zerobin: Post to 0bin services

[ cryptography, library, mit, web ] [ Propose Tags ] [ Report a vulnerability ]

Post encrypted content to 0bin sites like http://0bin.net or https://paste.ec

[Skip to Readme]

Modules

[Index]

Web
- Web.ZeroBin
  - Web.ZeroBin.SJCL
  - Web.ZeroBin.Utils

Flags

Automatic Flags

Name	Description	Default
nodejs	Build a test program for decrypting with Node.js and SJCL. You need Node.js and SJCL installed (via NPM for example)	Disabled
cli	Build a command-line utility. You can use it in shell scripts	Enabled

Use -f <flag> to enable a flag, or -f -<flag> to disable that flag. More info

Downloads

zerobin-1.5.2.tar.gz [browse] (Cabal source package)
Package description (as included in the package)

Maintainer's Corner

Package maintainers

ip1981

For package maintainers and hackage trustees

edit package information

Candidates

No Candidates

Versions [RSS]	1.1.1, 1.2.0, 1.5.0, 1.5.1, 1.5.2
Change log	ChangeLog.md
Dependencies	aeson (>=0.10), base (>=4.7 && <5), base64-bytestring (>=1.0), bytestring (>=0.10.6.0), cryptonite (>=0.8), docopt (>=0.7.0.4), http-conduit (>=2.1.8), memory (>=0.10), process (>=1.3.0.0), raw-strings-qq (>=1.0.2), zerobin [details]
License	MIT
Copyright	2015, Zalora South East Asia Pte. Ltd 2017, Igor Pashev <pashev.igor@gmail.com>
Author	Igor Pashev
Maintainer	Igor Pashev <pashev.igor@gmail.com>
Category	Cryptography, Web
Source repo	head: git clone https://github.com/ip1981/zerobin.git
Uploaded	by ip1981 at 2017-06-08T12:27:46Z
Distributions
Executables	zerobin-nodejs, zerobin
Downloads	3594 total (16 in the last 30 days)
Rating	(no votes yet) [estimated by Bayesian average]
Your Rating	λ λ λ
Status	Docs available [build log] Last success reported on 2017-06-08 [all 1 reports]

Readme for zerobin-1.5.2

[back to package description]

About

This is a library and a command-line utility to share secrets via "zerobin" sites like https://paste.ec using client-side encryption with SJCL.

This library reimplements encryption part of SJCL allowing you to post secrets from Haskell programs and shell scripts.

Requirements

ZeroBin is written in Haskell with GHC. All required Haskell libraries are listed in zerobin.cabal. Use cabal-install to fetch and build all pre-requisites automatically.

Command-line utility

The command-line utility zerobin encrypts text or file, post the encrypted data to https://paste.ec and prints URI to be shared or error message:

$ zerobin 'heinrich hertz'
https://paste.ec/paste/1j3GBy-7#dg0PXHFglISOhXzRnU4KLWbSAh5jX5KjX4wZEiYM8QA6

Type zerobin --help to see usage summary:

Usage:
  zerobin [options] TEXT

Options:
  -b, --bin=BIN   0bin service [default: https://paste.ec]
  -f, --file      Paste the content of file TEXT ("-" for stdin)
  -e, --expire=E  Set expiration of paste: once, day, week, month [default: day]

  -h, --help      Show this message

Examples:
  zerobin hello                      paste "hello" for a day
  zerobin -f /etc/fstab              paste file /etc/fstab for a day
  cat /etc/fstab | zerobin -f -      likewise
  zerobin -e once hello              paste "hello", it will burn after reading
  zerobin -b http://0bin.net hello   paste to 0bin.net

Hacking

There is a simple test program in the ./nodejs directory. It uses this library to encrypt a message and original SJCL running by Node.js to decrypt:

$ cabal install -f nodejs --dependencies-only
$ cabal install -f nodejs --ghc-option="-Werror"
$ # get nodejs and npm, e. g. on Debian: sudo apt-get install nodejs npm
$ npm install sjcl
$ ./dist/build/zerobin-nodejs/zerobin-nodejs
heinrich hertz

Features/Bugs/TODOs

0bin supports images, zerobin can encrypt anything, but only plain text will be decrypted.
"Burn after reading" (-e once) might mean "burn after two readings", because we do not redirect like browser does. You can verify your paste before sharing the link ;-)
http://0bin.net does not support -e week