Skip to content
/ htmlvault Public

Encrypt files in self-decrypting html files using libsodium

License

Unknown, MIT licenses found

Licenses found

Unknown
LICENSE
MIT
LICENSE.md
19 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dirkschumacher/htmlvault

BranchesTags

Repository files navigation

lifecycle CRAN status R build status

Embed files in self-decrypting html pages

This package can encrypt arbitrary files such as PDF reports or RMarkdown exports and embed them in an html document that can decrypt itself using libsodium. The resulting html file is fully portable and just requires a browser to be used.

Use at your own risk. Feedback and bug reports very welcome!

Installation

# install.packages("htmlvault") not yet
remotes::install_github("dirkschumacher/htmlvault")

Functions

The package currently has just one function htmlvault_encrypt_file to encrypt files and create a new self-decrypting html file.

Encrypt files

First we load the package and create a random secret with which we encrypt the document:

library(htmlvault)
key <- sodium::random(32)
message(sodium::bin2hex(key))
#> af0ee29b8bf1daa98a83aa50ecab0ba3b958c0d5153f7fa514cfd27c5dfc1ed9

Then we call htmlvault_encrypt_file with the computed key.

htmlvault_encrypt_file(
  path = "devel/example/test.html",
  output_path = "docs/test.encrypted.html",
  key = key
)

It uses the mime package to figure out the MIME type of the input file and thus supports many different file types. Below are two examples encrypting PDF and Word documents.

htmlvault_encrypt_file(
  path = "devel/example/test.pdf",
  output_path = "docs/test.encrypted_pdf.html",
  key = key
)
htmlvault_encrypt_file(
  path = "devel/example/test.docx",
  output_path = "docs/test.encrypted_word.html",
  key = key
)

You can take a look at the exported files here, here and here and use the key printed above to decrypt it.

Inspiration

Inspired and based on the work by @derhuerst on self encrypting html pages.

License

MIT

Security

  • The package uses libsodium for encryption and includes the code to decrypt as javascript in the resulting html file.
  • The security depends on your key strength, the correctness of this package, the sodium R package and the libsodium library.
  • Beware: the current implementation does not encrypt the MIME type of your document. For example, anybody sees that the encrypted document is of type PDF, but the actual content is just accessible after decryption.

Development

In devel/r-encrypted-html-template the code to generate the javascript file is contained. In order to update the template, you have to run the following:

  • In devel/r-encrypted-html-template run npm run build. This creates a new version of the template and copies it to devel/html-template.js. It also creates a file called JSLICENSES.txt that contains all licenses of used node packages.
  • In devel run combine.R. This generates the file report template and copies it to inst/html-template.html. This template is then used within the R package to generate encrypted html files.

About

Encrypt files in self-decrypting html files using libsodium

Resources

Readme

License

Unknown, MIT licenses found

Licenses found

Unknown
LICENSE
MIT
LICENSE.md

Security policy

Security policy
Activity

Stars

19 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages