mirror
/
staticrypt
kopia lustrzana https://github.com/robinmoisson/staticrypt
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność
StatiCrypt uses AES-256 to encrypt your HTML file with your passphrase and return a static page
58 Commity
4 Gałęzie
19 Tagi
1,1 MiB
HTML 73.5%
JavaScript 26.2%
Shell 0.3%
 
 
 
Go to file
Robin Moisson d63176bce4 add option to use custom password template file, close #102 2018-01-12 19:06:16 -04:00
cli add option to use custom password template file, close #102 2018-01-12 19:06:16 -04:00
.gitignore Initial setup for cli. 2017-12-14 16:47:19 -05:00
LICENSE
README.md add option to use custom password template file, close #102 2018-01-12 19:06:16 -04:00
example.html call toString on SHA256 in HMAC gen. for external tool compat. closes #98 2017-09-29 12:36:38 +02:00
index.html Merge pull request #99 from AaronCoplan/staticrypt-cli 2017-12-28 11:53:26 +01:00
password_template.html call toString on SHA256 in HMAC gen. for external tool compat. closes #98 2017-09-29 12:36:38 +02:00

README.md

StatiCrypt

Based on the crypto-js library, StatiCrypt uses AES-256 to encrypt your string with your passphrase in your browser (client side).

Download your encrypted string in a HTML page with a password prompt you can upload anywhere (see example).

You can encrypt a file online at https://robinmoisson.github.io/staticrypt.

HOW IT WORKS

StatiCrypt generates a static, password protected page that can be decrypted in-browser: just send or upload the generated page to a place serving static content (github pages, for example) and you're done: the javascript will prompt users for password, decrypt the page and load your HTML.

Disclaimer TL;DR: if you have extra sensitive banking data you should probably use something else :)

StatiCrypt basically encrypts your page and puts everything with a user-friendly way to use a password in the new file.

AES-256 is state of the art but brute-force/dictionary attacks would be trivial to do at a really fast pace: use a long, unusual passphrase.

The concept is simple and should work ok but I am not a cryptographer, feel free to contribute or report any thought to the GitHub project !

CLI

Staticrypt is available through npm as a CLI, install with npm install -g staticrypt and use as follow:

Usage: staticrypt <filename> <passphrase> [options]

Options:
  --help               Show help                                       [boolean]
  --version            Show version number                             [boolean]
  -e, --embed          Whether or not to embed crypto-js in the page (or use an
                       external CDN)                  [boolean] [default: false]
  -o, --output         File name / path for generated encrypted file
                                                        [string] [default: null]
  -t, --title          Title for output HTML page
                                            [string] [default: "Protected Page"]
  -i, --instructions   Special instructions to display to the user.
                                                        [string] [default: null]
  -f, --file-template  Path to custom HTML template with password prompt.
               [string] [default: "[...]/cli/password_template.html"]

Example usages:

  • staticrypt test.html mysecretpassword -> creates a test_encrypted.html file
  • find . -type f -name "*.html" -exec staticrypt {} mypassword \; -> create encrypted files for all HTML files in your directory

You can use a custom template for the password prompt - just copy cli/password_template.html and modify it to suit your presentation style and point to your template file with the -f flag. Be careful to not break the encrypting javascript part, the variables replace by staticrypt are between curly brackets: {instructions}.

Thanks Aaron Coplan for bringing the CLI to life !