From 82e309d4fb7cc1695d9c97aab0af10138f5783c2 Mon Sep 17 00:00:00 2001
From: Robin Moisson <robin.moisson@gmail.com>
Date: Thu, 28 Dec 2017 12:32:09 +0100
Subject: [PATCH 1/3] update readme for CLI

---
 README.md     | 24 ++++++++++++++++++++++++
 cli/README.md | 42 ++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 66 insertions(+)
 create mode 100644 cli/README.md

diff --git a/README.md b/README.md
index 569c6d6..3a85e0a 100644
--- a/README.md
+++ b/README.md
@@ -18,3 +18,27 @@ AES-256 is state of the art but brute-force/dictionary attacks would be trivial
 
 The concept is simple but this is a side project - not purporting to be bulletproof, feel free to contribute or report any thought to the GitHub project !
 
+## CLI
+
+Staticrypt is available through npm as a CLI, install with `npm install -g staticrypt` and use as follow:
+
+    Usage: staticrypt <input> <password> [options]
+    
+    Options:
+      --help              Show help                                        [boolean]
+      --version           Show version number                              [boolean]
+      -e, --embed         Whether or not to embed crypto-js in the page (or use an
+                          external CDN)                   [boolean] [default: false]
+      -o, --output        File name / path for generated encrypted file
+                                                            [string] [default: null]
+      -t, --title         Title for output HTML page
+                                                [string] [default: "Protected Page"]
+      -i, --instructions  Special instructions to display to the user.
+                                                            [string] [default: null]
+                                                            
+Example usages:
+
+- `staticrypt test.html mysecretpassword` -> creates a `test_encrypted.html` file
+- `find . -type f -name "*.html" -exec staticrypt {} mypassword \;` -> create encrypted files for all HTML files in your directory
+
+Thanks [Aaron Coplan](https://github.com/AaronCoplan) for bringing the CLI to life !
diff --git a/cli/README.md b/cli/README.md
new file mode 100644
index 0000000..fa171b7
--- /dev/null
+++ b/cli/README.md
@@ -0,0 +1,42 @@
+# StatiCrypt
+
+Based on the [crypto-js](https://github.com/brix/crypto-js) library, StatiCrypt uses AES-256 to encrypt your input with your passphrase and put it in a HTML file with a password prompt that can decrypted in-browser (client side).
+
+You can then upload your static html file anywhere and it'll be password protected (see [how it looks](https://robinmoisson.github.io/staticrypt/example.html)).
+
+Obviously, pick a lengthy passphrase !
+
+## HOW IT WORKS
+
+StatiCrypt generates a static, password protected page that can be decrypted in-browser: just send or upload the generated page to a place serving static content (github pages, for example) and you're done: the javascript will prompt users for password, decrypt the page and load your HTML.
+
+StatiCrypt basically encrypts your page and puts everything with a user-friendly way to use a password in the new file. 
+
+AES-256 is state of the art but brute-force/dictionary attacks would be trivial to do at a really fast pace: **use a long, unusual passphrase!**
+
+The concept is simple but this is a side project - if you have extra sensitive banking data you might want to use something else :) 
+
+Feel free to contribute or report any thought to the [GitHub project](https://robinmoisson.github.io/staticrypt) !
+
+## USAGE
+
+Staticrypt is available through npm as a CLI, install with `npm install -g staticrypt` and use as follow:
+
+    Usage: staticrypt <input file> <password> [options]
+    
+    Options:
+      --help              Show help                                        [boolean]
+      --version           Show version number                              [boolean]
+      -e, --embed         Whether or not to embed crypto-js in the page (or use an
+                          external CDN)                   [boolean] [default: false]
+      -o, --output        File name / path for generated encrypted file
+                                                            [string] [default: null]
+      -t, --title         Title for output HTML page
+                                                [string] [default: "Protected Page"]
+      -i, --instructions  Special instructions to display to the user.
+                                                            [string] [default: null]
+                                                            
+Example usages:
+
+- `staticrypt test.html mypassword` -> creates a `test_encrypted.html` file
+- `find . -type f -name "*.html" -exec staticrypt {} mypassword \;` -> create encrypted files for all HTML files in your directory (recursively)

From 983e7fc0f2dd3f8778451a51f316cae70c9fbfa8 Mon Sep 17 00:00:00 2001
From: Robin Moisson <robin.moisson@gmail.com>
Date: Thu, 28 Dec 2017 12:32:27 +0100
Subject: [PATCH 2/3] refactor cli argument parsing

---
 cli/index.js | 52 ++++++++++++++++++++++++++++++++++------------------
 1 file changed, 34 insertions(+), 18 deletions(-)

diff --git a/cli/index.js b/cli/index.js
index e79f7f6..59e7061 100755
--- a/cli/index.js
+++ b/cli/index.js
@@ -34,11 +34,11 @@ const namedArgs = Yargs
           alias: 'instructions',
           type: 'string',
           describe: 'Special instructions to display to the user.',
-          default: null
+          default: ''
       })
       .argv;
 
-if(namedArgs._.length != 2){
+if(namedArgs._.length !== 2){
     Yargs.showHelp();
     process.exit(1);
 }
@@ -53,32 +53,41 @@ try{
     process.exit(1);
 }
 
+// encrypt input
 var encrypted = CryptoJS.AES.encrypt(contents, password);
 var hmac = CryptoJS.HmacSHA256(encrypted.toString(), CryptoJS.SHA256(password).toString()).toString();
 var encryptedMessage = hmac + encrypted;
 
-var data = {
-    title: namedArgs.title != null ? namedArgs.title : "Protected Page",
-    instructions: namedArgs.instructions != null ? namedArgs.instructions : "",
-    encrypted: encryptedMessage,
-    crypto_tag: SCRIPT_TAG,
-    embed: namedArgs.embed != null ? namedArgs.embed : false,
-    outputFilePath: namedArgs.output != null ? namedArgs.output : input.replace(/\.html$/, '') + "_encrypted.html"
-};
-
-if(data.embed){
-    try{
+// create crypto-js tag (embedded or not)
+var cryptoTag = SCRIPT_TAG;
+if (namedArgs.embed) {
+    try {
         var embedContents = FileSystem.readFileSync('crypto-js.min.js', 'utf8');
-        data["crypto_tag"] = '<script>' + embedContents + '</script>';
-        genFile(data);
-    }catch(e){
+    } catch(e) {
         console.log("Failure: embed file does not exist!");
         process.exit(1);
     }
-}else{
-    genFile(data);
+    cryptoTag = '<script>' + embedContents + '</script>';
 }
 
+
+var data = {
+    title: namedArgs.title,
+    instructions: namedArgs.instructions,
+    encrypted: encryptedMessage,
+    crypto_tag: cryptoTag,
+    embed: namedArgs.embed,
+    outputFilePath: namedArgs.output !== null ? namedArgs.output : input.replace(/\.html$/, '') + "_encrypted.html"
+};
+
+genFile(data);
+
+
+/**
+ * Fill the template with provided data and writes it to output file.
+ *
+ * @param data
+ */
 function genFile(data){
     try{
         var templateContents = FileSystem.readFileSync(__dirname + '/password_template.html', 'utf8');
@@ -97,6 +106,13 @@ function genFile(data){
     }
 }
 
+/**
+ * Replace the placeholder tags (between '{tag}') in 'tpl' string with provided data.
+ *
+ * @param tpl
+ * @param data
+ * @returns string
+ */
 function render(tpl, data){
     return tpl.replace(/{(.*?)}/g, function (_, key) {
         return data && data[key] || '';

From cbd521b276f292b49b7fa8a6451c8470f08f41a6 Mon Sep 17 00:00:00 2001
From: Robin Moisson <robin.moisson@gmail.com>
Date: Thu, 28 Dec 2017 12:32:47 +0100
Subject: [PATCH 3/3] update cli/package.json

---
 cli/package.json | 49 +++++++++++++++++++++++++++++++++++-------------
 1 file changed, 36 insertions(+), 13 deletions(-)

diff --git a/cli/package.json b/cli/package.json
index c448372..46244d0 100644
--- a/cli/package.json
+++ b/cli/package.json
@@ -1,15 +1,38 @@
 {
-    "name": "staticrypt-cli",
-    "version": "1.0.0",
-    "description": "",
-    "main": "index.js",
-    "bin": {
-        "staticrypt": "./index.js"
-    },
-    "dependencies": {
-        "crypto-js": ">=3.1.9-1",
-        "yargs": ">=10.0.3"
-    },
-    "author": "Aaron Coplan",
-    "license": "MIT"
+  "name": "staticrypt",
+  "version": "1.0.0",
+  "description": "Based on the [crypto-js](https://github.com/brix/crypto-js) library, StatiCrypt uses AES-256 to encrypt your input with your passphrase and put it in a HTML file with a password prompt that can decrypted in-browser (client side).",
+  "main": "index.js",
+  "bin": {
+    "staticrypt": "./index.js"
+  },
+  "dependencies": {
+    "crypto-js": ">=3.1.9-1",
+    "yargs": ">=10.0.3"
+  },
+  "author": "Robin Moisson (https://github.com/robinmoisson)",
+  "contributors": [
+    "Aaron Coplan (https://github.com/AaronCoplan)"
+  ],
+  "license": "MIT",
+  "devDependencies": {},
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/robinmoisson/staticrypt.git"
+  },
+  "keywords": [
+    "static",
+    "html",
+    "password",
+    "protected",
+    "encrypted",
+    "encryption"
+  ],
+  "bugs": {
+    "url": "https://github.com/robinmoisson/staticrypt/issues"
+  },
+  "homepage": "https://github.com/robinmoisson/staticrypt#readme"
 }