diff --git a/frontends/web/app.py b/frontends/web/app.py index 9cfc79b..41e5cba 100644 --- a/frontends/web/app.py +++ b/frontends/web/app.py @@ -76,7 +76,7 @@ from stegasoo.qr_utils import ( app = Flask(__name__) app.secret_key = secrets.token_hex(32) -app.config['MAX_CONTENT_LENGTH'] = MAX_FILE_SIZE # 10MB max upload +app.config['MAX_CONTENT_LENGTH'] = MAX_FILE_SIZE # 20MB max upload # Temporary file storage for sharing (file_id -> {data, timestamp, filename}) TEMP_FILES: dict[str, dict] = {} @@ -101,9 +101,7 @@ try: print(f"Current MAX_FILE_SIZE from constants: {MAX_FILE_SIZE}") print(f"Current MAX_FILE_PAYLOAD_SIZE: {MAX_FILE_PAYLOAD_SIZE}") - # Try to increase payload size limit (in bytes) - # 15MB should be enough for 7.6MB files with overhead - DESIRED_PAYLOAD_SIZE = 15 * 1024 * 1024 # 15MB + DESIRED_PAYLOAD_SIZE = 2 * 1024 * 1024 # 2MB # Note: You might need to patch the stegasoo module # if MAX_FILE_PAYLOAD_SIZE is used internally diff --git a/frontends/web/templates/about.html b/frontends/web/templates/about.html index c275f0e..bb1f517 100644 --- a/frontends/web/templates/about.html +++ b/frontends/web/templates/about.html @@ -21,19 +21,23 @@ @@ -41,19 +45,23 @@ @@ -172,6 +180,135 @@ + +
+
+
REST API
+
+
+

+ FastAPI + Stegasoo includes a complete REST API built with FastAPI, featuring automatic documentation, + type validation, and comprehensive error handling. +

+ +
API Endpoints
+
+
+
    +
  • POST /generate – Generate credentials
    • +
  • POST /encode – Encode text message (JSON)
    • +
  • POST /encode/file – Encode binary file (JSON)
    • +
  • POST /encode/multipart – Encode with file uploads
    • +
  • POST /decode – Decode message (JSON)
    • +
+
+
+
    +
  • POST /decode/multipart – Decode with file uploads
    • +
  • POST /extract-key-from-qr – Extract RSA key from QR
    • +
  • POST /image/info – Get image capacity
    • +
  • GET / – API status and capabilities
    • +
+
+
+ +
JSON API Examples
+ 
// Generate credentials
+curl -X POST "http://localhost:8000/generate" \
+  -H "Content-Type: application/json" \
+  -d '{"use_pin": true, "use_rsa": false, "pin_length": 6, "words_per_phrase": 3}'
+
+// Encode text message
+curl -X POST "http://localhost:8000/encode" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "message": "secret message",
+    "reference_photo_base64": "BASE64_ENCODED_PHOTO",
+    "carrier_image_base64": "BASE64_ENCODED_IMAGE",
+    "day_phrase": "apple forest thunder",
+    "pin": "123456"
+  }'
+
+// Encode file (base64)
+curl -X POST "http://localhost:8000/encode/file" \
+  -H "Content-Type: application/json" \
+  -d '{
+    "file_data_base64": "BASE64_ENCODED_FILE",
+    "filename": "document.pdf",
+    "reference_photo_base64": "BASE64_ENCODED_PHOTO",
+    "carrier_image_base64": "BASE64_ENCODED_IMAGE",
+    "day_phrase": "apple forest thunder",
+    "pin": "123456"
+  }'
+ +
Multipart API Examples
+ 
# Encode text with file uploads
+curl -X POST "http://localhost:8000/encode/multipart" \
+  -F "day_phrase=apple forest thunder" \
+  -F "pin=123456" \
+  -F "reference_photo=@photo.jpg" \
+  -F "carrier=@carrier.png" \
+  -F "message=secret" \
+  --output stego.png
+
+# Encode file with QR code key
+curl -X POST "http://localhost:8000/encode/multipart" \
+  -F "day_phrase=apple forest thunder" \
+  -F "pin=123456" \
+  -F "reference_photo=@photo.jpg" \
+  -F "carrier=@carrier.png" \
+  -F "payload_file=@document.pdf" \
+  -F "rsa_key_qr=@keyqr.png" \
+  --output stego.png
+
+# Decode with file uploads
+curl -X POST "http://localhost:8000/decode/multipart" \
+  -F "day_phrase=apple forest thunder" \
+  -F "pin=123456" \
+  -F "reference_photo=@photo.jpg" \
+  -F "stego_image=@stego.png" \
+  --output result.json
+ +
QR Code Support
+

+ The API can extract RSA keys from QR code images. QR code reading requires + pyzbar and libzbar system library. +

+ 
# Extract key from QR code
+curl -X POST "http://localhost:8000/extract-key-from-qr" \
+  -F "qr_image=@keyqr.png"
+ +
+ + Interactive Documentation: When running the API server, visit + /docs for Swagger UI or /redoc for ReDoc documentation. + All endpoints include detailed schemas and example requests. +
+ +
Command Line Interface
+

+ Stegasoo also includes a full-featured CLI. Install with pip install stegasoo[cli] + or see the CLI documentation for complete usage. +

+ 
# CLI Examples
+stegasoo generate --pin --words 3
+stegasoo encode -r photo.jpg -c meme.png -p "phrase" --pin 123456 -m "secret"
+stegasoo decode -r photo.jpg -s stego.png -p "phrase" --pin 123456
+stegasoo info image.png
+ +

+ API version: {{ version }} • + + {% if has_argon2 %}Argon2 Available{% else %}PBKDF2 Fallback{% endif %} + + + {% if has_qrcode_read %}QR Reading Available{% else %}QR Reading Not Available{% endif %} + +

+
+
+
Usage Guide
@@ -250,7 +387,7 @@
-
+
Limits & Specifications
@@ -259,7 +396,7 @@ Max text message - 250,000 characters (~250 KB) + 2 million characters (~2 MB) Max file payload @@ -267,11 +404,11 @@ Max carrier image - 16 megapixels (~4000×4000) + 16 megapixels (~6000×4000) Max upload size - 10 MB + 30 MB Temp file expiry @@ -289,61 +426,24 @@ Phrase length 3-12 words (BIP-39 wordlist) + + API documentation + /docs (Swagger) and /redoc + + + QR code support + RSA key encoding/extraction (up to 3072 bit keys) +
-
-
-
CLI & API
-
-
-

Stegasoo is also available as a command-line tool and REST API:

- -
Command Line
- 
# Generate credentials
-stegasoo generate --pin --rsa
-
-# Encode a text message
-stegasoo encode -r photo.jpg -c meme.png -p "apple forest thunder" --pin 123456 -m "secret"
-
-# Encode a file
-stegasoo encode -r photo.jpg -c meme.png -p "apple forest thunder" --pin 123456 -e document.pdf
-
-# Decode (auto-detects text vs file)
-stegasoo decode -r photo.jpg -s stego.png -p "apple forest thunder" --pin 123456
- -
REST API
- 
# Encode with multipart upload
-curl -X POST http://localhost:8000/encode/multipart \
-  -F "reference_photo=@photo.jpg" \
-  -F "carrier=@meme.png" \
-  -F "message=secret" \
-  -F "day_phrase=apple forest thunder" \
-  -F "pin=123456" \
-  --output stego.png
-
-# Encode a file
-curl -X POST http://localhost:8000/encode/multipart \
-  -F "reference_photo=@photo.jpg" \
-  -F "carrier=@meme.png" \
-  -F "payload_file=@document.pdf" \
-  -F "day_phrase=apple forest thunder" \
-  -F "pin=123456" \
-  --output stego.png
- -

- API documentation available at /docs (Swagger) or /redoc when running the API server. -

-
-
-

Stegasoo v2.1.0 • Open Source • - Built with Python, Flask, and cryptography + Built with Python, FastAPI, and cryptography

diff --git a/frontends/web/templates/base.html b/frontends/web/templates/base.html index 190c289..88c33ea 100644 --- a/frontends/web/templates/base.html +++ b/frontends/web/templates/base.html @@ -63,7 +63,7 @@
- Stegasoo v2.1.0 — Hybrid Photo + Day-Phrase + PIN Steganography + Stegasoo v2.1.3 — Hybrid Photo + Day-Phrase + PIN Steganography
diff --git a/frontends/web/templates/index.html b/frontends/web/templates/index.html index 91416f1..d979c1a 100644 --- a/frontends/web/templates/index.html +++ b/frontends/web/templates/index.html @@ -20,7 +20,7 @@
Encode Message

- Hide your secret message inside an innocent-looking image using your daily phrase + PIN. + Hide and enrypt secret data in an image like a photo or meme.

@@ -37,7 +37,7 @@
Decode Message

- Extract and decrypt hidden messages from Stegasoo-encoded images using your credentials. + Extract and decrypt data from Stegasoo-encoded images

@@ -54,7 +54,7 @@
Generate Keys

- Create your weekly phrase card and PIN. Memorize 21 words + 6 digits for maximum security. + Create weekly phrase card with PIN and/or RSA key.

@@ -77,17 +77,25 @@
  • - Day Phrase — 3 words, different each day of the week + Day Phrase — 3 to 12 words, one each day of the week +
    • +
  • + + RSA Key — 2048, 3072, or 4096 bit, password protected PEM or printable QR code.
  • - Static PIN — 6 digits, same every day + Static PIN — 6-9 digits, same every day
    • Security Features
    -{% endblock %} \ No newline at end of file +{% endblock %}