Skip to content
Switch branches/tags
Go to file
Cannot retrieve contributors at this time
30 lines (28 sloc) 1.38 KB
secret\-sender \- send passwords and tokens manually over insecure channels
\fBsecret\-sender\fR send
\fBsecret\-sender\fR receive
\fBsecret\-sender\fR requires two users to run the program at the same time in
cooperation, and paste messages at each other as a communication medium. These
messages are not secret, so can be pasted on (e.g.) Slack.
Under the hood, \fBsecret\-sender\fR uses NaCl Box cryptograpy, or
curve25519xsalsa20poly1305. The receiver generates an ephemeral keypair and
sends the public portion to the sender, who encrypts the secret to that key,
before sending the ciphertext to the receiver. The receiver then recovers the
plaintext and terminates, discarding the private key.
Neither subcommand takes any arguments, but both ask for user input. Scripting
this is discouraged: Use \fBejson\fR directly.
Invoked when a user wants to send a secret to another user, \fBsecret\-sender
send\fR first asks for the public key generated by the user running
\fBreceive\fR, then prints the encrypted secret to send to the receiver.
Invoked when a user wants to receive a secret from a sender, \fBsecret\-sender
receive\fR prints a public key to send to the sender, then waits for the
returned ciphertext from the sender, which it decrypts immediately before