About
This is a library and a command-line utility to share secrets via "zerobin" sites like https://paste.ec using client-side encryption with SJCL.
This library reimplements encryption part of SJCL allowing you to post secrets from Haskell programs and shell script.
Requirements
ZeroBin is written in Haskell with GHC. All required Haskell libraries are listed in zerobin.cabal. Use cabal-install to fetch and build all pre-requisites automatically.
Installation
$ git clone https://github.com/zalora/zerobin.git
$ cd zerobin
$ cabal install
Command-line utility
The command-line utility zerobin
encrypts text or file,
post the encrypted data to https://paste.ec and
prints URI to be shared or error message:
$ zerobin 'heinrich hertz'
https://paste.ec/paste/1j3GBy-7#dg0PXHFglISOhXzRnU4KLWbSAh5jX5KjX4wZEiYM8QA6
Type zerobin --help
to see usage summary:
Usage:
zerobin [options] TEXT
Options:
-b, --bin=BIN 0bin service [default: https://paste.ec]
-f, --file Paste the content of file TEXT instead of plain TEXT
-e, --expire=E Set expiration of paste: once, day, week, month [default: day]
-h, --help Show this message
Examples:
zerobin hello paste "hello" for a day
zerobin -f /etc/fstab paste file /etc/fstab for a day
zerobin -e once hello paste "hello", it will burn after reading
zerobin -b http://0bin.net hello paste to 0bin.net
Hacking
There is a simple test program in the ./nodejs directory. It uses this library to encrypt a message and original SJCL running by Node.js to decrypt:
$ # get nodejs and npm, e. g. on Debian; sudo apt-get install nodejs npm
$ npm install sjcl
$ git clone https://github.com/zalora/zerobin.git
$ cd zerobin
$ cabal install --dependencies-only
$ cabal install -f nodejs --ghc-option="-Werror"
$ ./dist/build/zerobin-nodejs/zerobin-nodejs
heinrich hertz
Features/Bugs/TODOs
- 0bin supports images,
zerobin
can encrypt anything, but only plain text will be decrypted. - "Burn after reading" (
-e once
) really means "burn after two readings", because we do not redirect like browser does. You can verify your paste before sharing the link ;-) - http://0bin.net does not support
-e week