Jump to content

(Archived) Decrypt encrypted text in enex files


Recommended Posts

I've recently decided to look at using the 'Encrypt Selected Text...' option on the context menu in a note.  Before I start using it for anything important I wanted to make sure I could access the text in exported data.  I'm wondering what would happen if I come back to an exported note sometime in the future and I don't have access to an Evernote client to decrypt the text.


For this reason I wanted to make sure I could decrypt the data outside of Evernote.   The problem is it does not seem to be possible.  I tried searching on the forum but I couldn't find any posts about this.  I found a post on stackoverflow that is similar to this issue: Incompatible AES implementations?


On the Evernote page ENML Understanding the Evernote Markup Language the element en-crypt is described with only minimal details.  From that page we know the data is base64 encoded.  Here's an example taken from an exported file today:

<en-crypt cipher="AES" hint="a hint" length="128">**Encoded data removed**</en-crypt>

So we know that it currently uses AES 128.  The problem seems to be that's not enough information as there are various different types of AES.  this seems to be the same problem on that stackoverflow question. Basically Evernote is using one method to encrypt the data and the apps I'm trying to decrypt the data are using a different method.


I extracted the base64 data using this command:

openssl base64 -d -A -in en_test_b64.txt -out en_test_enc.txt

That generates a binary file.  I've tried this with two different bits of encrypted text and the output from both starts with 'ENC'  the first had 'ENC08' while the second had 'ENC0' then it goes on with other random characters.  I tried searching online and couldn't find any reference to this being a standard format.  If I try decrypting the data with openssl using this:

openssl enc -d -aes128 -in en_test_enc.txt -out en_test_dec.txt

I get a 'bad magic number' error.  If I add '-nosalt' I then get a 'bad decrypt' error.  I understand bits about encryption and decryption but I'm certainly not an expert.  


Has anyone ever managed to successfully decrypt text from an enex file outside of an Evernote client?  If someone from Evernote reads this can you confirm if it is possible to decrypt the data outside of an Evernote client?


Thanks for reading this, hopefully there is a solution to this or maybe I shouldn't worry about it so much  :) .


P.S.  I considered posting this in the Evernote for Developers section but decided its not related to scripting or the API so I thought the general section would be fine.

Link to comment
When using the included text-encrption from Evernote you should consider the following:


You can setup Evenote to sync every x minutes.


So when you write some secret text and encrypt it a few minutes later it is possible that Evernote has synced in the background in the meantime. This means your secret text is in clear text-format in the cloud and it is in your note-history and stored there forever in clear text!


So I would only add already encrypted files to Evernote.


I use AxCrypt (http://www.axantum.com/axcrypt/) for this:


+ Handling is the same like unencrypted files: Open by double-click from within Evernote, edit, close → changes are immediately written back to Evernote in encrypted form

+ It can keep your password within a session so you only need to enter it one single time to view/edit all your encrypted files attached to Evernote

+ Encryption takes place BEFORE attaching the file to Evernote

+ It can encrypt every type of file (simple text files as well as Word/Excel and even small databases).

+ When you export your notes in HTML-format (for backup) you have still access to all your encrypted files because attachments are saved as normal files. 

+ it's open source (free)

+ it works very stable (I use it day by day for a long time now)

- One disadvantage: Currently it is not able to access your encrypted files on mobile devices. But they currently seem to develop a client for iOS.


→ It is perfect for storing sensitive information/files in Evernote that need no access on mobile devices.


Link to comment


...So I would only add already encrypted files to Evernote.
I use AxCrypt (http://www.axantum.com/axcrypt/) for this...


That's a good point.  In this case I was aware of the syncing time though I did just take a chance with it.  I typed out the plain text in a local text editor and pasted it into the Windows Evernote client and encrypted it straight away.  There was the risk of it syncing in the couple of seconds it took me to encrypt it though.  This time I was lucky and it didn't.  I could avoid that by checking when it last synced and making sure I have long enough to encrypt it before it next syncs.


AxCrypt certainly looks like a good app which I'm going to look into.  I like the fact that its open source, even better that 2.x is changing to C# since I use that at work.  Unfortunately I would need to access the content on my Android phone so I can't use that just yet.


When I first saw that it was a file encryption app I was thinking that it would be better to have an app that could encrypt just text, that way you could type out your content in the app and encrypt it then paste it into your note.  Though thinking about it for a moment made me realise that probably wouldn't work with the formatting in a note. 


Your way of attaching a file would work.  If AxCrypt create an Android client it would be workable but you'd probably have to download the file from Evernote then open it with the AxCrypt app to decrypt it.


It's certainly a good idea to look at file encryption outside of Evernote though, thanks for the tip.

Link to comment


This topic is now archived and is closed to further replies.

  • Create New...