I am a new user to the hugo discourse group, but a long time hugo user. Today I went digging for hugo encryption for content and it was quite a journey which finally led me to the writing of this forum post, hoping to get a civil discussions with the community.
I read the contributing guide and I read the disclaimer for the lack of working-hours for maintainers. I understand that hugo is completely free thus nothing is due. I want to thank every developer, maintainer, translator and contributor out there and in this forum for the amazing work. This post is meant not to criticize the work of anybody within this great community, but to start a discussion about a feature discussed in issue #7547 and issue #8969.
TL;DR of the issues is the request for a new template encryption function, which would enable users to encrypt content using a pre-shared-key at hugo “website-generation time”.
Now, I get this is a niche usecase, but I want to point out that a workaround written by another user hugo_encryptor has 114 stars and 24 forks. I know this is small peanuts for the numbers of people hugo is serving, but please hear me out.
To me, it seem very clear that there is a use-case and that there are people needing it and that are already using the former workaround, launching a python script post-hugo and sticking with a bad-suited cryptographic algorithm (AES-CBC).
I want to clarify my use case, which is the same one exposed by github user Lednerb in issue #7547. Quoting:
In my case I’m hacking machines on HackTheBox and want to publish some Write-Ups for machines / challenges. To ensure that only users can read that Write-Up / Walkthrough that have already hacked the machine by themselfs, the content should be encrypted with a password / token / flag / hash that is found when the machine was hacked / the challenge was solved.
One way to provide this would be to upload a password-protected PDF or 7z file for downloading, but after a while the HTB machines get “retired” and the walkthroughs can be published without any protection. In this case, it would be possible to re-publish the content.
Github user moorereason came up with a proposal of a solution in puill request #7605, which after a short discussion with @bep got closed by the author of the pull request itself.
In the pull request @bep asks some important questions, quoting:
I think we need to demonstrate “usefulness” here before we add this. The only type of bugs I’m worried about here is what we’ve seen in Outlook (I think) where they have for some odd reason sent encrypted messages as plain text.
“We have test”, you say.
Yes, but I have seen stranger things happen where people comment out code paths and tests to debug something, then forgets to enable it …
I will try to address the points raised by @bep.
First and foremost, I hope I already demonstrated the “usefulness” (or at least the potential one) in my previous paragraph, thus to share CTF write-ups. I know this is niche, but I am sure that there are many others out there and that adding a tpl function to symmetrically encrypt content will greatly make their day.
Its hard to contest the second point, mistakes are human and I think it is really really hard to write 100% bug-free code. Most of the time code is interacting with other code written by others and runs in a environment in which other programs are running. CPUs have been running in a non-deterministic fashion for the better part of the last half-century. That being said, I think that this argument could be applied to any part of the code-base and it would still apply.
I get that with encryption involved, something important is probably at stake, but limiting the capabilities of software for the fear of possible bugs, without any lead on where those may come from feels… strict.
That being said, I looked into current tpl crypto functions and saw that some (such as HMAC) have changed over time, but I think that is not a big deal and coding a working “bug free” implementation would be trivial.
I hope that this thread is well received from the community, as I already stated it is not meant as a critic but as a possible starting point to talk about this issue, which is very much heartfelt to CTF players
Thanks for your time and attention,