geraintluff · April 28, 2015 17:56
diff --git a/index.html b/index.html
 <style>
 body {
 	margin: 0;
 	padding: 0;
 }
 a {
 	display: block;
 }
 </style>
 <div id="drop" style="width: 100%; height: 69%; margin: 0; padding-top: 30%; text-align: center; font-family: Tahoma, sans-serif;">
 	Drop file here
 	
 	<div style="color: #888; margin-top: 1em; position: absolute; text-align: center; width: 100%" id="progress"></div>
 	
 	<div style="margin-top: 3em" id="results"></div>
 </div>

 <script>
 var sha256=function a(b){function c(a,b){return a>>>b|a<<32-b}for(var d,e,f=Math.pow,g=f(2,32),h="length",i="",j=[],k=8*b[h],l=a.h=a.h||[],m=a.k=a.k||[],n=m[h],o={},p=2;64>n;p++)if(!o[p]){for(d=0;313>d;d+=p)o[d]=p;l[n]=f(p,.5)*g|0,m[n++]=f(p,1/3)*g|0}for(b+="\x80";b[h]%64-56;)b+="\x00";for(d=0;d<b[h];d++){if(e=b.charCodeAt(d),e>>8)return;j[d>>2]|=e<<(3-d)%4*8}for(j[j[h]]=k/g|0,j[j[h]]=k,e=0;e<j[h];){var q=j.slice(e,e+=16),r=l;for(l=l.slice(0,8),d=0;64>d;d++){var s=q[d-15],t=q[d-2],u=l[0],v=l[4],w=l[7]+(c(v,6)^c(v,11)^c(v,25))+(v&l[5]^~v&l[6])+m[d]+(q[d]=16>d?q[d]:q[d-16]+(c(s,7)^c(s,18)^s>>>3)+q[d-7]+(c(t,17)^c(t,19)^t>>>10)|0),x=(c(u,2)^c(u,13)^c(u,22))+(u&l[1]^u&l[2]^l[1]&l[2]);l=[w+x|0].concat(l),l[4]=l[4]+w|0}for(d=0;8>d;d++)l[d]=l[d]+r[d]|0}for(d=0;8>d;d++)for(e=3;e+1;e--){var y=l[d]>>8*e&255;i+=String.fromCharCode(y)}return i};

 var hackity = function (key, iv, text) {
 	var result = '';
 	var pos = 0, blockPos = 32, block;
 	var nextCounter = 0;
 	while (result.length < text.length) {
 		if (blockPos > 31) {
 			block = ''; // Use as the counter string
 			while (block.length < 4) {
 				var charCode = (nextCounter>>(block.length*8))&255;
 				block = String.fromCharCode(charCode) + block;
 			}
 			block = sha256(key + block);
 			blockPos = 0;
 			nextCounter++;
 		}
 		var charCode = text.charCodeAt(pos++)^block.charCodeAt(blockPos++);
 		result += String.fromCharCode(charCode);
 	}
 	return result;
 };
 //Minified
 var hackity = function(h,b,c,f){b="";for(var k=0,d=32,a,g=0;b.length<c.length;){if(31<d){for(a="";4>a.length;){var e=g>>8*a.length&255;a=String.fromCharCode(e)+a}a=sha256(h+a);d=0;g++;f&&f(b.length/c.length)}e=c.charCodeAt(k++)^a.charCodeAt(d++);b+=String.fromCharCode(e)}return b};

 function getIv() {
 	// Yeah, not actually secure
 	return sha256(Math.random().toString().substring(2));
 }

 function createPage(key, mediaType, data, progress) {
 	var typeIv = getIv(), dataIv = getIv();
 	
 	var typeEnc = hackity(key, typeIv, mediaType);
 	var dataEnc = hackity(key, dataIv, data, progress);
 	
 	var js = [
 		'document.onclick=function(){',
 			'var k=prompt("Key:");',
 			'if(!k)return;',
 			'setTimeout(function() {',
 				'var h=' + hackity.toString() + ',sha256=' + sha256.toString() + ',',
 				't=h(k,atob(' + JSON.stringify(btoa(typeIv)) + '),atob(' + JSON.stringify(btoa(typeEnc)) + '));',
 				'd=h(k,atob(' + JSON.stringify(btoa(dataIv)) + '),atob(' + JSON.stringify(btoa(dataEnc)) + '));',
 				'a=new Uint8Array(' + dataEnc.length + ');',
 				'for(var i=0;i\<' + dataEnc.length + ';i++)a[i]=d.charCodeAt(i);',
 				'try{',
 					'url=URL.createObjectURL(new Blob([a],{type:t}));',
 					'document.body.innerHTML="\<iframe src=\\""+url+"\\" style=\\"position:fixed;top:0;left:0;width:100%;height:100%;border:none;\\">";',
 				'}catch(e){alert("Decryption failed");}',
 			'});',
 			'document.body.innerHTML="Decrypting";',
 		'};'
 	].join('\n');
 	return '\<!DOCTYPE html>\<html>\<body>Click to decrypt\<script>' + js + '\<\/script>\</body>\</html>';
 }

 function setStatus(message) {
 	document.getElementById('progress').innerHTML = message.replace(/&/g, '&amp;').replace(/</g, '&lt;');
 }

 document.body.ondragover = function (e) {
 	e.preventDefault();
 }
 document.body.ondrop = function (e) {
 	e.preventDefault();
 	
 	var files = e.dataTransfer.files;
 	var file = files.item(0);
 	for (var i = 0; i < files.length; i++) {
 		(function (file) {
 			var reader = new FileReader();
 			reader.onloadend = function () {
 				setStatus('Encrypting ' + file.name);
 				var key = prompt('Key:');
 				if (!key) {
 					setStatus('');
 					return;
 				};
 				var html = createPage(key, file.type, reader.result);
 				var blobUrl = URL.createObjectURL(new Blob([html], {type: 'text/html'}));
 				var resultLink = document.createElement('a');
 				resultLink.href = blobUrl;
 				resultLink.appendChild(document.createTextNode(file.name));
 				document.getElementById('results').appendChild(resultLink);
 				setStatus('');
 			};
 			reader.readAsBinaryString(file);
 		})(files.item(i));
 	}
 		
 	return false;
 };
 /*
 var pngData = atob('iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQMAAAAlPW0iAAAABlBMVEUAAAD///+l2Z/dAAAAM0lEQVR4nGP4/5/h/1+G/58ZDrAz3D/McH8yw83NDDeNGe4Ug9C9zwz3gVLMDA/A6P9/AFGGFyjOXZtQAAAAAElFTkSuQmCC');

 var html = createPage('beep', 'image/png', pngData);
 */
 </script>
	<style>
	body {
	margin: 0;
	padding: 0;
	}
	a {
	display: block;
	}
	</style>
	<div id="drop" style="width: 100%; height: 69%; margin: 0; padding-top: 30%; text-align: center; font-family: Tahoma, sans-serif;">
	Drop file here

	<div style="color: #888; margin-top: 1em; position: absolute; text-align: center; width: 100%" id="progress"></div>

	<div style="margin-top: 3em" id="results"></div>
	</div>

	<script>
	var sha256=function a(b){function c(a,b){return a>>>b\|a<<32-b}for(var d,e,f=Math.pow,g=f(2,32),h="length",i="",j=[],k=8b[h],l=a.h=a.h\|\|[],m=a.k=a.k\|\|[],n=m[h],o={},p=2;64>n;p++)if(!o[p]){for(d=0;313>d;d+=p)o[d]=p;l[n]=f(p,.5)g\|0,m[n++]=f(p,1/3)g\|0}for(b+="\x80";b[h]%64-56;)b+="\x00";for(d=0;d<b[h];d++){if(e=b.charCodeAt(d),e>>8)return;j[d>>2]\|=e<<(3-d)%48}for(j[j[h]]=k/g\|0,j[j[h]]=k,e=0;e<j[h];){var q=j.slice(e,e+=16),r=l;for(l=l.slice(0,8),d=0;64>d;d++){var s=q[d-15],t=q[d-2],u=l[0],v=l[4],w=l[7]+(c(v,6)^c(v,11)^c(v,25))+(v&l[5]^~v&l[6])+m[d]+(q[d]=16>d?q[d]:q[d-16]+(c(s,7)^c(s,18)^s>>>3)+q[d-7]+(c(t,17)^c(t,19)^t>>>10)\|0),x=(c(u,2)^c(u,13)^c(u,22))+(u&l[1]^u&l[2]^l[1]&l[2]);l=[w+x\|0].concat(l),l[4]=l[4]+w\|0}for(d=0;8>d;d++)l[d]=l[d]+r[d]\|0}for(d=0;8>d;d++)for(e=3;e+1;e--){var y=l[d]>>8*e&255;i+=String.fromCharCode(y)}return i};

	var hackity = function (key, iv, text) {
	var result = '';
	var pos = 0, blockPos = 32, block;
	var nextCounter = 0;
	while (result.length < text.length) {
	if (blockPos > 31) {
	block = ''; // Use as the counter string
	while (block.length < 4) {
	var charCode = (nextCounter>>(block.length*8))&255;
	block = String.fromCharCode(charCode) + block;
	}
	block = sha256(key + block);
	blockPos = 0;
	nextCounter++;
	}
	var charCode = text.charCodeAt(pos++)^block.charCodeAt(blockPos++);
	result += String.fromCharCode(charCode);
	}
	return result;
	};
	//Minified
	var hackity = function(h,b,c,f){b="";for(var k=0,d=32,a,g=0;b.length<c.length;){if(31<d){for(a="";4>a.length;){var e=g>>8*a.length&255;a=String.fromCharCode(e)+a}a=sha256(h+a);d=0;g++;f&&f(b.length/c.length)}e=c.charCodeAt(k++)^a.charCodeAt(d++);b+=String.fromCharCode(e)}return b};

	function getIv() {
	// Yeah, not actually secure
	return sha256(Math.random().toString().substring(2));
	}

	function createPage(key, mediaType, data, progress) {
	var typeIv = getIv(), dataIv = getIv();

	var typeEnc = hackity(key, typeIv, mediaType);
	var dataEnc = hackity(key, dataIv, data, progress);

	var js = [
	'document.onclick=function(){',
	'var k=prompt("Key:");',
	'if(!k)return;',
	'setTimeout(function() {',
	'var h=' + hackity.toString() + ',sha256=' + sha256.toString() + ',',
	't=h(k,atob(' + JSON.stringify(btoa(typeIv)) + '),atob(' + JSON.stringify(btoa(typeEnc)) + '));',
	'd=h(k,atob(' + JSON.stringify(btoa(dataIv)) + '),atob(' + JSON.stringify(btoa(dataEnc)) + '));',
	'a=new Uint8Array(' + dataEnc.length + ');',
	'for(var i=0;i\<' + dataEnc.length + ';i++)a[i]=d.charCodeAt(i);',
	'try{',
	'url=URL.createObjectURL(new Blob([a],{type:t}));',
	'document.body.innerHTML="\<iframe src=\\""+url+"\\" style=\\"position:fixed;top:0;left:0;width:100%;height:100%;border:none;\\">";',
	'}catch(e){alert("Decryption failed");}',
	'});',
	'document.body.innerHTML="Decrypting";',
	'};'
	].join('\n');
	return '\<!DOCTYPE html>\<html>\<body>Click to decrypt\<script>' + js + '\<\/script>\</body>\</html>';
	}

	function setStatus(message) {
	document.getElementById('progress').innerHTML = message.replace(/&/g, '&').replace(/</g, '<');
	}

	document.body.ondragover = function (e) {
	e.preventDefault();
	}
	document.body.ondrop = function (e) {
	e.preventDefault();

	var files = e.dataTransfer.files;
	var file = files.item(0);
	for (var i = 0; i < files.length; i++) {
	(function (file) {
	var reader = new FileReader();
	reader.onloadend = function () {
	setStatus('Encrypting ' + file.name);
	var key = prompt('Key:');
	if (!key) {
	setStatus('');
	return;
	};
	var html = createPage(key, file.type, reader.result);
	var blobUrl = URL.createObjectURL(new Blob([html], {type: 'text/html'}));
	var resultLink = document.createElement('a');
	resultLink.href = blobUrl;
	resultLink.appendChild(document.createTextNode(file.name));
	document.getElementById('results').appendChild(resultLink);
	setStatus('');
	};
	reader.readAsBinaryString(file);
	})(files.item(i));
	}

	return false;
	};
	/*
	var pngData = atob('iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAQMAAAAlPW0iAAAABlBMVEUAAAD///+l2Z/dAAAAM0lEQVR4nGP4/5/h/1+G/58ZDrAz3D/McH8yw83NDDeNGe4Ug9C9zwz3gVLMDA/A6P9/AFGGFyjOXZtQAAAAAElFTkSuQmCC');

	var html = createPage('beep', 'image/png', pngData);
	*/
	</script>