Note: encryption functions are not available to new customers or in Play Store versions of Tasker due to US export restrictions.
Since decryption can be automated, you have the possibility to keep data files encrypted outside of certain times, locations, applications etc.
Warning: make backups of your files while setting up encryption until you understand how the system works and are sure the encryption/decryption process does not cause any corruption.Tip: Tasker does not give progress reports while it's doing encryption, if you want to know when an long decryption operation is finished, just put a Vibrate action or similar after the Encrypt/Decrypt action.
If no key name is specified, default is used.
Once a passphrase for a key is entered, the ciphers it generated are stored in memory until explicitly deleted. The deletion might be specified after an Encrypt/ Decrypt File action, or explicitly with the Clear Key action.
First thing to do is check whether the encryption preferences for Encryption Iterations and Encryption Algorithm are as you wish. Once you start encryping things, it's time consuming to start again with new encryption preferences.
The preferences can be found at
Menu / Prefs / Action.
Be sure to have a look at the help text for each item.
To do that, create a task called Encrypt or similar and add one or more Encrypt File or Encrypt Dir actions to it.
By default, the key is cleared once the file is encrypted, so click 'Leave Key' for all but the last action, otherwise you'll have to enter your passphrase for each file.
Next, create a Tasker shortcut on the home screen, using the Encrypt task. Tap the widget to encrypt your files. Notice how you are only asked for the passphrase for the first one, because it is stored until cleared.
The encrypted files will all receive an extension .tec and the original files are deleted.
Create another task called Decrypt or similar, and add Decrypt actions to it to match the encrypt actions you setup previously.
Don't click Clear Key, otherwise you'll have to enter your passphrase for every file (and at the start of encryption).
Now you can use your Encrypt and Decrypt tasks whenever you like. For instance, you could create a profile with a Location Context and run your Decrypt task when entering the location (assign Decrypt as the Enter task) and your Encrypt task when leaving the location (assign Encrypt as the Exit task).
Important: when you use the Decrypt action, it recreates the original file from the encrypted copy, but does not delete the encrypted version.
When you re-encrypt the file, if it has not changed it is simply deleted since we already have an encrypted copy. If it has changed, it is re-encrypted.
The purpose of this method of operation is to:
If you don't wish to double-enter a key when encrypting, you can also use this action before an Encrypt action and not select Confirm.
The default algorithm is "PBEWithMD5And128BitAES-CBC-OpenSSL". PBE stands for password-based encryption, see RFC 2898.
A salt is combined with the passphrase several hundreds of times using the MD5 algorithm to produce a key which is used for the 128-bit (default setting) AES algorithm.
The number of iterations and algorithm can be set in
Menu / Prefs / Action.