stegdoc 1.0.0

package/src/commands/encode.js

@@ -0,0 +1,346 @@
+const path = require('path');
+const fs = require('fs');
+const chalk = require('chalk');
+const ora = require('ora');
+const AdmZip = require('adm-zip');
+const { createDocxWithBase64 } = require('../lib/docx-handler');
+const { createXlsxWithBase64 } = require('../lib/xlsx-handler');
+const { createMetadata, serializeMetadata } = require('../lib/metadata');
+const { generateHash, generateContentHash, parseSizeToBytes, formatBytes, generateFilename } = require('../lib/utils');
+const { encrypt, packEncryptionMeta } = require('../lib/crypto');
+const { compress, isCompressedMime } = require('../lib/compression');
+const { resetTimeWindow } = require('../lib/decoy-generator');
+const { shouldRunInteractive, promptEncodeOptions } = require('../lib/interactive');
+
+/**
+ * Zip a folder into a buffer
+ * @param {string} folderPath - Path to folder
+ * @returns {Buffer} Zip buffer
+ */
+function zipFolder(folderPath) {
+  const zip = new AdmZip();
+  zip.addLocalFolder(folderPath);
+  return zip.toBuffer();
+}
+
+/**
+ * Encode a file to XLSX/DOCX format with optional AES encryption and compression
+ * @param {string} inputFile - Path to input file
+ * @param {object} options - Command options
+ * @param {string} options.outputDir - Output directory
+ * @param {string} options.chunkSize - Chunk size (e.g., "5MB")
+ * @param {string} options.format - Output format ('xlsx' or 'docx')
+ * @param {string} options.password - Encryption password (optional)
+ * @param {boolean} options.force - Overwrite existing files without asking
+ * @param {boolean} options.quiet - Minimal output
+ * @param {boolean} options.yes - Skip interactive prompts, use defaults
+ */
+async function encodeCommand(inputFile, options) {
+  // Check if we should run interactive mode
+  if (shouldRunInteractive(options, 'encode')) {
+    const filename = path.basename(inputFile);
+    console.log(chalk.bold(`\nEncoding: ${filename}`));
+
+    const interactiveOptions = await promptEncodeOptions(filename);
+    options = { ...options, ...interactiveOptions };
+    console.log(); // Add spacing before starting
+  }
+
+  const quiet = options.quiet || false;
+  const spinner = quiet ? { start: () => {}, succeed: () => {}, fail: () => {}, info: () => {}, text: '' } : ora('Starting encoding process...').start();
+  const createdFiles = []; // Track created files for cleanup on failure
+
+  // Reset time window for fresh timestamps in this encode session
+  resetTimeWindow();
+
+  try {
+    // Validate input exists
+    if (!fs.existsSync(inputFile)) {
+      throw new Error(`Path not found: ${inputFile}`);
+    }
+
+    // Check if input is a directory
+    const isDirectory = fs.statSync(inputFile).isDirectory();
+
+    // Determine format (default to xlsx)
+    const format = (options.format || 'xlsx').toLowerCase();
+    if (format !== 'xlsx' && format !== 'docx') {
+      throw new Error('Invalid format. Use "xlsx" or "docx".');
+    }
+
+    const useEncryption = !!options.password;
+
+    // Store chunk input for later processing (after we know content size)
+    const chunkInput = (options.chunkSize || '').toString().trim();
+
+    let fileBuffer;
+    let filename;
+    let extension;
+    let size;
+
+    if (isDirectory) {
+      // Zip the folder
+      spinner.text = 'Zipping folder...';
+      const folderName = path.basename(inputFile);
+      fileBuffer = zipFolder(inputFile);
+      filename = `${folderName}.zip`;
+      extension = '.zip';
+      size = fileBuffer.length;
+      spinner.succeed && spinner.succeed(`Folder zipped: ${folderName}/ → ${formatBytes(size)}`);
+    } else {
+      // Read file as buffer
+      spinner.text = 'Reading file...';
+      fileBuffer = fs.readFileSync(inputFile);
+      filename = path.basename(inputFile);
+      extension = path.extname(inputFile);
+      size = fileBuffer.length;
+      spinner.succeed && spinner.succeed(`File read: ${filename} (${formatBytes(size)})`);
+    }
+
+    // Generate content hash for integrity verification
+    const contentHash = generateContentHash(fileBuffer);
+
+    // Detect if file is already compressed
+    spinner.text = 'Checking file type...';
+    let fileType = null;
+    let useCompression = true;
+
+    try {
+      // file-type is ESM-only, need dynamic import
+      const { fileTypeFromBuffer } = await import('file-type');
+      fileType = await fileTypeFromBuffer(fileBuffer);
+
+      if (fileType && isCompressedMime(fileType.mime)) {
+        useCompression = false;
+        spinner.info && spinner.info(`Skipping compression (${fileType.ext} is already compressed)`);
+      }
+    } catch {
+      // If file-type detection fails, still try compression
+    }
+
+    // Compress if beneficial
+    let processedBuffer = fileBuffer;
+    if (useCompression) {
+      spinner.text = 'Compressing...';
+      const compressedBuffer = await compress(fileBuffer);
+
+      // Only use compression if it actually reduces size
+      if (compressedBuffer.length < fileBuffer.length) {
+        const savedPercent = ((1 - compressedBuffer.length / fileBuffer.length) * 100).toFixed(1);
+        processedBuffer = compressedBuffer;
+        spinner.succeed && spinner.succeed(`Compressed: ${formatBytes(fileBuffer.length)} → ${formatBytes(compressedBuffer.length)} (${savedPercent}% saved)`);
+      } else {
+        useCompression = false;
+        spinner.info && spinner.info('Compression skipped (no size benefit)');
+      }
+    }
+
+    // Convert to base64
+    const base64 = processedBuffer.toString('base64');
+
+    let contentToStore;
+    let encryptionMeta = null;
+
+    if (useEncryption) {
+      spinner.text = 'Encrypting content...';
+
+      // Encrypt the base64 content
+      const { ciphertext, iv, salt, authTag } = encrypt(base64, options.password);
+      encryptionMeta = packEncryptionMeta({ iv, salt, authTag });
+      contentToStore = ciphertext;
+
+      spinner.succeed && spinner.succeed('Content encrypted with AES-256-GCM');
+    } else {
+      contentToStore = base64;
+      spinner.info && spinner.info('No password provided - content will NOT be encrypted');
+    }
+
+    spinner.text = 'Preparing output...';
+
+    // Generate hash for this encoding session
+    const hash = generateHash();
+
+    // Determine output directory
+    const outputDir = options.outputDir || process.cwd();
+
+    // Now parse chunk size (we need content size for "X parts" format)
+    const contentSize = contentToStore.length;
+    const defaultChunkSize = 5 * 1024 * 1024; // 5MB default
+    let chunkSizeBytes;
+    const chunkInputLower = chunkInput.toLowerCase();
+
+    if (chunkInputLower === '0' || chunkInputLower === 'max' || chunkInputLower === 'single' || chunkInputLower === 'none' || chunkInputLower === '') {
+      chunkSizeBytes = Infinity; // No splitting
+    } else if (/^\d+\s*parts?$/i.test(chunkInput)) {
+      // "X parts" format - divide content evenly
+      const numParts = parseInt(chunkInput, 10);
+      if (numParts < 1) {
+        throw new Error('Number of parts must be at least 1');
+      }
+      chunkSizeBytes = Math.ceil(contentSize / numParts);
+      spinner.info && spinner.info(`Splitting into ${numParts} parts (~${formatBytes(chunkSizeBytes)} content each)`);
+    } else if (chunkInput) {
+      chunkSizeBytes = parseSizeToBytes(chunkInput);
+    } else {
+      chunkSizeBytes = defaultChunkSize;
+    }
+
+    // Check if we need to split
+    const needsSplit = contentSize > chunkSizeBytes;
+
+    // Helper to check file exists and handle overwrite
+    const checkOverwrite = (filePath) => {
+      if (fs.existsSync(filePath) && !options.force) {
+        throw new Error(`File already exists: ${filePath}. Use --force to overwrite.`);
+      }
+    };
+
+    if (needsSplit) {
+      // Split into chunks
+      const chunks = [];
+      let offset = 0;
+      while (offset < contentToStore.length) {
+        chunks.push(contentToStore.slice(offset, offset + chunkSizeBytes));
+        offset += chunkSizeBytes;
+      }
+      const totalParts = chunks.length;
+
+      spinner.succeed && spinner.succeed(`File will be split into ${totalParts} parts`);
+
+      // Create output file for each chunk
+      for (let i = 0; i < chunks.length; i++) {
+        const partNumber = i + 1;
+        const partSpinner = quiet ? spinner : ora(`Creating part ${partNumber} of ${totalParts}...`).start();
+
+        const metadata = createMetadata({
+          originalFilename: filename,
+          originalExtension: extension,
+          hash,
+          partNumber,
+          totalParts,
+          originalSize: size,
+          format,
+          encrypted: useEncryption,
+          compressed: useCompression,
+          contentHash,
+        });
+
+        const outputFilename = generateFilename(hash, partNumber, totalParts, format);
+        const outputPath = path.join(outputDir, outputFilename);
+
+        checkOverwrite(outputPath);
+
+        if (format === 'xlsx') {
+          await createXlsxWithBase64({
+            base64Content: chunks[i],
+            encryptionMeta: encryptionMeta || '',
+            metadata: serializeMetadata(metadata),
+            outputPath,
+          });
+        } else {
+          // For DOCX, include encryption meta in the content if encrypted
+          const docxContent = useEncryption
+            ? `${encryptionMeta}|||${chunks[i]}`
+            : chunks[i];
+          await createDocxWithBase64({
+            base64Content: docxContent,
+            metadata,
+            outputPath,
+          });
+        }
+
+        createdFiles.push(outputPath);
+        partSpinner.succeed && partSpinner.succeed(`Created: ${outputFilename} (${formatBytes(chunks[i].length)})`);
+      }
+
+      if (!quiet) {
+        console.log();
+        console.log(chalk.green.bold('✓ Encoding complete!'));
+        console.log(chalk.cyan(`  Format: ${format.toUpperCase()}`));
+        console.log(chalk.cyan(`  Hash: ${hash}`));
+        console.log(chalk.cyan(`  Parts: ${totalParts}`));
+        console.log(chalk.cyan(`  Encrypted: ${useEncryption ? 'Yes' : 'No'}`));
+        console.log(chalk.cyan(`  Compressed: ${useCompression ? 'Yes' : 'No'}`));
+        console.log(chalk.cyan(`  Location: ${outputDir}`));
+        if (useEncryption) {
+          console.log(chalk.yellow(`  Remember your password - it cannot be recovered!`));
+        }
+      }
+    } else {
+      // Single file
+      spinner.text = `Creating ${format.toUpperCase()} file...`;
+
+      const metadata = createMetadata({
+        originalFilename: filename,
+        originalExtension: extension,
+        hash,
+        partNumber: null,
+        totalParts: null,
+        originalSize: size,
+        format,
+        encrypted: useEncryption,
+        compressed: useCompression,
+        contentHash,
+      });
+
+      const outputFilename = generateFilename(hash, null, null, format);
+      const outputPath = path.join(outputDir, outputFilename);
+
+      checkOverwrite(outputPath);
+
+      if (format === 'xlsx') {
+        await createXlsxWithBase64({
+          base64Content: contentToStore,
+          encryptionMeta: encryptionMeta || '',
+          metadata: serializeMetadata(metadata),
+          outputPath,
+        });
+      } else {
+        // For DOCX, include encryption meta in the content if encrypted
+        const docxContent = useEncryption
+          ? `${encryptionMeta}|||${contentToStore}`
+          : contentToStore;
+        await createDocxWithBase64({
+          base64Content: docxContent,
+          metadata,
+          outputPath,
+        });
+      }
+
+      createdFiles.push(outputPath);
+      spinner.succeed && spinner.succeed('Encoding complete!');
+
+      if (!quiet) {
+        console.log();
+        console.log(chalk.green.bold('✓ File encoded successfully!'));
+        console.log(chalk.cyan(`  Format: ${format.toUpperCase()}`));
+        console.log(chalk.cyan(`  Hash: ${hash}`));
+        console.log(chalk.cyan(`  Output: ${outputFilename}`));
+        console.log(chalk.cyan(`  Encrypted: ${useEncryption ? 'Yes' : 'No'}`));
+        console.log(chalk.cyan(`  Compressed: ${useCompression ? 'Yes' : 'No'}`));
+        console.log(chalk.cyan(`  Location: ${outputDir}`));
+        if (useEncryption) {
+          console.log(chalk.yellow(`  Remember your password - it cannot be recovered!`));
+        }
+      }
+    }
+  } catch (error) {
+    spinner.fail && spinner.fail('Encoding failed');
+
+    // Cleanup partially created files
+    for (const file of createdFiles) {
+      try {
+        if (fs.existsSync(file)) {
+          fs.unlinkSync(file);
+        }
+      } catch {
+        // Ignore cleanup errors
+      }
+    }
+
+    console.error(chalk.red(`Error: ${error.message}`));
+    process.exit(1);
+  }
+}
+
+module.exports = encodeCommand;

package/src/commands/info.js

@@ -0,0 +1,113 @@
+const path = require('path');
+const chalk = require('chalk');
+const ora = require('ora');
+const { readDocxBase64 } = require('../lib/docx-handler');
+const { readXlsxBase64 } = require('../lib/xlsx-handler');
+const { validateMetadata, isMultiPart } = require('../lib/metadata');
+const { detectFormat, formatBytes } = require('../lib/utils');
+const { extractContent, findMultiPartFiles } = require('../lib/file-utils');
+
+/**
+ * Show information about an encoded file without decoding
+ * @param {string} inputFile - Path to input file
+ * @param {object} options - Command options
+ */
+async function infoCommand(inputFile, options) {
+  const spinner = ora('Reading file metadata...').start();
+
+  try {
+    // Detect format from extension
+    const format = detectFormat(inputFile);
+    if (!format) {
+      throw new Error('Unknown file format. Supported formats: .xlsx, .docx');
+    }
+
+    // Read file
+    let readResult;
+    if (format === 'xlsx') {
+      readResult = await readXlsxBase64(inputFile);
+    } else {
+      readResult = await readDocxBase64(inputFile);
+    }
+
+    const { encryptionMeta, metadata } = extractContent(readResult, format);
+
+    // Validate metadata
+    validateMetadata(metadata);
+
+    const isEncrypted = metadata.encrypted || (encryptionMeta && encryptionMeta.length > 0);
+    const isCompressed = metadata.compressed || false;
+
+    spinner.succeed('File metadata read successfully');
+    console.log();
+
+    // Display info
+    console.log(chalk.bold.white('File Information:'));
+    console.log(chalk.cyan(`  Format: ${format.toUpperCase()}`));
+    console.log(chalk.cyan(`  Tool version: ${metadata.version || '1.x'}`));
+    console.log();
+
+    console.log(chalk.bold.white('Original File:'));
+    console.log(chalk.cyan(`  Filename: ${metadata.originalFilename}`));
+    console.log(chalk.cyan(`  Extension: ${metadata.originalExtension}`));
+    console.log(chalk.cyan(`  Size: ${formatBytes(metadata.originalSize)}`));
+    console.log();
+
+    console.log(chalk.bold.white('Encoding Options:'));
+    console.log(chalk.cyan(`  Encrypted: ${isEncrypted ? chalk.yellow('Yes') : 'No'}`));
+    console.log(chalk.cyan(`  Compressed: ${isCompressed ? chalk.green('Yes') : 'No'}`));
+    console.log(chalk.cyan(`  Encoded on: ${metadata.encodingDate || 'Unknown'}`));
+
+    if (metadata.contentHash) {
+      console.log(chalk.cyan(`  Content hash: ${metadata.contentHash.slice(0, 16)}...`));
+    }
+    console.log();
+
+    // Multi-part info
+    if (isMultiPart(metadata)) {
+      console.log(chalk.bold.white('Multi-part File:'));
+      console.log(chalk.cyan(`  This is part: ${metadata.partNumber} of ${metadata.totalParts}`));
+      console.log(chalk.cyan(`  Hash: ${metadata.hash}`));
+
+      // Find other parts
+      const inputDir = path.dirname(inputFile);
+      const allParts = findMultiPartFiles(inputDir, metadata.hash, format);
+
+      console.log();
+      console.log(chalk.bold.white('Parts found in directory:'));
+
+      for (let i = 1; i <= metadata.totalParts; i++) {
+        const part = allParts.find(p => p.partNumber === i);
+        if (part) {
+          console.log(chalk.green(`  ✓ Part ${i}: ${part.filename}`));
+        } else {
+          console.log(chalk.red(`  ✗ Part ${i}: MISSING`));
+        }
+      }
+
+      if (allParts.length === metadata.totalParts) {
+        console.log();
+        console.log(chalk.green.bold('All parts found - ready to decode'));
+      } else {
+        console.log();
+        console.log(chalk.yellow.bold(`Missing ${metadata.totalParts - allParts.length} part(s)`));
+      }
+    } else {
+      console.log(chalk.bold.white('Single File:'));
+      console.log(chalk.cyan(`  Hash: ${metadata.hash}`));
+      console.log();
+      console.log(chalk.green.bold('Ready to decode'));
+    }
+
+    if (isEncrypted) {
+      console.log(chalk.yellow('\nNote: Password required for decoding'));
+    }
+
+  } catch (error) {
+    spinner.fail('Failed to read file info');
+    console.error(chalk.red(`Error: ${error.message}`));
+    process.exit(1);
+  }
+}
+
+module.exports = infoCommand;

package/src/commands/verify.js

@@ -0,0 +1,169 @@
+const path = require('path');
+const chalk = require('chalk');
+const ora = require('ora');
+const { readDocxBase64 } = require('../lib/docx-handler');
+const { readXlsxBase64 } = require('../lib/xlsx-handler');
+const { validateMetadata, isMultiPart } = require('../lib/metadata');
+const { detectFormat, formatBytes } = require('../lib/utils');
+const { decrypt, unpackEncryptionMeta } = require('../lib/crypto');
+const { extractContent, findMultiPartFiles } = require('../lib/file-utils');
+
+/**
+ * Verify that a file can be decoded without actually writing output
+ * @param {string} inputFile - Path to input file
+ * @param {object} options - Command options
+ * @param {string} options.password - Decryption password (if encrypted)
+ */
+async function verifyCommand(inputFile, options) {
+  const spinner = ora('Verifying file...').start();
+  const issues = [];
+
+  try {
+    // Detect format from extension
+    const format = detectFormat(inputFile);
+    if (!format) {
+      throw new Error('Unknown file format. Supported formats: .xlsx, .docx');
+    }
+
+    spinner.text = `Reading ${format.toUpperCase()} file...`;
+
+    // Read file
+    let readResult;
+    if (format === 'xlsx') {
+      readResult = await readXlsxBase64(inputFile);
+    } else {
+      readResult = await readDocxBase64(inputFile);
+    }
+
+    const { encryptedContent, encryptionMeta, metadata } = extractContent(readResult, format);
+
+    // Validate metadata
+    try {
+      validateMetadata(metadata);
+      spinner.succeed('Metadata valid');
+    } catch (e) {
+      issues.push(`Metadata: ${e.message}`);
+      spinner.warn('Metadata issues found');
+    }
+
+    const isEncrypted = metadata.encrypted || (encryptionMeta && encryptionMeta.length > 0);
+
+    // Check multi-part
+    if (isMultiPart(metadata)) {
+      spinner.text = 'Checking multi-part files...';
+
+      const inputDir = path.dirname(inputFile);
+      const allParts = findMultiPartFiles(inputDir, metadata.hash, format);
+
+      if (allParts.length !== metadata.totalParts) {
+        const missing = [];
+        const foundParts = new Set(allParts.map(p => p.partNumber));
+
+        for (let i = 1; i <= metadata.totalParts; i++) {
+          if (!foundParts.has(i)) {
+            missing.push(i);
+          }
+        }
+
+        issues.push(`Missing parts: ${missing.join(', ')}`);
+        spinner.warn(`Found ${allParts.length}/${metadata.totalParts} parts`);
+      } else {
+        spinner.succeed(`All ${metadata.totalParts} parts found`);
+      }
+    }
+
+    // Check password for encrypted files
+    if (isEncrypted) {
+      if (!options.password) {
+        issues.push('File is encrypted but no password provided');
+        spinner.warn('Encryption check skipped (no password)');
+      } else {
+        spinner.text = 'Verifying decryption...';
+
+        try {
+          const { iv, salt, authTag } = unpackEncryptionMeta(encryptionMeta);
+
+          // For multi-part files, we need to merge all parts before decryption
+          // AES-GCM requires the complete ciphertext to verify the auth tag
+          let fullContent = encryptedContent;
+
+          if (isMultiPart(metadata)) {
+            const inputDir = path.dirname(inputFile);
+            const allParts = findMultiPartFiles(inputDir, metadata.hash, format);
+
+            if (allParts.length === metadata.totalParts) {
+              // Read and merge all parts
+              const contentParts = [];
+              for (const part of allParts) {
+                let partResult;
+                if (format === 'xlsx') {
+                  partResult = await readXlsxBase64(part.path);
+                } else {
+                  partResult = await readDocxBase64(part.path);
+                }
+                const { encryptedContent: partContent } = extractContent(partResult, format);
+                contentParts.push(partContent);
+              }
+              fullContent = contentParts.join('');
+            }
+          }
+
+          // Decrypt the full content to verify password
+          decrypt(fullContent, options.password, iv, salt, authTag);
+          spinner.succeed('Decryption password valid');
+        } catch (e) {
+          issues.push('Decryption failed - wrong password or corrupted data');
+          spinner.fail('Decryption check failed');
+        }
+      }
+    }
+
+    // Summary
+    console.log();
+
+    if (issues.length === 0) {
+      console.log(chalk.green.bold('✓ File verification passed!'));
+      console.log(chalk.cyan(`  Original file: ${metadata.originalFilename}`));
+      console.log(chalk.cyan(`  Size: ${formatBytes(metadata.originalSize)}`));
+      console.log(chalk.cyan(`  Encrypted: ${isEncrypted ? 'Yes' : 'No'}`));
+      console.log(chalk.cyan(`  Compressed: ${metadata.compressed ? 'Yes' : 'No'}`));
+
+      if (isMultiPart(metadata)) {
+        console.log(chalk.cyan(`  Parts: ${metadata.totalParts}`));
+      }
+
+      console.log();
+      console.log(chalk.green('File is ready to decode.'));
+    } else {
+      console.log(chalk.yellow.bold('⚠ Verification completed with issues:'));
+      console.log();
+
+      for (const issue of issues) {
+        console.log(chalk.yellow(`  • ${issue}`));
+      }
+
+      console.log();
+
+      // Determine if still decodable
+      const hasBlockingIssue = issues.some(i =>
+        i.includes('Missing parts') ||
+        i.includes('Decryption failed') ||
+        i.includes('Metadata')
+      );
+
+      if (hasBlockingIssue) {
+        console.log(chalk.red('File cannot be decoded until issues are resolved.'));
+        process.exit(1);
+      } else {
+        console.log(chalk.yellow('File may still be decodable. Run decode to attempt.'));
+      }
+    }
+
+  } catch (error) {
+    spinner.fail('Verification failed');
+    console.error(chalk.red(`Error: ${error.message}`));
+    process.exit(1);
+  }
+}
+
+module.exports = verifyCommand;