Embed files in self-decrypting html pages

This package can encrypt arbitrary files such as PDF reports or RMarkdown exports and embed them in an html document that can decrypt itself using libsodium. The resulting html file is fully portable and just requires a browser to be used.

Use at your own risk. Feedback and bug reports very welcome!

Installation

# install.packages("htmlvault") not yet

remotes::install_github("dirkschumacher/htmlvault")

Functions

The package currently has just one function htmlvault_encrypt_file to encrypt files and create a new self-decrypting html file.

Encrypt files

First we load the package and create a random secret with which we encrypt the document:

library(htmlvault)
key <- sodium::random(32)
message(sodium::bin2hex(key))
#> af0ee29b8bf1daa98a83aa50ecab0ba3b958c0d5153f7fa514cfd27c5dfc1ed9

Then we call htmlvault_encrypt_file with the computed key.

htmlvault_encrypt_file(
  path = "devel/example/test.html",
  output_path = "docs/test.encrypted.html",
  key = key
)

It uses the mime package to figure out the MIME type of the input file and thus supports many different file types. Below are two examples encrypting PDF and Word documents.

htmlvault_encrypt_file(
  path = "devel/example/test.pdf",
  output_path = "docs/test.encrypted_pdf.html",
  key = key
)

htmlvault_encrypt_file(
  path = "devel/example/test.docx",
  output_path = "docs/test.encrypted_word.html",
  key = key
)

You can take a look at the exported files here, here and here and use the key printed above to decrypt it.

Inspiration

Inspired and based on the work by @derhuerst on self encrypting html pages.

License

MIT

Security

• The package uses libsodium for encryption and includes the code to decrypt as javascript in the resulting html file.
• The security depends on your key strength, the correctness of this package, the sodium R package and the libsodium library.
• Beware: the current implementation does not encrypt the MIME type of your document. For example, anybody sees that the encrypted document is of type PDF, but the actual content is just accessible after decryption.

Development

In devel/r-encrypted-html-template the code to generate the javascript file is contained. In order to update the template, you have to run the following:

• In devel/r-encrypted-html-template run npm run build. This creates a new version of the template and copies it to devel/html-template.js. It also creates a file called JSLICENSES.txt that contains all licenses of used node packages.
• In devel run combine.R. This generates the file report template and copies it to inst/html-template.html. This template is then used within the R package to generate encrypted html files.