Merge pull request #101 from robinmoisson/cli

Update CLI doc & info for publication on npm
2018-01-04 21:21:12 +01:00 · 2018-01-04 21:21:12 +01:00 · 3d96b573f8
commit 3d96b573f8
--- a/README.md
+++ b/README.md
@ -18,3 +18,27 @@ AES-256 is state of the art but brute-force/dictionary attacks would be trivial
 The concept is simple but this is a side project - not purporting to be bulletproof, feel free to contribute or report any thought to the GitHub project !
 ## CLI
 Staticrypt is available through npm as a CLI, install with `npm install -g staticrypt` and use as follow:
    Usage: staticrypt <input> <password> [options]
    Options:
      --help              Show help                                        [boolean]
      --version           Show version number                              [boolean]
      -e, --embed         Whether or not to embed crypto-js in the page (or use an
                          external CDN)                   [boolean] [default: false]
      -o, --output        File name / path for generated encrypted file
                                                            [string] [default: null]
      -t, --title         Title for output HTML page
                                                [string] [default: "Protected Page"]
      -i, --instructions  Special instructions to display to the user.
                                                            [string] [default: null]
 Example usages:
 - `staticrypt test.html mysecretpassword` -> creates a `test_encrypted.html` file
 - `find . -type f -name "*.html" -exec staticrypt {} mypassword \;` -> create encrypted files for all HTML files in your directory
 Thanks [Aaron Coplan](https://github.com/AaronCoplan) for bringing the CLI to life !
--- a/cli/README.md
+++ b/cli/README.md
@ -0,0 +1,42 @@
 # StatiCrypt
 Based on the [crypto-js](https://github.com/brix/crypto-js) library, StatiCrypt uses AES-256 to encrypt your input with your passphrase and put it in a HTML file with a password prompt that can decrypted in-browser (client side).
 You can then upload your static html file anywhere and it'll be password protected (see [how it looks](https://robinmoisson.github.io/staticrypt/example.html)).
 Obviously, pick a lengthy passphrase !
 ## HOW IT WORKS
 StatiCrypt generates a static, password protected page that can be decrypted in-browser: just send or upload the generated page to a place serving static content (github pages, for example) and you're done: the javascript will prompt users for password, decrypt the page and load your HTML.
 StatiCrypt basically encrypts your page and puts everything with a user-friendly way to use a password in the new file. 
 AES-256 is state of the art but brute-force/dictionary attacks would be trivial to do at a really fast pace: **use a long, unusual passphrase!**
 The concept is simple but this is a side project - if you have extra sensitive banking data you might want to use something else :) 
 Feel free to contribute or report any thought to the [GitHub project](https://robinmoisson.github.io/staticrypt) !
 ## USAGE
 Staticrypt is available through npm as a CLI, install with `npm install -g staticrypt` and use as follow:
    Usage: staticrypt <input file> <password> [options]
    Options:
      --help              Show help                                        [boolean]
      --version           Show version number                              [boolean]
      -e, --embed         Whether or not to embed crypto-js in the page (or use an
                          external CDN)                   [boolean] [default: false]
      -o, --output        File name / path for generated encrypted file
                                                            [string] [default: null]
      -t, --title         Title for output HTML page
                                                [string] [default: "Protected Page"]
      -i, --instructions  Special instructions to display to the user.
                                                            [string] [default: null]
 Example usages:
 - `staticrypt test.html mypassword` -> creates a `test_encrypted.html` file
 - `find . -type f -name "*.html" -exec staticrypt {} mypassword \;` -> create encrypted files for all HTML files in your directory (recursively)
--- a/cli/index.js
+++ b/cli/index.js
@ -34,11 +34,11 @@ const namedArgs = Yargs
          alias: 'instructions',
          type: 'string',
          describe: 'Special instructions to display to the user.',
-          default: null
+          default: ''
      })
      .argv;
-if(namedArgs._.length != 2){
+if(namedArgs._.length !== 2){
    Yargs.showHelp();
    process.exit(1);
 }
@ -53,32 +53,41 @@ try{
    process.exit(1);
 }
 // encrypt input
 var encrypted = CryptoJS.AES.encrypt(contents, password);
 var hmac = CryptoJS.HmacSHA256(encrypted.toString(), CryptoJS.SHA256(password).toString()).toString();
 var encryptedMessage = hmac + encrypted;
-var data = {
+// create crypto-js tag (embedded or not)
-    title: namedArgs.title != null ? namedArgs.title : "Protected Page",
+var cryptoTag = SCRIPT_TAG;
-    instructions: namedArgs.instructions != null ? namedArgs.instructions : "",
+if (namedArgs.embed) {
-    encrypted: encryptedMessage,
+    try {
    crypto_tag: SCRIPT_TAG,
    embed: namedArgs.embed != null ? namedArgs.embed : false,
    outputFilePath: namedArgs.output != null ? namedArgs.output : input.replace(/\.html$/, '') + "_encrypted.html"
 };
 if(data.embed){
    try{
        var embedContents = FileSystem.readFileSync('crypto-js.min.js', 'utf8');
-        data["crypto_tag"] = '<script>' + embedContents + '</script>';
+    } catch(e) {
        genFile(data);
    }catch(e){
        console.log("Failure: embed file does not exist!");
        process.exit(1);
    }
-}else{
+    cryptoTag = '<script>' + embedContents + '</script>';
    genFile(data);
 }
 var data = {
    title: namedArgs.title,
    instructions: namedArgs.instructions,
    encrypted: encryptedMessage,
    crypto_tag: cryptoTag,
    embed: namedArgs.embed,
    outputFilePath: namedArgs.output !== null ? namedArgs.output : input.replace(/\.html$/, '') + "_encrypted.html"
 };
 genFile(data);
 /**
 * Fill the template with provided data and writes it to output file.
 *
 * @param data
 */
 function genFile(data){
    try{
        var templateContents = FileSystem.readFileSync(__dirname + '/password_template.html', 'utf8');
@ -97,6 +106,13 @@ function genFile(data){
    }
 }
 /**
 * Replace the placeholder tags (between '{tag}') in 'tpl' string with provided data.
 *
 * @param tpl
 * @param data
 * @returns string
 */
 function render(tpl, data){
    return tpl.replace(/{(.*?)}/g, function (_, key) {
        return data && data[key] || '';
--- a/cli/package.json
+++ b/cli/package.json
@ -1,7 +1,7 @@
 {
-    "name": "staticrypt-cli",
+  "name": "staticrypt",
  "version": "1.0.0",
-    "description": "",
+  "description": "Based on the [crypto-js](https://github.com/brix/crypto-js) library, StatiCrypt uses AES-256 to encrypt your input with your passphrase and put it in a HTML file with a password prompt that can decrypted in-browser (client side).",
  "main": "index.js",
  "bin": {
    "staticrypt": "./index.js"
@ -10,6 +10,29 @@
    "crypto-js": ">=3.1.9-1",
    "yargs": ">=10.0.3"
  },
-    "author": "Aaron Coplan",
+  "author": "Robin Moisson (https://github.com/robinmoisson)",
-    "license": "MIT"
+  "contributors": [
    "Aaron Coplan (https://github.com/AaronCoplan)"
  ],
  "license": "MIT",
  "devDependencies": {},
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1"
  },
  "repository": {
    "type": "git",
    "url": "git+https://github.com/robinmoisson/staticrypt.git"
  },
  "keywords": [
    "static",
    "html",
    "password",
    "protected",
    "encrypted",
    "encryption"
  ],
  "bugs": {
    "url": "https://github.com/robinmoisson/staticrypt/issues"
  },
  "homepage": "https://github.com/robinmoisson/staticrypt#readme"
 }