If anyone is curious like I was, here's a quick review of what the linked code d... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		bndw on Aug 9, 2021 \| parent \| context \| favorite \| on: Show HN: Ots – share a secret via one-time URL If anyone is curious like I was, here's a quick review of what the linked code does: - Reads plaintext input from stdin - Symmetrically encrypts the plaintext using a 32-byte [cryptographically] random generated key (AES-256 GCM) - POSTs the ciphertext and expiry (default 24h) to https://api.ots.sniptt.com/secrets - The server responds with a URL to view the secret via a response header - Query string "?ref=cli&v=<version>" are appended to the secret URL - The decryption key is base64 encoded and appended to the secret URL as a Fragment, "#<key>" - The secret URL is printed to stdout

slavomirvojacek on Aug 9, 2021 [–]

Hi, just for completeness - the decryption key is added to the secret URL as a fragment in the penultimate step.

bndw on Aug 9, 2021 | [–]

Thanks for the correction, updated.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact