Client Side Encryption drupal module

The Client Side Encryption (CSE) module is developed for drupal to provide a means of encrypting and decrypting sensitive information (such as computer IPs, non-public email addresses etc.) completely within the web browser. This means neither the network nor any server php code gets to see any plain text content that it shouldn't. Plain text can be intermixed with encrypted text on a page meaning only sensitive parts can be hidden. I designed the CSE module to allow the usually private description of such things as computer administration tasks to be generally readable with sensitive information (like particular IP addresses) encrypted. A community of individuals with the correct pass phrase can see the entire content, or the parts of the content their pass phrase allows them to see (different pass phrases can be used to reveal different parts of the content). The actual encryption/decryption is performed using the 128 bit AES algorithm.

When a page contains encrypted content (as this one does), a small "cse" appears at the top of the node (if javascript is enabled). Clicking the "cse" opens a text box where a pass phrase can be entered. Encrypted text is indicated in the page by a configurable label (the default is "[encrypted]"). For example, this text is -2-A7-2B-66-6B-A6-5C-86-A9-92-5D-E-A2-21-34-33-21-77-5A-75-9E-D0-2B-E0-60-82-CC-E2- 5F-F6-BA-8F-4A-10-20-47-BE-3A-9F-2B-6D-16-27-6D-21-31-32-21-44-87-DE-6F-D4-6F-2F- 41-46-21-34-33-21-33 and can be seen by entering the pass phrase "cse demo" into the cse text box.

The development of the CSE module has moved to (from June 2008). All future releases will be available via these drupal module pages. Please also report any issues or feature requests using the drupal project site.

Current version: 2.0 (released October 14 2007). New features of this version include: improved editing tools, availability of CSE in comments (an option configured via drupal access control) and, for drupal 6, improved integration with the drupal/jQuery "behaviours". Please report any issues on the comments page.

The module can be obtained here (either in a zip or tar/bzip2 archive):

This module including the associated javascript comes with absolutely no warranty (implied or otherwise) - see the included GNU public license. Any loss of information, or breach of security resulting from the use of this code is solely the user's responsibility.

Please feel free to leave any feedback or bug reports on the cse comments page.

Older versions