alee/stegasoo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bump version to 4.2.1

Browse Source 
Release highlights:
- API key authentication (X-API-Key header)
- TLS with self-signed certificates
- CLI tools: compress, rotate, convert
- jpegtran lossless JPEG rotation
- AUR packages: stegasoo-cli-git, stegasoo-api-git
- Bug fixes: DCT rotation, jpegtran -trim, CLI output format

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Aaron D. Lee
2026-01-11 18:18:13 -05:00
parent b09f607d34
commit 110b160e68
14 changed files with 111 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

109
RELEASE_NOTES.md
View File

@@ -1,3 +1,86 @@
## Stegasoo v4.2.1
### API Security
#### API Key Authentication
- All protected endpoints now require `X-API-Key` header
- Keys stored hashed (SHA-256) in `~/.stegasoo/api_keys.json`
- Auth disabled when no keys configured (easy onboarding)
- Public endpoints remain open: `/`, `/docs`, `/modes`, `/auth/status`
#### TLS Support
- Self-signed certificates auto-generated on first run
- Certs valid for localhost, all local IPs, hostname.local
- Stored in `~/.stegasoo/certs/`
- CLI: `stegasoo api tls generate` to pre-generate
### CLI Improvements
#### New API Management Commands
```bash
stegasoo api keys list # List API keys
stegasoo api keys create NAME # Create new key (shown once!)
stegasoo api keys delete NAME # Delete key
stegasoo api tls generate # Generate TLS cert
stegasoo api tls info # Show cert info
stegasoo api serve # Start with TLS (default)
```
#### New Image Tools
```bash
stegasoo tools compress IMG -q 75 # JPEG compression
stegasoo tools rotate IMG -r 90 # Rotation (jpegtran for JPEGs)
stegasoo tools rotate IMG --flip-h # Flip-only
stegasoo tools convert IMG -f png # Format conversion
```
### Bug Fixes
- **DCT rotation**: Portrait photos no longer export rotated 90 degrees
- **jpegtran**: Removed `-trim` flag that destroyed DCT stego data
- **CLI encode**: Now outputs JPEG when carrier is JPEG (was always PNG)
- **EXIF viewer**: Redesigned with card-based grid layout
### AUR Packages
Three package options now available:
| Package | Size | Contents |
|---------|------|----------|
| `stegasoo-git` | 79MB | Full (Web UI + API + CLI) |
| `stegasoo-api-git` | 74MB | REST API + CLI only |
| `stegasoo-cli-git` | 68MB | CLI only |
### Quick Start
```bash
# Create API key
stegasoo api keys create mykey
# Start API server (TLS by default)
stegasoo api serve
# Use API
curl -k -H "X-API-Key: stegasoo_xxxx_..." https://localhost:8000/
```
### Raspberry Pi Image
Download `stegasoo-rpi-4.2.1.img.zst` from Releases.
```bash
# Flash (auto-detects SD card)
sudo ./rpi/flash-image.sh stegasoo-rpi-4.2.1.img.zst
```
Default login: `admin` / `stegasoo`
### Docker
```bash
docker-compose -f docker/docker-compose.yml up -d
```
---
## Stegasoo v4.2.0 ## Stegasoo v4.2.0
### Performance Optimizations ### Performance Optimizations
@@ -55,32 +138,8 @@ Major performance improvements for Raspberry Pi and resource-constrained deploym
|--------|--------|--------|-------------| |--------|--------|--------|-------------|
| Decode (1MB) | ~2.6s | ~0.8s | **70% faster** | | Decode (1MB) | ~2.6s | ~0.8s | **70% faster** |
| Peak RAM | 211 MB | 107 MB | **50% less** | | Peak RAM | 211 MB | 107 MB | **50% less** |
| Concurrent API | No | Yes | | | Concurrent API | No | Yes | check |
| QR Compression | zlib | zstd | **~15% smaller** | | QR Compression | zlib | zstd | **~15% smaller** |
### Raspberry Pi Image
Download `stegasoo-rpi-4.2.0_final.img.zst` from Releases.
```bash
# Flash (auto-detects SD card)
sudo ./rpi/flash-image.sh stegasoo-rpi-4.2.0_final.img.zst
# Or manual
zstdcat stegasoo-rpi-4.2.0_final.img.zst | sudo dd of=/dev/sdX bs=4M status=progress
```
Default login: `admin` / `stegasoo`
### Docker
```bash
# Build and run
docker build -f docker/Dockerfile.base -t stegasoo-base:latest .
docker-compose -f docker/docker-compose.yml up -d
# Or individual services
docker-compose -f docker/docker-compose.yml up -d web # Web UI on :5000
docker-compose -f docker/docker-compose.yml up -d api # REST API on :8000
```
### Full Changelog ### Full Changelog
See [CHANGELOG.md](CHANGELOG.md) for complete version history. See [CHANGELOG.md](CHANGELOG.md) for complete version history.

2
aur-cli/PKGBUILD
View File

@@ -29,7 +29,7 @@ sha256sums=('SKIP')
pkgver() { pkgver() {
cd "$pkgname" cd "$pkgname"
git describe --long --tags 2>/dev/null | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g' || \ git describe --long --tags 2>/dev/null | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g' || \
printf "%s.r%s.g%s" "4.2.0" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)" printf "%s.r%s.g%s" "4.2.1" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)"
} }
build() { build() {

2
aur/PKGBUILD
View File

@@ -27,7 +27,7 @@ sha256sums=('SKIP')
pkgver() { pkgver() {
cd "$pkgname" cd "$pkgname"
git describe --long --tags 2>/dev/null | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g' || \ git describe --long --tags 2>/dev/null | sed 's/^v//;s/\([^-]*-g\)/r\1/;s/-/./g' || \
printf "%s.r%s.g%s" "4.2.0" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)" printf "%s.r%s.g%s" "4.2.1" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)"
} }
build() { build() {

2
docker/Dockerfile.base
View File

@@ -54,4 +54,4 @@ RUN python -c "import jpegio; import scipy; import numpy; import zstandard; prin
# Label for tracking # Label for tracking
LABEL org.opencontainers.image.title="Stegasoo Base" LABEL org.opencontainers.image.title="Stegasoo Base"
LABEL org.opencontainers.image.description="Pre-compiled dependencies for Stegasoo" LABEL org.opencontainers.image.description="Pre-compiled dependencies for Stegasoo"
LABEL org.opencontainers.image.version="4.2.0" LABEL org.opencontainers.image.version="4.2.1"

7
frontends/api/main.py
View File

@@ -1,10 +1,15 @@
#!/usr/bin/env python3 #!/usr/bin/env python3
""" """
Stegasoo REST API (v4.2.0) Stegasoo REST API (v4.2.1)
FastAPI-based REST API for steganography operations. FastAPI-based REST API for steganography operations.
Supports both text messages and file embedding. Supports both text messages and file embedding.
CHANGES in v4.2.1:
- API key authentication (X-API-Key header)
- TLS support with self-signed certificates
- /auth/* endpoints for key management
CHANGES in v4.2.0: CHANGES in v4.2.0:
- Async encode/decode operations (run in thread pool) - Async encode/decode operations (run in thread pool)
- Server can handle concurrent requests without blocking - Server can handle concurrent requests without blocking

12
frontends/web/templates/about.html
View File

@@ -340,13 +340,13 @@
<!-- Current Version - Prominent --> <!-- Current Version - Prominent -->
<div class="alert alert-success mb-4"> <div class="alert alert-success mb-4">
<div class="d-flex align-items-center"> <div class="d-flex align-items-center">
<span class="badge bg-success fs-6 me-3">v4.2.0</span> <span class="badge bg-success fs-6 me-3">v4.2.1</span>
<div> <div>
<strong>Performance optimizations:</strong> <strong>Security & API improvements:</strong>
~70% faster decode (vectorized DCT), API key authentication,
50% less RAM (float32), TLS with self-signed certs,
async API endpoints, CLI tools (compress, rotate, convert),
decode progress callbacks jpegtran lossless JPEG rotation
</div> </div>
</div> </div>
</div> </div>

2
pyproject.toml
View File

@@ -4,7 +4,7 @@ build-backend = "hatchling.build"
[project] [project]
name = "stegasoo" name = "stegasoo"
version = "4.2.0" version = "4.2.1"
description = "Secure steganography with hybrid photo + passphrase + PIN authentication" description = "Secure steganography with hybrid photo + passphrase + PIN authentication"
readme = "README.md" readme = "README.md"
license = "MIT" license = "MIT"

4
rpi/BUILD_IMAGE.md
View File

@@ -106,7 +106,7 @@ Remove SD card, insert into your Linux machine:
lsblk lsblk
# Pull image (auto-resizes to 16GB, compresses with zstd) # Pull image (auto-resizes to 16GB, compresses with zstd)
sudo ./rpi/pull-image.sh /dev/sdX stegasoo-rpi-4.2.0.img.zst sudo ./rpi/pull-image.sh /dev/sdX stegasoo-rpi-4.2.1.img.zst
``` ```
The script automatically resizes rootfs to 16GB (for smaller download), preserves auto-expand, and compresses. The script automatically resizes rootfs to 16GB (for smaller download), preserves auto-expand, and compresses.
@@ -173,5 +173,5 @@ curl -k https://localhost:5000
sudo /opt/stegasoo/rpi/sanitize-for-image.sh sudo /opt/stegasoo/rpi/sanitize-for-image.sh
# On host (pull image - auto-resizes to 16GB): # On host (pull image - auto-resizes to 16GB):
sudo ./rpi/pull-image.sh /dev/sdX stegasoo-rpi-4.2.0.img.zst sudo ./rpi/pull-image.sh /dev/sdX stegasoo-rpi-4.2.1.img.zst
``` ```

2
rpi/README.md
View File

@@ -207,7 +207,7 @@ After Pi shuts down, remove SD card and on another Linux machine:
lsblk lsblk
# Pull image (auto-resizes to 16GB, compresses with zstd) # Pull image (auto-resizes to 16GB, compresses with zstd)
sudo ./rpi/pull-image.sh /dev/sdX stegasoo-rpi-4.2.0.img.zst sudo ./rpi/pull-image.sh /dev/sdX stegasoo-rpi-4.2.1.img.zst
``` ```
The `pull-image.sh` script automatically: The `pull-image.sh` script automatically:

6
rpi/flash-image.sh
View File

@@ -80,9 +80,9 @@ if [ -z "$1" ]; then
echo "Supported formats: .img, .img.zst, .img.xz, .img.gz, .img.zst.zip" echo "Supported formats: .img, .img.zst, .img.xz, .img.gz, .img.zst.zip"
echo "" echo ""
echo "Examples:" echo "Examples:"
echo " $0 stegasoo-rpi-4.2.0.img.zst # auto-detect SD card" echo " $0 stegasoo-rpi-4.2.1.img.zst # auto-detect SD card"
echo " $0 stegasoo-rpi-4.2.0.img.zst.zip # from GitHub release" echo " $0 stegasoo-rpi-4.2.1.img.zst.zip # from GitHub release"
echo " $0 stegasoo-rpi-4.2.0.img.zst /dev/sdb # specify device" echo " $0 stegasoo-rpi-4.2.1.img.zst /dev/sdb # specify device"
exit 1 exit 1
fi fi

4
rpi/pull-image.sh
View File

@@ -3,7 +3,7 @@
# Resizes rootfs to 16GB for consistent image size, then pulls # Resizes rootfs to 16GB for consistent image size, then pulls
# #
# Usage: ./pull-image.sh <device> <output.img.zst> # Usage: ./pull-image.sh <device> <output.img.zst>
# Example: ./pull-image.sh /dev/sdb stegasoo-rpi-4.2.0.img.zst # Example: ./pull-image.sh /dev/sdb stegasoo-rpi-4.2.1.img.zst
set -e set -e
@@ -15,7 +15,7 @@ NC='\033[0m'
if [ $# -ne 2 ]; then if [ $# -ne 2 ]; then
echo "Usage: $0 <device> <output.img.zst>" echo "Usage: $0 <device> <output.img.zst>"
echo "Example: $0 /dev/sdb stegasoo-rpi-4.2.0.img.zst" echo "Example: $0 /dev/sdb stegasoo-rpi-4.2.1.img.zst"
exit 1 exit 1
fi fi

2
rpi/setup.sh
View File

@@ -273,7 +273,7 @@ fi
# Pre-built venv tarball (skips pip compile time) # Pre-built venv tarball (skips pip compile time)
PREBUILT_TARBALL="$INSTALL_DIR/rpi/stegasoo-rpi-venv-arm64.tar.zst" PREBUILT_TARBALL="$INSTALL_DIR/rpi/stegasoo-rpi-venv-arm64.tar.zst"
PREBUILT_URL="${PREBUILT_URL:-https://github.com/adlee-was-taken/stegasoo/releases/download/v4.2.0/stegasoo-rpi-venv-arm64.tar.zst}" PREBUILT_URL="${PREBUILT_URL:-https://github.com/adlee-was-taken/stegasoo/releases/download/v4.2.1/stegasoo-rpi-venv-arm64.tar.zst}"
USE_PREBUILT=true USE_PREBUILT=true
# Use local tarball if present, otherwise will download # Use local tarball if present, otherwise will download

2
src/stegasoo/__init__.py
View File

@@ -7,7 +7,7 @@ Changes in v4.0.0:
- encode() and decode() now accept channel_key parameter - encode() and decode() now accept channel_key parameter
""" """
__version__ = "4.2.0" __version__ = "4.2.1"
# Core functionality # Core functionality
# Channel key management (v4.0.0) # Channel key management (v4.0.0)

2
src/stegasoo/constants.py
View File

@@ -31,7 +31,7 @@ from pathlib import Path
# VERSION # VERSION
# ============================================================================ # ============================================================================
__version__ = "4.2.0" __version__ = "4.2.1"
# ============================================================================ # ============================================================================
# FILE FORMAT # FILE FORMAT