SecretExchange: Securely exchange secrets
A web app that allows you to securely exchange secrets like login credentials with client side encryption.
Usage
Sharing secrets
- Open the web UI and fill out the fields you require. You may add or remove fields, and can change whether a field
should be considered sensitive and thus is hidden.
- (Optional) Click the button with the repeat icon to change whether the item should be viewable multiple times. By
default, the item is deleted after it was requested (viewed) once.
- (Optional) Adjust the expiration time. After the expiration time, the item is deleted automatically.
- Click the
Submit
button to encrypt the item and send it to the server. A link will appear that you can now share to
allow someone else to retrieve the just created item.
- Send the link to someone else!
Retrieving secrets
- Open the URL to a secret that someone sent you.
- (Optional) If the item can only be viewed once, the UI will let you know and show an additional button to reveal the
item. Clicking the button will load the item and make it expire, which means you cannot open it again!
- Copy the values using the copy button (or manually, if you feel like it).
Security
When creating an item by pressing the Submit
button, the web application encrypts the fields with AES-GCM using a
128-bit key that is generated in the browser. This key is never sent to the backend, and thus the server has no ability
to ever decrypt an item. The key is appended to the sharing URL as the fragment and because of that not even sent to the
server when retrieving an item. Only those who know the item ID and the key can ever see the actual contents of an item.
Items that can only be viewed once are deleted by the server when the API endpoint is called that includes the encrypted
fields. The preview endpoint is used by the client to find out if an item can only be viewed once and doesn't return the
fields in the response.
Items that are expired are deleted every hour or when requested.
Deployment
Installation
The easiest way is to use the prebuilt container image. You also require a somewhat recent version
of PostgreSQL (tested with version 14, more recent versions should work too).
Container
docker run -e DB=<postgresql connection string> registry.gitlab.com/derenderkeks/secretexchange:latest
Bare
To manually build the application, refer to the Dockerfile. You first have to build the frontend and then
the backend, which embeds the frontend.
Server Usage
Secret Exchange Server
Usage:
secretexchange [command]
Available Commands:
completion Generate the autocompletion script for the specified shell
help Help about any command
serve Start the web server
Flags:
-c, --config string specify path to config file
-h, --help help for secretexchange
-v, --verbose count increase logging verbosity, can be used multiple times
Use "secretexchange [command] --help" for more information about a command.
You most likely only need the serve
subcommand. The server has the following configuration options, which can be set
in the config file, in env vars (uppercase) or passed as CLI flags.
Start the web server
Usage:
secretexchange serve [flags]
Flags:
-d, --db string Database connection string
-h, --help help for serve
-p, --port int Port to listen on (default 8080)
--trustedProxyCount uint Count of trusted proxies in chain; 0 disables proxy trust
Global Flags:
-c, --config string specify path to config file
-v, --verbose count increase logging verbosity, can be used multiple times
The config file can be in any format supported by Viper (e.g. yaml
, json
, ...).
If you set trustedProxyCount
to >0, the server will trust the specified amount of proxies using the X-Forwarded-For
header, according to the MDN docs.
License
See License.