transfer.sh icon indicating copy to clipboard operation
transfer.sh copied to clipboard
verified publisher icon dutchcoders

gpg encryption support

Open paolafrancesca opened this issue 7 years ago • 4 comments

X-Encrypt-Password/X-Decrypt-Password headers work seemingless as in gpg piping shell examples

paolafrancesca avatar Oct 06 '18 17:10 paolafrancesca

  • missing tests
  • missing updated doc

paolafrancesca avatar Oct 06 '18 17:10 paolafrancesca

the idea of the server managing the encryption instead of the client makes it not end to end encrypted, plus the password could be read by the server anyways. while it is encrypted at rest, there is nothing preventing the servers from reading the headers for the password. there's also nothing preventing the server from not encrypting at all. so, if you want encryption for secret stuff, encrypt it before you even send it to the server.

JacksonChen666 avatar Dec 16 '21 11:12 JacksonChen666

@stefanbenten what do you think of this? I've refectored in order to use a maintained opengpg library

paolafrancesca avatar Sep 12 '22 03:09 paolafrancesca

I'll review this today :)

stefanbenten avatar Sep 14 '22 10:09 stefanbenten

@stefanbenten did you have a chance to review? I'd like to merge it

paolafrancesca avatar Nov 29 '22 10:11 paolafrancesca

Has this been tested yet?

raziman18 avatar Feb 06 '23 09:02 raziman18

Has this been tested yet?

going to merge soon

paolafrancesca avatar Feb 10 '23 23:02 paolafrancesca

indeed will wait https://github.com/dutchcoders/transfer.sh/pull/527 before

paolafrancesca avatar Feb 11 '23 03:02 paolafrancesca