Archivio v1.5.9

Security & stability improvements

• Fixed input handling and output escaping
• Enqueued scripts and styles correctly
• Corrected readme instructions for installation
• Tested and verified for secure usage

Verification Badge System

• Visual badges on posts and pages showing integrity status
• Three states: ✓ Verified (green), ✗ Unverified (red), − Not Signed (gray)
• Automatic display below titles or content
• Manual placement via [hash_verify] shortcode
• Downloadable verification files for offline confirmation

Supported Hash Algorithms

Standard Algorithms:

• SHA-256 (default)
• SHA-512
• SHA3-256
• SHA3-512
• BLAKE2b

Experimental Algorithms:

• BLAKE3 (requires PHP extension)
• SHAKE128-256
• SHAKE256-512

All algorithms supported in both:

• Post/page hash generation
• Markdown file hash verification
• HTML rendering hash preservation

HMAC Integrity Mode

Add authentication to content verification:

// Add to wp-config.php
define('ARCHIVIOMD_HMAC_KEY', 'your-secret-key');

HMAC mode provides:

• Content integrity: Proves content hasn't changed
• Authenticity: Proves hash was created by key holder
• Tamper detection: Any modification invalidates the hash
• Key-based verification: Offline verification requires secret key

Enable HMAC in Cryptographic Verification → Settings → Enable HMAC Mode

🔗 External Anchoring (Remote Distribution Chain)

Distribute cryptographic integrity records to Git repositories for tamper-evident audit trails.

Supported Providers

• GitHub (public and private repositories)
• GitLab (public and private repositories including self-hosted)

How It Works

1. Content is published or updated
2. Cryptographic hash is generated
3. JSON anchor record is created with:
   • Document/Post ID
   • Hash algorithm and value
   • HMAC value (if enabled)
   • Author ID
   • Timestamp
   • Plugin version
4. Record queued for distribution
5. WP-Cron pushes to GitHub/GitLab every 5 minutes
6. Git commit provides immutable timestamp
7. Creates tamper-evident chain of integrity records

Anchor Record Format

{
  "document_id": "security.txt.md",
  "post_id": 123,
  "post_type": "post",
  "hash_algorithm": "sha256",
  "hash_value": "a3f5b8c2d9e1f4a7...",
  "hmac_value": "b7c6d8e2f1a4b7c6..." (if HMAC enabled),
  "author_id": 1,
  "timestamp": "2026-02-15T12:05:30Z",
  "plugin_version": "1.5.9",
  "integrity_mode": "hmac"
}

Benefits

• Tamper-evident: Git commits prove when hashes were created
• Distributed verification: Anyone can verify via Git history
• Automatic backups: Integrity records preserved off-site
• Audit compliance: Immutable chain for regulatory requirements
• Public transparency: Optional public repository for trust

Audit Logging

All hash generation and verification events logged to database:

• Post ID and type
• Hash algorithm and mode
• Event type (auto_generate, manual_verify)
• Result (success, failure, fallback)
• Timestamp

Export logs to CSV via admin interface.

Content Canonicalization

Consistent hashing requires normalized content:

• Line endings: LF (\n)
• Whitespace: Trimmed
• Format: post_id:X\nauthor_id:Y\ncontent:\n{content}

Cron Schedule

External anchoring uses WP-Cron:

• Frequency: Every 5 minutes
• Batch size: 10 records per execution
• Retry logic: Exponential backoff on failure

---

Security Considerations

HMAC Key Management

• Generate strong keys: 32+ random characters
• Store securely: Only in wp-config.php
• Never commit: Add to .gitignore
• Rotate on compromise: Rehash all content

Token Security

• Minimum permissions: Only required scopes
• Regular rotation: Update tokens periodically
• Secure storage: WordPress database (encrypted)
• Audit access: Monitor repository for unauthorized changes