl contributors" /><link rel="canonical" href="https://jrnl.sh/encryption/" />
<link rel="shortcut icon" href="../img/favicon.ico" />
<title>Encryption - jrnl</title>
<link rel="stylesheet" href="../css/theme.css" />
<link rel="stylesheet" href="../css/theme_extra.css" />
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.8.0/styles/github.min.css" />
<link href="https://fonts.googleapis.com/css?family=Open+Sans:300,600" rel="stylesheet" />
<link href="../assets/colors.css" rel="stylesheet" />
<link href="../assets/theme.css" rel="stylesheet" />
<link href="../assets/highlight.css" rel="stylesheet" />
<script>
// Current page data
var mkdocs_page_name = "Encryption";
var mkdocs_page_input_path = "encryption.md";
var mkdocs_page_url = "/encryption/";
</script>
<!--[if lt IE 9]>
<script src="../js/html5shiv.min.js"></script>
<![endif]-->
<script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.8.0/highlight.min.js"></script>
<script>hljs.highlightAll();</script>
</head>
<body class="wy-body-for-nav" role="document">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side stickynav">
<div class="wy-side-scroll">
<div class="wy-side-nav-search">
<a href=".." class="icon icon-home"> jrnl
</a>
<div role="search">
<form id ="rtd-search-form" class="wy-form mkdocs-search" action="../search.html" method="get">
<input type="text" name="q" placeholder="Search docs" title="Type search term here" />
<button class="icon icon-search" aria-label="submit"></button>
</form>
</div>
</div>
<div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="Navigation menu">
<ul>
<li class="toctree-l1"><a class="reference internal" href="../overview/">Overview</a>
</li>
</ul>
<p class="caption"><span class="caption-text">User Guide</span></p>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../installation/">Quickstart</a>
</li>
<li class="toctree-l1"><a class="reference internal" href="../usage/">Basic Usage</a>
</li>
<li class="toctree-l1 current"><a class="reference internal current" href="#">Encryption</a>
<ul class="current">
<li class="toctree-l2"><a class="reference internal" href="#a-note-on-security">A Note on Security</a>
</li>
<li class="toctree-l2"><a class="reference internal" href="#encrypting-and-decrypting">Encrypting and Decrypting</a>
</li>
<li class="toctree-l2"><a class="reference internal" href="#storing-passwords-in-your-keychain">Storing Passwords in Your Keychain</a>
</li>
<li class="toctree-l2"><a class="reference internal" href="#manual-decryption">Manual Decryption</a>
</li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../journal-types/">Journal Types</a>
</li>
<li class="toctree-l1"><a class="reference internal" href="../privacy-and-security/">Privacy and Security</a>
</li>
<li class="toctree-l1"><a class="reference internal" href="../formats/">Formats</a>
</li>
<li class="toctree-l1"><a class="reference internal" href="../advanced/">Advanced Usage</a>
</li>
<li class="toctree-l1"><a class="reference internal" href="../external-editors/">External Editors</a>
</li>
<li class="toctree-l1"><a class="reference internal" href="../tips-and-tricks/">Tips and Tricks</a>
</li>
</ul>
<p class="caption"><span class="caption-text">Reference</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../reference-command-line/">Command Line</a>
</li>
<li class="toctree-l1"><a class="reference internal" href="../reference-config-file/">Configuration File</a>
</li>
</ul>
<p class="caption"><span class="caption-text">Contributing</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../contributing/">Contributing to jrnl</a>
</li>
</ul>
<p class="caption"><span class="caption-text">ja</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../ja/overview/">概要</a>
</li>
<li class="toctree-l1"><a class="reference internal" >ユーザーガイド</a>
<ul>
<li class="toctree-l2"><a class="reference internal" href="../ja/installation/">クイックスタート</a>
</li>
<li class="toctree-l2"><a class="reference internal" href="../ja/usage/">基本的な使い方</a>
</li>
<li class="toctree-l2"><a class="reference internal" href="../ja/encryption/">暗号化</a>
</li>
<li class="toctree-l2"><a class="reference internal" href="../ja/journal-types/">ジャーナルの種類</a>
</li>
<li class="toctree-l2"><a class="reference internal" href="../ja/privacy-and-security/">プライバシーとセキュリティ</a>
</li>
<li class="toctree-l2"><a class="reference internal" href="../ja/formats/">フォーマット</a>
</li>
<li class="toctree-l2"><a class="reference internal" href="../ja/advanced/">高度な使い方</a>
</li>
<li class="toctree-l2"><a class="reference internal" href="../ja/external-editors/">外部エディタ</a>
</li>
<li class="toctree-l2"><a class="reference internal" href="../ja/tips-and-tricks/">ヒントとコツ</a>
</li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" >リファレンス</a>
<ul>
<li class="toctree-l2"><a class="reference internal" href="../ja/reference-command-line/">コマンドライン</a>
</li>
<li class="toctree-l2"><a class="reference internal" href="../ja/reference-config-file/">設定ファイル</a>
</li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" >貢献</a>
<ul>
<li class="toctree-l2"><a class="reference internal" href="../ja/contributing/">jrnlへの貢献</a>
</li>
</ul>
</li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
<nav class="wy-nav-top" role="navigation" aria-label="Mobile navigation menu">
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="..">jrnl</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content"><!--
Copied from https://github.com/mkdocs/mkdocs/blob/master/mkdocs/themes/readthedocs/breadcrumbs.html
Then lightly modified for accessibility
-->
<div role="navigation" aria-label="breadcrumbs navigation">
<ul class="wy-breadcrumbs">
<li><a href=".." class="icon icon-home" aria-label="Docs"></a> &raquo;</li>
<li>User Guide &raquo;</li>
<li>Encryption</li>
<li class="wy-breadcrumbs-aside">
<a href="https://github.com/jrnl-org/jrnl/edit/develop/docs/encryption.md" class="icon icon-github"> Edit on GitHub</a>
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div class="section" itemprop="articleBody">
<!--
Copyright © 2012-2023 jrnl contributors
License: https://www.gnu.org/licenses/gpl-3.0.html
-->
<h1 id="encryption">Encryption</h1>
<h2 id="a-note-on-security">A Note on Security</h2>
<p>While <code>jrnl</code> follows best practices, total security is never possible in the
real world. There are a number of ways that people can at least partially
compromise your <code>jrnl</code> data. See the <a href="../privacy-and-security/">Privacy and Security</a> page
for more information.</p>
<h2 id="encrypting-and-decrypting">Encrypting and Decrypting</h2>
<p>Existing plain text journal files can be encrypted using the <code>--encrypt</code>
command:</p>
<pre><code class="language-sh">jrnl --encrypt [FILENAME]
</code></pre>
<p>You can then enter a new password, and the unencrypted file will replaced with
the new encrypted file.</p>
<p>This command also works to change the password for a journal file that is
already encrypted. <code>jrnl</code> will prompt you for the current password and then new
password.</p>
<p>Conversely,</p>
<pre><code class="language-sh">jrnl --decrypt [FILENAME]
</code></pre>
<p>replaces the encrypted journal file with a plain text file. You can also specify
a filename, e.g., <code>jrnl --decrypt plain_text_copy.txt</code>, to leave the original
encrypted file untouched and create a new plain text file next to it.</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Changing <code>encrypt</code> in your <a href="../reference-config-file/">config file</a> to
a different value will not encrypt or decrypt your
journal file. It merely says whether or not your journal
is encrypted. Hence manually changing
this option will most likely result in your journal file being
impossible to load. This is why the above commands are necessary.</p>
</div>
<h2 id="storing-passwords-in-your-keychain">Storing Passwords in Your Keychain</h2>
<p>Nobody can recover or reset your <code>jrnl</code> password. If you lose it,
your data will be inaccessible forever.</p>
<p>For this reason, when encrypting a journal, <code>jrnl</code> asks whether you would like
to store the password in your system's keychain. An added benefit is that you
will not need to enter the password when interacting with the journal file.</p>
<p>If you don't initially store the password in your keychain but decide to do so
later---or if you want to store it in one computer's keychain but not in another
computer's---you can run <code>jrnl --encrypt</code> on an encrypted journal and use the
same password again. This will trigger the keychain storage prompt.</p>
<h2 id="manual-decryption">Manual Decryption</h2>
<p>The easiest way to decrypt your journal is with <code>jrnl --decrypt</code>, but you could
also decrypt your journal manually if needed. To do this, you can use any
program that supports the AES algorithm (specifically AES-CBC), and you'll need
the following relevant information for decryption:</p>
<ul>
<li><strong>Key:</strong> The key used for encryption is the
<a href="https://en.wikipedia.org/wiki/SHA-2">SHA-256</a> hash of your password.</li>
<li><strong>Initialization vector (IV):</strong> The IV is stored in the first 16 bytes of
your encrypted journal file.</li>
<li><strong>The actual text of the journal</strong> (everything after the first 16 bytes in
the encrypted journal file) is encoded in
<a href="https://en.wikipedia.org/wiki/UTF-8">UTF-8</a> and padded according to
<a href="https://en.wikipedia.org/wiki/PKCS_7">PKCS#7</a> before being encrypted.</li>
</ul>
<p>If you'd like an example of what this might look like in script form, please
see below for some examples of Python scripts that you could use to manually
decrypt your journal.</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>These are only examples, and are only here to illustrate that your journal files
will still be recoverable even if <code>jrnl</code> isn't around anymore. Please use
<code>jrnl --decrypt</code> if available.</p>
</div>
<p><strong>Example for jrnl v2 files</strong>:</p>
<pre><code class="language-python">#!/usr/bin/env python3
&quot;&quot;&quot;
Decrypt a jrnl v2 encrypted journal.
Note: the `cryptography` module must be installed (you can do this with
something like `pip3 install crytography`)
&quot;&quot;&quot;
import base64
import getpass
from pathlib import Path
from cryptography.fernet import Fernet
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
filepath = input(&quot;journal file path: &quot;)
password = getpass.getpass(&quot;Password: &quot;)
with open(Path(filepath), &quot;rb&quot;) as f:
ciphertext = f.read()
password = password.encode(&quot;utf-8&quot;)
kdf = PBKDF2HMAC(
algorithm=hashes.SHA256(),
length=32,
salt=b&quot;\xf2\xd5q\x0e\xc1\x8d.\xde\xdc\x8e6t\x89\x04\xce\xf8&quot;,
iterations=100_000,
backend=default_backend(),
)
key = base64.urlsafe_b64encode(kdf.derive(password))
print(Fernet(key).decrypt(ciphertext).decode(&quot;utf-8&quot;))
</code></pre>
<p><strong>Example for jrnl v1 files</strong>:</p>
<pre><code class="language-python">#!/usr/bin/env python3
&quot;&quot;&quot;
Decrypt a jrnl v1 encrypted journal.
Note: the `pycrypto` module must be installed (you can do this with something
like `pip3 install pycrypto`)
&quot;&quot;&quot;
import argparse
import getpass
import hashlib
from Crypto.Cipher import AES
parser = argparse.ArgumentParser()
parser.add_argument(&quot;filepath&quot;, help=&quot;journal file to decrypt&quot;)
args = parser.parse_args()
pwd = getpass.getpass()
key = hashlib.sha256(pwd.encode(&quot;utf-8&quot;)).digest()
with open(args.filepath, &quot;rb&quot;) as f:
ciphertext = f.read()
crypto = AES.new(key, AES.MODE_CBC, ciphertext[:16])
plain = crypto.decrypt(ciphertext[16:])
plain = plain.strip(plain[-1:])
plain = plain.decode(&quot;utf-8&quot;)
print(plain)
</code></pre>
</div>
</div><footer>
<div class="rst-footer-buttons" role="navigation" aria-label="Footer Navigation">
<a href="../usage/" class="btn btn-neutral float-left" title="Basic Usage"><span class="icon icon-circle-arrow-left"></span> Previous</a>
<a href="../journal-types/" class="btn btn-neutral float-right" title="Journal Types">Next <span class="icon icon-circle-arrow-right"></span></a>
</div>
<hr/>
<div role="contentinfo">
<!-- Copyright etc -->
</div>
Built with <a href="https://www.mkdocs.org/">MkDocs</a> using a <a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<div class="rst-versions" role="note" aria-label="Versions">
<span class="rst-current-version" data-toggle="rst-current-version">
<span>
<a href="https://github.com/jrnl-org/jrnl/" class="fa fa-github" style="color: #fcfcfc"> GitHub</a>
</span>
<span><a href="../usage/" style="color: #fcfcfc">&laquo; Previous</a></span>
<span><a href="../journal-types/" style="color: #fcfcfc">Next &raquo;</a></span>
</span>
</div>
<script src="../js/jquery-3.6.0.min.js"></script>
<script>var base_url = "..";</script>
<script src="../js/theme_extra.js"></script>
<script src="../js/theme.js"></script>
<script src="../search/main.js"></script>
<script>
jQuery(function () {
SphinxRtdTheme.Navigation.enable(true);
});
</script>
</body>
</html>
Reference in a new issue View git blame Copy permalink