-
Notifications
You must be signed in to change notification settings - Fork 446
/
post_encryption.py
118 lines (104 loc) · 3.97 KB
/
post_encryption.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
# -*- coding: utf-8 -*-
# Copyright © 2012-2017 Roberto Alsina and others.
# Permission is hereby granted, free of charge, to any
# person obtaining a copy of this software and associated
# documentation files (the "Software"), to deal in the
# Software without restriction, including without limitation
# the rights to use, copy, modify, merge, publish,
# distribute, sublicense, and/or sell copies of the
# Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice
# shall be included in all copies or substantial portions of
# the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY
# KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE
# WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
# PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS
# OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR
# OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
# OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
# SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
"""Render the taxonomy overviews, classification pages and feeds."""
from __future__ import unicode_literals
import blinker
import io
import string
from nikola.plugin_categories import SignalHandler
from nikola import utils
from nikola.rc4 import rc4
class PostEncryption(SignalHandler):
"""Encrypt posts with passwords."""
name = "post_encryption"
@staticmethod
def wrap_encrypt(path, password):
"""Wrap a post with encryption."""
with io.open(path, 'r+', encoding='utf8') as inf:
data = inf.read() + "<!--tail-->"
data = CRYPT.substitute(data=rc4(password, data))
with io.open(path, 'w+', encoding='utf8') as outf:
outf.write(data)
def _handle_post_compiled(self, data):
"""Encrypt post if password is set."""
dest = data['dest']
post = data['post']
if post.meta('password'):
# TODO: get rid of this feature one day (v8?; warning added in v7.3.0.)
utils.LOGGER.warn("The post {0} is using the `password` attribute, which may stop working in the future.")
utils.LOGGER.warn("Please consider switching to a more secure method of encryption.")
utils.LOGGER.warn("More details: https://github.com/getnikola/nikola/issues/1547")
self.wrap_encrypt(dest, post.meta('password'))
def set_site(self, site):
"""Set site, which is a Nikola instance."""
super(PostEncryption, self).set_site(site)
# Add hook for after post compilation
blinker.signal("compiled").connect(self._handle_post_compiled)
CRYPT = string.Template("""\
<script>
function rc4(key, str) {
var s = [], j = 0, x, res = '';
for (var i = 0; i < 256; i++) {
s[i] = i;
}
for (i = 0; i < 256; i++) {
j = (j + s[i] + key.charCodeAt(i % key.length)) % 256;
x = s[i];
s[i] = s[j];
s[j] = x;
}
i = 0;
j = 0;
for (var y = 0; y < str.length; y++) {
i = (i + 1) % 256;
j = (j + s[i]) % 256;
x = s[i];
s[i] = s[j];
s[j] = x;
res += String.fromCharCode(str.charCodeAt(y) ^ s[(s[i] + s[j]) % 256]);
}
return res;
}
function decrypt() {
key = $$("#key").val();
crypt_div = $$("#encr")
crypted = crypt_div.html();
decrypted = rc4(key, window.atob(crypted));
if (decrypted.substr(decrypted.length - 11) == "<!--tail-->"){
crypt_div.html(decrypted);
$$("#pwform").hide();
crypt_div.show();
} else { alert("Wrong password"); };
}
</script>
<div id="encr" style="display: none;">${data}</div>
<div id="pwform">
<form onsubmit="javascript:decrypt(); return false;" class="form-inline">
<fieldset>
<legend>This post is password-protected.</legend>
<input type="password" id="key" placeholder="Type password here">
<button type="submit" class="btn">Show Content</button>
</fieldset>
</form>
</div>""")