diff --git a/ReadMe.md b/ReadMe.md index 76b7e80..2ac3036 100644 --- a/ReadMe.md +++ b/ReadMe.md @@ -32,7 +32,7 @@ ## Online demo -- See [Demo Page](https://mhexo.github.io/example-site/2018/06/25/encrypt-test/), **all passwords are `123`**. +- See [Demo Page](https://mhexo.github.io/example-site/2018/06/25/encrypt-test/), **all passwords are `hello`**. ## Install @@ -90,7 +90,7 @@ wrong_hash_message: Oh, these decrypted content cannot be verified, but you can encrypt: # hexo-blog-encrypt abstract: Here's something encrypted, password is required to continue reading. prompt: Hey, password is required here. - tags: + tags: - {name: encryptAsDiary, password: passwordA} - {name: encryptAsTips, password: passwordB} template:
@@ -103,10 +103,32 @@ encrypt: # hexo-blog-encrypt post's front matter > `_config.yml` (in the root directory) > default +### Encrypt TOC + +If you has a post with TOC, you should change the code of template. Use the default theme 'landscape' as an example: + ++ You should find the article.ejs file which is located in hexo/themes/landscape/layout/_partial/article.ejs. ++ Find the code like <% post.content %>, which is usually at line 30. ++ Replace the <% post.content %> with the following code block: + +``` +<% if(post.toc == true){ %> +
style="display:none" <% } %>> + Index + <% if (post.encrypt == true) { %> + <%- toc(post.origin, {list_number: true}) %> + <% } else { %> + <%- toc(post.content, {list_number: true}) %> + <% } %> +
+<% } %> +<%- post.content %> +``` + ## License See [LICENSE](./LICENSE) file. ## Thanks -Collaborator - [xiazeyu](https://github.com/xiazeyu) \ No newline at end of file +Collaborator - [xiazeyu](https://github.com/xiazeyu) diff --git a/ReadMe.zh.md b/ReadMe.zh.md index d013805..bafc509 100644 --- a/ReadMe.zh.md +++ b/ReadMe.zh.md @@ -8,7 +8,7 @@ - ~~首先, 这是 Hexo 生态圈中 **最好的** 博客加密插件~~ -- 你可能需要写一些私密的博客, 通过密码验证的方式让人不能随意浏览. +- 你可能需要写一些私密的博客, 通过密码验证的方式让人不能随意浏览. - 这在 wordpress, emlog 或是其他博客系统中都很容易实现, 然而 hexo 除外. :( @@ -30,7 +30,7 @@ ## 在线演示 -- 点击 [Demo Page](https://mhexo.github.io/example-site/2018/06/25/encrypt-test/), **所有的密码都是 `123`**. +- 点击 [Demo Page](https://mhexo.github.io/example-site/2018/06/25/encrypt-test/), **所有的密码都是 `hello`**. ## 安装 @@ -54,7 +54,7 @@ password: mikemessi - 再使用 `hexo clean && hexo g && hexo s` 在本地预览加密的文章. -## 密码优先级 +## 设置优先级 文章信息头 > 按标签加密 @@ -88,9 +88,9 @@ wrong_hash_message: 抱歉, 这个文章不能被校验, 不过您还是能看 encrypt: # hexo-blog-encrypt abstract: 有东西被加密了, 请输入密码查看. prompt: 您好, 这里需要密码. - tags: - - {name: 作为日记加密, password: 密码A} - - {name: 作为便签加密, password: 密码B} + tags: + - {name: tagName, password: 密码A} + - {name: tagName, password: 密码B} template:
wrong_pass_message: 抱歉, 这个密码看着不太对, 请再试试. wrong_hash_message: 抱歉, 这个文章不能被校验, 不过您还是能看看解密后的内容. @@ -101,10 +101,33 @@ encrypt: # hexo-blog-encrypt 文章信息头 > `_config.yml` (站点根目录下的) > 默认配置 + +### 对 TOC 进行加密 + +如果你有一篇文章使用了 TOC,你需要修改模板的部分代码。这里用 landscape 作为例子: + ++ 你可以在 hexo/themes/landscape/layout/_partial/article.ejs 找到 article.ejs。 ++ 然后找到 <% post.content %> 这段代码,通常在30行左右。 ++ 使用如下的代码来替代它: + +``` +<% if(post.toc == true){ %> +
style="display:none" <% } %>> + Index + <% if (post.encrypt == true) { %> + <%- toc(post.origin, {list_number: true}) %> + <% } else { %> + <%- toc(post.content, {list_number: true}) %> + <% } %> +
+<% } %> +<%- post.content %> +``` + ## 许可 看看 [LICENSE](./LICENSE). ## 感谢 -Collaborator - [xiazeyu](https://github.com/xiazeyu) \ No newline at end of file +Collaborator - [xiazeyu](https://github.com/xiazeyu) diff --git a/index.js b/index.js index 4cfbc1f..e2685da 100644 --- a/index.js +++ b/index.js @@ -30,19 +30,16 @@ function textToArray(s) { if (c < 128) { ba[n++] = c; j++; - } - else if ((c > 127) && (c < 2048)) { + } else if ((c > 127) && (c < 2048)) { ba[n++] = (c >> 6) | 192; ba[n++] = (c & 63) | 128; j++; - } - else if ((c > 2047) && (c < 65536)) { + } else if ((c > 2047) && (c < 65536)) { ba[n++] = (c >> 12) | 224; ba[n++] = ((c >> 6) & 63) | 128; ba[n++] = (c & 63) | 128; j++; - } - else { + } else { ba[n++] = (c >> 18) | 240; ba[n++] = ((c >> 12) & 63) | 128; ba[n++] = ((c >> 6) & 63) | 128; @@ -66,17 +63,22 @@ hexo.extend.filter.register('after_post_render', (data) => { }); } - data.tags.forEach((cTag, index) => { - if(tagEncryptName.includes(cTag.name)){ - password = password || tagEncryptPass[index]; - } - }); - + if (data.tags) { + data.tags.forEach((cTag, index) => { + if(tagEncryptName.includes(cTag.name)){ + password = password || tagEncryptPass[index]; + } + }); + } + if(password === undefined){ return data; } password = password.toString(); + // make sure toc can work. + data.origin = data.content; + // Let's rock n roll const config = Object.assign(defaultConfig, hexo.config.encrypt, data); @@ -88,7 +90,7 @@ hexo.extend.filter.register('after_post_render', (data) => { 'default_decryption_error', 'default_no_content_error', ]; - const newKeyNames = [ + const defaultConfigs = [ 'template', 'abstract', 'prompt', @@ -97,14 +99,14 @@ hexo.extend.filter.register('after_post_render', (data) => { ] deprecatedConfigs.forEach((key, index) => { if(key in config){ - log.warn(`hexo-blog-encrypt: ${key} is DEPRECATED, please change to newer API.`); - config[newKeyNames[index]] = config[key]; + log.warn(`hexo-blog-encrypt: "${key}" is DEPRECATED, please change to newer API: "${defaultConfigs[index]}"`); + config[defaultConfigs[index]] = config[key]; } }); // --- End --- Remove in the next version please - log.info(`hexo-blog-encrypt: encrypting "${data.title.trim()}".`); + log.info(`hexo-blog-encrypt: encrypting "${data.title.trim()}" with password "${password}".`); const key = crypto.pbkdf2Sync(password, keySalt, 1024, 256/8, 'sha256'); const iv = crypto.pbkdf2Sync(password, ivSalt, 512, 16, 'sha256'); @@ -118,10 +120,10 @@ hexo.extend.filter.register('after_post_render', (data) => { const hmacDigest = hmac.digest('hex'); data.content = config.template.replace(/{{hbeEncryptedData}}/g, encryptedData) - .replace(/{{hbeHmacDigest}}/g, hmacDigest) - .replace(/{{hbeWrongPassMessage}}/g, config.wrong_pass_message) - .replace(/{{hbeWrongHashMessage}}/g, config.wrong_hash_message) - .replace(/{{hbePrompt}}/g, config.prompt); + .replace(/{{hbeHmacDigest}}/g, hmacDigest) + .replace(/{{hbeWrongPassMessage}}/g, config.wrong_pass_message) + .replace(/{{hbeWrongHashMessage}}/g, config.wrong_hash_message) + .replace(/{{hbePrompt}}/g, config.prompt); data.content += ``; data.excerpt = data.more = config.abstract; diff --git a/lib/blog-encrypt.js b/lib/blog-encrypt.js index 60535e1..b78ff08 100644 --- a/lib/blog-encrypt.js +++ b/lib/blog-encrypt.js @@ -119,12 +119,12 @@ 'salt': keySalt.buffer, 'iterations': 256, }, keyMaterial, { - 'name': 'HMAC', - 'hash': 'SHA-256', - 'length': 256, - }, true, [ - 'verify', - ]); + 'name': 'HMAC', + 'hash': 'SHA-256', + 'length': 256, + }, true, [ + 'verify', + ]); } function getDecryptKey(keyMaterial) { @@ -134,11 +134,11 @@ 'salt': keySalt.buffer, 'iterations': 1024, }, keyMaterial, { - 'name': 'AES-CBC', - 'length': 256, - }, true, [ - 'decrypt', - ]); + 'name': 'AES-CBC', + 'length': 256, + }, true, [ + 'decrypt', + ]); } function getIv(keyMaterial) { @@ -160,8 +160,8 @@ 'hash': 'SHA-256', }, key, signature, encoded); console.log(`Verification result: ${result}`); - if(!result){ - alert(wrongHashMessage); + if (!result) { + // alert(wrongHashMessage); console.log(`${wrongHashMessage}, got `, signature, ` but proved wrong.`); } return result; @@ -179,11 +179,11 @@ const decoded = decoder.decode(result); const hideButton = document.createElement('button'); - hideButton.textContent = 'Hide again'; + hideButton.textContent = 'Encrypt again'; hideButton.type = 'button'; hideButton.addEventListener('click', () => { window.localStorage.removeItem('hexo-blog-encrypt'); - alert('Password has been removed.'); + alert('Encrypt again, you need a password to read this.'); window.location.reload(); }); @@ -191,6 +191,20 @@ document.getElementById('hexo-blog-encrypt').innerHTML = ''; document.getElementById('hexo-blog-encrypt').appendChild(hideButton); document.getElementById('hexo-blog-encrypt').appendChild(await convertHTMLToElement(decoded)); + + // TOC part + var tocDiv = document.getElementById("toc-div"); + if (tocDiv) { + tocDiv.style.display = 'inline'; + } + + var tocDivs = document.getElementsByClassName('toc-div-class'); + if (tocDivs && tocDivs.length > 0) { + for (var idx in tocDivs) { + tocDivs[idx].style.display = 'inline'; + } + } + return await verifyContent(hmacKey, decoded); }).catch((e) => { alert(wrongPassMessage); @@ -208,6 +222,7 @@ if (oldStorageData) { console.log(`Password got from localStorage(${storageName}): `, oldStorageData); + const sIv = hexToArray(oldStorageData.iv).buffer; const sDk = oldStorageData.dk; const sHmk = oldStorageData.hmk; @@ -256,13 +271,11 @@ }); }); } - }); } }); - } hbeLoader(); -})(); \ No newline at end of file +})();