[Request]: Be able to specify the amount of rounds for encryption/decryption.

[dillfrescott]

This way, one could have control over how secure against bruteforce attacks the generated page is!

[Greenheart]

I agree. This would make it possible to adjust the settings based on your threat model.

Feel free to create a PR implementing this, and I'll help get it ready for release :)

Edit: Here are some quick thoughts to guide an implementation:

In the decrypt script, we could move the hard coded iteration count to instead reference a constant. https://github.com/Greenheart/pagecrypt/blob/main/web/decrypt.ts#L128-L129

This constant could be added via a string replacement similar to how encryptHTML() does it: https://github.com/Greenheart/pagecrypt/blob/main/src/core.ts#L50-L66.

It's very important that the iterations match in both the encryption script and the decryption.

Then the iteration count also would have a default (maybe keep it at 2e6) if nothing was passed into the encryptHTML() function.

Also, the CLI needs to be updated to accept this setting too.

[dillfrescott]

I apologize I do not know how to implement this feature myself. Maybe someone will see this and add it though!

[Greenheart]

This is now implemented in pagecrypt@6.0.0 :smile:

https://www.npmjs.com/package/pagecrypt