Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

API use and documentation

See original GitHub issue

In a previous version of yopass there was a rudimental documentation of an API via HTTPS and JSON (see here).

Since your last bigger rewrite and the change to the sjcl cryptolibrary this part is missing in the README of the project.

We consider to automate a secure secret delivery in one of our internal services, so yopass would be a nice solution. (A yopass instance is already running but at this point only used in browser)

While the most of the JSON API is still working as expected…

# request
curl --header "Content-Type: application/json" \
  --request POST \
  --data '{"secret":"secret","Expiration":3600}' \
  https://dasvcjfzrl.execute-api.eu-west-1.amazonaws.com/dev/secret

# response
{"message":"ea75ddc4-bcad-43b7-b767-7546253e8ca8"}

… At this point I need to know how the encryption part can be done locally without JS before sending the request to the server. You seem to use the SJCL defaults.

But I haven’t got this managed so far. Do you have an idea on how an api client can do that?

It would be nice to have this as an official feature back again.

Issue Analytics

State:
Created 5 years ago
Comments:6 (1 by maintainers)

Top GitHub Comments

1reaction

macedogmcommented, Jun 12, 2019

Hi. We have created a simple shell and node script to automate calls to Whisper encryption API through CLI. If someone needs it, we can share the code. Best regards.

0reactions

dbxclathropecommented, Dec 13, 2022

In case folks try to get bahho’s version working on a mac (note curl doesn’t support OAuth, so if your site uses Google auth, it will complain about no javascript support - look at headless chrome or macedogm idea above that uses node):

message="top secret message"
#password=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 20 );

#macos compatible:
password=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w20 | head -n1)
echo $password > pass.txt

# encrypt message with pass.txt and replace newlines with "\n"
#message=$(echo $message | gpg -a --batch --passphrase-file pass.txt -c  --cipher-algo AES256 | sed ':a;N;$!ba;s/\n/\\n/g' );

#macos compatible
message=$(echo $message | gpg -a --batch --passphrase-file pass.txt -c  --cipher-algo AES256 | sed -e ':a' -e 'N' -e '$!ba' -e 's/\n/\\n/g');

payload=$(cat << EOF
{
  "message": "${message}",
  "expiration": 604800 ,
  "one_time": true
}
EOF
)

secret_id=$(curl -s -L -XPOST  https://whisper.pp.dropbox.com/secret -H 'Content-Type: application/json' -d "${payload}" |  jq -r .message)

echo https://whisper.pp.dropbox.com/#/s/$secret_id/$password