Specific storage for sharing public keys of pair ECDH by curve25519.
Service provide HTTP API for save and read a 32-bytes key with human-readable name (aka. alias).
This service solve problem for persistent saving public key and send to recipient through open communication channel.
You should use this model:
{
"name":"Some Name",
"key":"base64=="
}
where:
name
- string with length more that 1000 signskey
- encodeted to base64 32-bytes public keySave public key:
curl -X POST "https://pspk.now.sh" -d '{"name":"Some.Name","key":"E7+TL112lj1GmJRHf9jT5MZJDgYIhUbtBLc4/ZFMZ5c="}'
{"access":true,"msg":"added"}
Read public key:
curl -X POST "https://pspk.now.sh" -d '{"name":"Some.Name"}'
{"access":true,"key":"wTaZA5+QeZpby33W2T5uV8TweWaPEZn3clTe5xkmb2M="}
GET:
get all keys in json array GET /?output=json-array&limit=500&last_key=&last_key=5c93d5b8149588f7c7638546
response:
[
{"id":"5c952b5e149588f7c777c7b6","name":"x1","key":"wTaZA5+QeZpby33W2T5uV8TweWaPEZn3clTe5xkmb2M="},
{"id":"5c952b62149588f7c777ca52","name":"x2","key":"ApYM2UsdUxFas5AF16W605950ke2iXPd5sDhg287xnM="}
]
get data by link GET /?link=5d06a65da5cdb90006989577
response:
{"data":"123"}
get by full name GET /?name_key=alice
response
[{"id":"5c9bd58b149588f7c71bce91","name":"alice","key":"E7+TL112lj1GmJRHf9jT5MZJDgYIhUbtBLc4/ZFMZ5c="}]
get public key in QR code by name GET /?qr_code=alice
. Response will contains byes for image/png
.
get by regexp name.*
GET /?name_regex=Some
response
[{"id":"5c9bd58b149588f7c71bce91","name":"Some.Name","key":"E7+TL112lj1GmJRHf9jT5MZJDgYIhUbtBLc4/ZFMZ5c="},...]
POST:
post data POST /
with body {"method":"link","data":"base64=="}
, response
{"link":"5d06a65da5cdb90006989577"}
publish key POST /
with body {"name":"alice","key":"base64=="}
, response
{"msg":"added"}
get key nmae POST /
with body {"name":"alice"}
, response
{"msg":"base64=="}
pspk
- console tool which use API to pspk and implement encryption/decryption for one or several recipients.
$ pspk --help
NAME:
pspk - pspk - encrypt you message and send through open communication channel
USAGE:
pspk [global options] command [command options] [arguments...]
VERSION:
0.1.2
DESCRIPTION:
Console tool for encyption/decription data through pspk.now.sh
COMMANDS:
publish, p --name <NAME> publish
secret, s secret public_name
encrypt, e ecnrypt pub_name some message will encrypt
ephemeral-encrypt, ee ee pub_name some message will encrypt
decrypt, d decrypt pub_name base64==
ephemeral-decrypt, ed ephemeral-decryp pub_name base64==
use-current, uc --name name_pub_key use-current
group, g --name base_name group
start-group, sg start-group groupName [pubName1 pubName2 ...]
finish-group, fg finish-group groupName pubName1 [pubName2 ...]
secret-group, seg secret-group groupName pubName1 [pubName2 ...]
encrypt-group, eg eg <GROUP_NAME> message
ephemeral-encrypt-group, eeg Encrypt input message with ephemeral key
decrypt-group, dg dg <GROUP_NAME> base64
ephemeral-decrypt-group, edg Decrypt input message with ephemral shared key
sign, s --name <KEY_NAME> sign <MESSAGE>
verify, v verify <KEY_NAME> <SIGNATURE_IN_BASE64> <MESSAGE>
help, h Shows a list of commands or help for one command
GLOBAL OPTIONS:
--name value key name
--help, -h show help
--version, -v print the version
Will generation private and public keys and publish public pice to pspk.now.sh.
pspk --name <NAME_YOUR_KEY> publish
Will encryption message through your private key and public key name from pspk.now.sh.
pspk --name <NAME_YOUR_KEY> encrypt <PUBLIC_PART_NAME> <SOME_MESSAGE_WITH_SPACES>
Or encryption with ephemral key
pspk ephemeral-encrypt <PUBLIC_PART_NAME> <SOME_MESSAGE_WITH_SPACES>
Also encrypt commands have a --link
boolean flag for uploading encrypted data to server.
And generation link 24hrs for access data.
pspk ephemeral-encrypt --link <PUBLIC_PART_NAME> <SOME_MESSAGE_WITH_SAPCES>
Output:
base64ofencpryteddata==
https://pspk.now.sh/?link=5d07c5264f818b00069f5dda
Get data by this link return json:
{"data":"MmeSOsti98jaancR+qsbNtpL6nwPtov2p9U5diP7ahbSAhkwsYbgYMRAHMbO/gry"}
where data contains encrypted data.
Will decription message through your private key and public key name from pspk.now.sh.
pspk --name <NAME_YOUR_KEY> decrypt <PUBLIC_PART_NAME> <SOME_BASE64_WITH_SPACES>
Or decription with ephemral key
pspk --name <NAME_YOUR_KEY> ephemeral-decrypt <SOME_MESSAGE_WITH_SPACES>
Also decrypt commands have a --link <URL>
string flag for downloading ecnrypted data from server.
Example:
pspk --name <NAME_YOUR_KEY> ephemeral-decrypt --link https://pspk.now.sh/?link=5d07c5264f818b00069f5dda
For encryption/decryption need generate shared secret in group. Use this algorithm (CLIQUES) IV.A
base
and publish to pspk.now.sh
pspk --name base group
base
.
pspk --name alice start-group base
pspk --name bob start-group base alice
pspk --name carol start-group base bob alice
The last members finish generate intermediate secrets.
pspk --name daron finish-group base carol bob alice
Members can start generate shared secret keys via intermediate keys.
pspk --name daron secret-group base carol bob alice
pspk --name carol secret-group base daron bob alice
pspk --name bob secret-group base daron carol alice
pspk --name alice secret-group base daron carol bob
base
group members
pspk --name alice ephemeral-encrypt-group base Super secret message
base
group
pspk --name bob ephemeral-decryp-group base base64
NOTE All intermediate secrets would saved in pspk storage!
You can sign text message or output with pspk and you private key:
pspk --name bob sign Hello Alice!
osnfKYmhRNQx7/f3rcpA9jV0T6i/z/+XwyNFcSTGW7QKtJaBzRlbnf7Prg7Q5Hj90rfN2++CKY21IfPcIcAsAQ==
# now Alice can check signature of bob
pspk sign bob osnfKYmhRNQx7/f3rcpA9jV0T6i/z/+XwyNFcSTGW7QKtJaBzRlbnf7Prg7Q5Hj90rfN2++CKY21IfPcIcAsAQ== Hello Alice!
Signature osnfKYmhRNQx7/f3rcpA9jV0T6i/z/+XwyNFcSTGW7QKtJaBzRlbnf7Prg7Q5Hj90rfN2++CKY21IfPcIcAsAQ== is valid.
or file:
pspk --name bob sign --file ./bin/pspk
osnfKYmhRNQx7/f3rcpA9jV0T6i/z/+XwyNFcSTGW7QKtJaBzRlbnf7Prg7Q5Hj90rfN2++CKY21IfPcIcAsAQ==
# now Alice can check signature of bob
pspk sign bob osnfKYmhRNQx7/f3rcpA9jV0T6i/z/+XwyNFcSTGW7QKtJaBzRlbnf7Prg7Q5Hj90rfN2++CKY21IfPcIcAsAQ== --file ./bin/pspk
Signature osnfKYmhRNQx7/f3rcpA9jV0T6i/z/+XwyNFcSTGW7QKtJaBzRlbnf7Prg7Q5Hj90rfN2++CKY21IfPcIcAsAQ== is valid.
pspk use $XDG_CONFIG_HOME
for saving configuration or default value $HOME/.config/pspk
Use config.json
file for saving configuration:
{"current_name":"name"}
Also pspk use $XDG_DATA_HOME
for saving appication data ro default value $HOME/.local/share/pspk