Accueil Explorer Aide
Connexion
rootless
/
hugo-encrypt
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Aborescence: ae1eacc5d3
Branches Tags
hugo-encrypt
/
shortcodes
/
hugo-encrypt.html

hugo-encrypt.html 5.0 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140 
  1. {{ $_hugo_config := `{ "version": 1 }` }}
    2. 

  2. 

  3. <hugo-encrypt>
    4. 

  4. 	{{ if .Get 0 }}
    5. 

  5. 		{{- $passphrase := $.Scratch.Set "passphrase" (.Get 0) -}}
    6. 

  6. 	{{ else if .Site.Params.HugoEncrypt.Password }}
    7. 

  7. 		{{- $passphrase := $.Scratch.Set "passphrase" .Site.Params.HugoEncrypt.Password -}}
    8. 

  8. 	{{ else }}
    9. 

  9. 		{{- $passphrase -}}
    10. 

  10. 	{{ end }}
    11. 

  11. 	<p>{{ i18n "protectedByPassword" }}</p>
    12. 

  12. 

  13. 	<div class='hugo-encrypt-form'>
    14. 

  14. 		<input
    15. 

  15. 			class="hugo-encrypt-input"
    16. 

  16. 			id="hugo-encrypt-password"
    17. 

  17. 			placeholder='{{ i18n "enterPassword" }}'
    18. 

  18. 		/>
    19. 

  19. 		<input
    20. 

  20. 			class="hugo-encrypt-button"
    21. 

  21. 			type="button"
    22. 

  22. 			value='{{ i18n "decrypt" }}'
    23. 

  23. 			id="button" onclick="hugoDecrypt(document.getElementById('hugo-encrypt-password').value,'input')"
    24. 

  24. 		/>
    25. 

  25. 		<div id="input-response"></div>
    26. 

  26. 	</div>
    27. 

  27. 	<cipher-text data-password='{{ $.Scratch.Get "passphrase" }}' style="display:none;">
    28. 

  28. 		{{ .Inner }}
    29. 

  29. 	</cipher-text>
    30. 

  30. 	<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/core.js"></script>
    31. 

  31. 	<script src="https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/sha1.js"></script>
    32. 

  32. 	<script>
    33. 

  33. 		let cipher = document.getElementsByTagName("cipher-text")[0];
    34. 

  34. 		const storageKey = location.pathname + "password";
    35. 

  35. 		const userStorage = {{ if .Site.Params.HugoEncrypt.Storage }} window['{{.Site.Params.HugoEncrypt.Storage}}Storage'] {{ else }} localStorage {{ end }};
    36. 

  36. 		/**
    37. 

  37. 		 * Encodes a utf8 string as a byte array.
    38. 

  38. 		 * @param {String} str
    39. 

  39. 		 * @returns {Uint8Array}
    40. 

  40. 		 */
    41. 

  41. 		function str2buf(str) {
    42. 

  42. 			return new TextEncoder("utf-8").encode(str);
    43. 

  43. 		}
    44. 

  44. 		/**
    45. 

  45. 		 * Decodes a byte array as a utf8 string.
    46. 

  46. 		 * @param {Uint8Array} buffer
    47. 

  47. 		 * @returns {String}
    48. 

  48. 		 */
    49. 

  49. 		function buf2str(buffer) {
    50. 

  50. 			return new TextDecoder("utf-8").decode(buffer);
    51. 

  51. 		}
    52. 

  52. 		/**
    53. 

  53. 		 * Decodes a string of hex to a byte array.
    54. 

  54. 		 * @param {String} hexStr
    55. 

  55. 		 * @returns {Uint8Array}
    56. 

  56. 		 */
    57. 

  57. 		function hex2buf(hexStr) {
    58. 

  58. 			return new Uint8Array(hexStr.match(/.{2}/g).map(h => parseInt(h, 16)));
    59. 

  59. 		}
    60. 

  60. 		/**
    61. 

  61. 		 * Given a passphrase, this generates a crypto key
    62. 

  62. 		 * using `PBKDF2` with SHA256 and 1000 iterations.
    63. 

  63. 		 * If no salt is given, a new one is generated.
    64. 

  64. 		 * The return value is an array of `[key, salt]`.
    65. 

  65. 		 * @param {String} passphrase
    66. 

  66. 		 * @param {UInt8Array} salt [salt=random bytes]
    67. 

  67. 		 * @returns {Promise<[CryptoKey,UInt8Array]>}
    68. 

  68. 		 */
    69. 

  69. 		function deriveKey(passphrase, salt) {
    70. 

  70. 			salt = salt || crypto.getRandomValues(new Uint8Array(8));
    71. 

  71. 			return crypto.subtle
    72. 

  72. 				.importKey("raw", str2buf(passphrase), "PBKDF2", false, ["deriveKey"])
    73. 

  73. 				.then(key =>
    74. 

  74. 					crypto.subtle.deriveKey(
    75. 

  75. 						{ name: "PBKDF2", salt, iterations: 1000, hash: "SHA-256" },
    76. 

  76. 						key,
    77. 

  77. 						{ name: "AES-GCM", length: 256 },
    78. 

  78. 						false,
    79. 

  79. 						["encrypt", "decrypt"],
    80. 

  80. 					),
    81. 

  81. 				)
    82. 

  82. 				.then(key => [key, salt]);
    83. 

  83. 		}
    84. 

  84. 		/**
    85. 

  85. 		 * Given a key and ciphertext (in the form of a string) as given by `encrypt`,
    86. 

  86. 		 * this decrypts the ciphertext and returns the original plaintext
    87. 

  87. 		 * @param {String} passphrase
    88. 

  88. 		 * @param {String} saltIvCipherHex
    89. 

  89. 		 * @returns {Promise<String>}
    90. 

  90. 		 */
    91. 

  91. 		function decrypt(passphrase, saltIvCipherHex) {
    92. 

  92. 			const [salt, iv, data] = saltIvCipherHex.split("-").map(hex2buf);
    93. 

  93. 			return deriveKey(passphrase, salt)
    94. 

  94. 				.then(([key]) => crypto.subtle.decrypt({ name: "AES-GCM", iv }, key, data))
    95. 

  95. 				.then(v => buf2str(new Uint8Array(v)));
    96. 

  96. 		}
    97. 

  97. 		/**
    98. 

  98. 		/**
    99. 

  99. 		 * @name:hugoDecrypt
    100. 

  100. 		 * @description: judge the password ,and decrypt post
    101. 

  101. 		 * @param {String} password
    102. 

  102. 		 * @param {String} type
    103. 

  103. 		 */
    104. 

  104. 		const hugoDecrypt = function(password, type) {
    105. 

  105. 				decrypt(password, cipher.innerText).then(function(decrypted_text) {
    106. 

  106. 					/**
    107. 

  107. 					* calculate sha1 of decrypted text and check if it
    108. 

  108. 					* matches the sha1 at the bottom of the decrypted text
    109. 

  109. 					* to get the same hash that was added during encryption we
    110. 

  110. 					* need to remove the last line
    111. 

  111. 					*/
    112. 

  112. 					let hash = CryptoJS.SHA1(decrypted_text.replace(/\r?\n?[^\r\n]*$/, ""));
    113. 

  113. 					let sha1_sum = CryptoJS.enc.Hex.stringify(hash);
    114. 

  114. 

  115. 					if ( decrypted_text.includes(sha1_sum) ) {
    116. 

  116. 						cipher.parentElement.outerHTML = decrypted_text;
    117. 

  117. 						userStorage.setItem(storageKey, password);
    118. 

  118.                         document.getElementById("sha1sum").innerHTML = "Success: " + sha1_sum;
    119. 

  119.                         console.log("Decryption successful. Storing password in {{.Site.Params.HugoEncrypt.Storage}}Storage.");
    120. 

  120. 					}
    121. 

  121. 					}).catch(function(error) {
    122. 

  122.                     if (type === "input") {
    123. 

  123.                         document.getElementById("input-response").innerHTML = "{{ i18n "wrongPassword" }}";
    124. 

  124.                         console.log('{{ i18n "wrongPassword" }}', error);
    125. 

  125.                     } else if (type === "storage") {
    126. 

  126.                         userStorage.removeItem(location.pathname + "password");
    127. 

  127.                         console.log("Password changed. Clearing userStorage.", error);
    128. 

  128.                     }
    129. 

  129.                 });
    130. 

  130. 			};
    131. 

  131. 	</script>
    132. 

  132. 	<script>
    133. 

  133. 		window.onload = () => {
    134. 

  134. 			if (userStorage.getItem(storageKey)) {
    135. 

  135. 				console.log("Found storageKey in userStorage. Attemtping decryption");
    136. 

  136. 				hugoDecrypt(userStorage.getItem(storageKey), "storage");
    137. 

  137. 			}
    138. 

  138. 		};
    139. 

  139. 	</script>
    140. 

  140. </hugo-encrypt>
    141.