_includes/encrypted.html in no-style-please2-0.9.1 vs _includes/encrypted.html in no-style-please2-0.9.2
- old
+ new
@@ -23,17 +23,32 @@
</div>
<script>
var exports = exports || {}
</script>
<script src="//cdn.jsdelivr.net/gh/vitock/jsdelivr@0.1.2/js/base64js.js"></script>
+
+ <script>
+
+
+ </script>
+
+
+
+
<script>
+
+
+ {% assign HEXKEY = '' | rand_bytes:32 %}
+ const keyData = "{{ '' | encrypt_key:page,HEXKEY ,encid}}"
+ const contentEnc = '{{ content | encrypt_content_v2:HEXKEY }}'
+
!function(){
const substl = crypto.subtle
const preFix = '{{encid}}';
const encid = preFix
- const encryptedContent = '{{ content | encrypt_content:page, encid}}'
+ const encryptedContent = contentEnc;
const base64str = encryptedContent.substring(3)
const bfMsg = base64js.decode(base64str)
const bfIv = bfMsg.subarray(0,12)
const bfCipher = bfMsg.subarray(12)
@@ -45,11 +60,54 @@
name:"PBKDF2",hash: "SHA-256",iterations: 12345,salt: new TextEncoder().encode(salt)
}
return await substl.deriveBits(pbkdf2,key,256);
}
+ async function decryptRaw(msg64,key){
+ const base64str = msg64.substring(3)
+ const bfMsg = base64js.decode(base64str)
+ const bfIv = bfMsg.subarray(0,16)
+ const bfCipher = bfMsg.subarray(16)
+ var aeskey = {
+ name:"AES-CBC",
+ }
+ var keyObj = await substl.importKey('raw',key,aeskey,false,['decrypt'])
+ var aesDec= {name: "AES-CBC",iv:bfIv}
+ var bfDec
+ try{
+ bfDec = await substl.decrypt(aesDec,keyObj,bfCipher)
+ }catch (error) {
+ console.log(error)
+ throw error
+ }
+
+ return new Uint8Array(bfDec)
+ }
+ async function checkKey(key){
+ {% assign TestData = '' | rand_bytes:12 %}
+ var testData = '{{ TestData }}';
+ var testDataEnc = '{{ TestData | encrypt_content_v2:HEXKEY }}';
+
+ let arrKeys = keyData.split('#')
+ let keyBf = null
+ for (let i = 0; i < arrKeys.length; i++) {
+ const element = arrKeys[i];
+ try{
+
+ let d = await decryptRaw(element,key)
+ let dec = await decryptRaw(testDataEnc,d)
+ if((new TextDecoder).decode(dec) == testData ){
+ keyBf = d;
+ break;
+ }
+ }catch (e){
+ }
+ }
+
+ return keyBf
+ }
async function decrypt (key0,isCached){
// const key = Uint8Array([...]); // 32 bytes key
var key = ''
@@ -63,17 +121,22 @@
if (key.length == 0) {
return
}
var aeskey = {
- name:"AES-GCM",
+ name:"AES-CBC",
length:256
}
+
var keyObj = await substl.importKey('raw',key,aeskey,false,['decrypt'])
- var aesDec= {name: "AES-GCM",iv:bfIv,tagLength:128}
+ var aesDec= {name: "AES-CBC",iv:bfIv}
try {
- var bfDec = await substl.decrypt(aesDec,keyObj,bfCipher)
+ let keyBf = await checkKey(key)
+ if(!keyBf){
+ throw 'error psw'
+ }
+ var bfDec = await decryptRaw(contentEnc,keyBf)
var plain = new TextDecoder().decode(bfDec);
setKey(key)
document.getElementById("encrypted").style.display = 'none'
// / show decrypted
@@ -90,9 +153,10 @@
window.dispatchEvent(loadevent)
window.dispatchEvent(DOMContentLoaded_event)
}, 500);
} catch (error) {
+ console.log(error)
alert("wrong password.")
}
}
document.getElementById("DecryptBtn").onclick = function(){
\ No newline at end of file