mirror of https://github.com/Luzifer/ots.git synced 2024-06-26 14:12:14 +00:00

One-Time-Secret sharing platform with a symmetric 256bit AES encryption in the browser

aes256 encryption golang one-time-secret

Go to file

Knut Ahlers b51293fe3d Handle json requests to create API Signed-off-by: Knut Ahlers <knut@ahlers.me>		2019-05-10 23:00:08 +02:00
frontend	Update frontend dependencies	2019-05-10 16:19:38 +02:00
src	Update dev-dependencies	2019-05-10 15:52:50 +02:00
vendor	Replace uuid library, update vendors	2018-10-06 20:08:21 +02:00
.gitignore	Auto-resize textareas, use babel to transpile JS	2018-08-22 21:08:48 +02:00
.repo-runner.yaml	Add automated building	2017-08-03 18:34:18 +02:00
api.go	Handle json requests to create API	2019-05-10 23:00:08 +02:00
assets.go	Update frontend dependencies	2019-05-10 16:19:38 +02:00
CONTRIBUTING.md	Initial API	2017-08-03 14:13:53 +02:00
Dockerfile	Update Dockerfile to multi-stage build	2018-05-05 18:15:43 +02:00
Gopkg.lock	Replace uuid library, update vendors	2018-10-06 20:08:21 +02:00
Gopkg.toml	Replace uuid library, update vendors	2018-10-06 20:08:21 +02:00
History.md	prepare release v0.12.0	2018-10-22 11:26:41 +02:00
LICENSE	Fix LICENSE file	2018-05-05 18:10:10 +02:00
main.go	Add gzip compression for included assets	2019-05-10 16:19:20 +02:00
Makefile	Update frontend dependencies	2019-05-10 16:19:38 +02:00
README.md	Introduce data expiry in Redis	2018-05-05 13:56:53 +02:00
storage_mem.go	Replace uuid library, update vendors	2018-10-06 20:08:21 +02:00
storage_redis.go	Replace uuid library, update vendors	2018-10-06 20:08:21 +02:00
storage.go	Initial API	2017-08-03 14:13:53 +02:00
tplFuncs.go	Generate SRI integrity hashes into html	2018-05-05 19:08:02 +02:00
translations.go	Generate SRI integrity hashes into html	2018-05-05 19:08:02 +02:00

README.md

Luzifer / OTS

ots is a one-time-secret sharing platform. The secret is encrypted with a symmetric 256bit AES encryption in the browser before being sent to the server. Afterwards an URL containing the ID of the secret and the password is generated. The password is never sent to the server so the server will never be able to decrypt the secrets it delivers with a reasonable effort. Also the secret is immediately deleted on the first read.

Features

AES 256bit encryption
Server does never get the password
Secret is deleted on first read

Setup

Download the release
Start it and you can access the server on http://localhost:3000/

For a better setup you can choose the backend which is used to store the secrets:

mem - In memory storage (wiped on restart of the daemon)
redis - Storing the secrets in a hash under one key
- REDIS_URL - Redis connection string tcp://auth:PWD@HOST:PORT/DB
- REDIS_EXPIRY - Expiry of the keys in seconds (Default 0 = no expiry)
- REDIS_KEY - Key prefix to store the keys under (Default io.luzifer.ots)

Hint: Starting in v0.7.0 the secrets in Redis are no longer stored in a hash but in own keys. This allows for individual expiry. At the first start of v0.7.0 the old data will be migrated automatically and afterwards be subject of expiry if you set REDIS_EXPIRY. My hosted instance uses an expiry of 90d (= 7776000s).

Localize to your own language

If you want to help translating the application to your own language please download the en-us.all.json file from this repository and translate the others strings inside. Afterwards please open an issue and attach your translation including the information which language you translated the strings into. Of course you also could open a pull-request to add the new file to the frontend/locale folder.

Same goes with when you're finding translation errors: Just open an issue and let me know!