Skip to content
One-Time-Secret sharing platform with a symmetric 256bit AES encryption in the browser
Branch: master
Clone or download
Latest commit b27a384 May 13, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
frontend Fix: Encoded hashes were not properly processed (again) May 12, 2019
src Fix: Encoded hashes were not properly processed (again) May 12, 2019
vendor Replace uuid library, update vendors Oct 6, 2018
.gitignore Auto-resize textareas, use babel to transpile JS Aug 22, 2018
.repo-runner.yaml CI: Update build image May 12, 2019
CONTRIBUTING.md Initial API Aug 3, 2017
Dockerfile Update Dockerfile to multi-stage build May 5, 2018
Gopkg.lock Replace uuid library, update vendors Oct 6, 2018
Gopkg.toml Replace uuid library, update vendors Oct 6, 2018
History.md
LICENSE Fix LICENSE file May 5, 2018
Makefile Move frontend to Vue May 10, 2019
README.md Introduce data expiry in Redis May 5, 2018
api.go Handle json requests to create API May 10, 2019
assets.go Fix: Encoded hashes were not properly processed (again) May 12, 2019
main.go Move frontend to Vue May 10, 2019
storage.go Initial API Aug 3, 2017
storage_mem.go Replace uuid library, update vendors Oct 6, 2018
storage_redis.go Replace uuid library, update vendors Oct 6, 2018
tplFuncs.go Generate SRI integrity hashes into html May 5, 2018

README.md

Go Report Card

Luzifer / OTS

ots is a one-time-secret sharing platform. The secret is encrypted with a symmetric 256bit AES encryption in the browser before being sent to the server. Afterwards an URL containing the ID of the secret and the password is generated. The password is never sent to the server so the server will never be able to decrypt the secrets it delivers with a reasonable effort. Also the secret is immediately deleted on the first read.

Features

  • AES 256bit encryption
  • Server does never get the password
  • Secret is deleted on first read

Setup

For a better setup you can choose the backend which is used to store the secrets:

  • mem - In memory storage (wiped on restart of the daemon)
  • redis - Storing the secrets in a hash under one key
    • REDIS_URL - Redis connection string tcp://auth:PWD@HOST:PORT/DB
    • REDIS_EXPIRY - Expiry of the keys in seconds (Default 0 = no expiry)
    • REDIS_KEY - Key prefix to store the keys under (Default io.luzifer.ots)

Hint: Starting in v0.7.0 the secrets in Redis are no longer stored in a hash but in own keys. This allows for individual expiry. At the first start of v0.7.0 the old data will be migrated automatically and afterwards be subject of expiry if you set REDIS_EXPIRY. My hosted instance uses an expiry of 90d (= 7776000s).

Localize to your own language

If you want to help translating the application to your own language please download the en-us.all.json file from this repository and translate the others strings inside. Afterwards please open an issue and attach your translation including the information which language you translated the strings into. Of course you also could open a pull-request to add the new file to the frontend/locale folder.

Same goes with when you're finding translation errors: Just open an issue and let me know!

You can’t perform that action at this time.