top | item 28119386

(no title)

bndw | 4 years ago

If anyone is curious like I was, here's a quick review of what the linked code does:

- Reads plaintext input from stdin

- Symmetrically encrypts the plaintext using a 32-byte [cryptographically] random generated key (AES-256 GCM)

- POSTs the ciphertext and expiry (default 24h) to https://api.ots.sniptt.com/secrets

- The server responds with a URL to view the secret via a response header

- Query string "?ref=cli&v=<version>" are appended to the secret URL

- The decryption key is base64 encoded and appended to the secret URL as a Fragment, "#<key>"

- The secret URL is printed to stdout

discuss

Hi, just for completeness - the decryption key is added to the secret URL as a fragment in the penultimate step.

bndw|4 years ago

Thanks for the correction, updated.