packages feed

zerobin 1.5.1 → 1.5.2

raw patch · 5 files changed

+31/−22 lines, 5 filesPVP: major bump suggested

API removals or changes: PVP suggests a major version bump

API changes (from Hackage documentation)

- Web.ZeroBin: instance Data.Aeson.Types.Class.FromJSON Web.ZeroBin.Response
- Web.ZeroBin: instance GHC.Generics.Constructor Web.ZeroBin.C1_0Response
- Web.ZeroBin: instance GHC.Generics.Datatype Web.ZeroBin.D1Response
- Web.ZeroBin: instance GHC.Generics.Selector Web.ZeroBin.S1_0_0Response
- Web.ZeroBin: instance GHC.Generics.Selector Web.ZeroBin.S1_0_1Response
- Web.ZeroBin: instance GHC.Generics.Selector Web.ZeroBin.S1_0_2Response
- Web.ZeroBin.SJCL: instance Data.Aeson.Types.Class.ToJSON Web.ZeroBin.SJCL.Content
- Web.ZeroBin.SJCL: instance GHC.Generics.Constructor Web.ZeroBin.SJCL.C1_0Content
- Web.ZeroBin.SJCL: instance GHC.Generics.Datatype Web.ZeroBin.SJCL.D1Content
- Web.ZeroBin.SJCL: instance GHC.Generics.Selector Web.ZeroBin.SJCL.S1_0_0Content
- Web.ZeroBin.SJCL: instance GHC.Generics.Selector Web.ZeroBin.SJCL.S1_0_1Content
- Web.ZeroBin.SJCL: instance GHC.Generics.Selector Web.ZeroBin.SJCL.S1_0_2Content
+ Web.ZeroBin: instance Data.Aeson.Types.FromJSON.FromJSON Web.ZeroBin.Response
+ Web.ZeroBin.SJCL: instance Data.Aeson.Types.ToJSON.ToJSON Web.ZeroBin.SJCL.Content

Files

ChangeLog.md view
@@ -1,7 +1,15 @@+1.5.2+=====++  * Fixed `CryptoError_KeySizeInvalid` in `Web.ZeroBin.SJCL.encode`+    by using `Crypto.Cipher.AES.AES128` instead of `Crypto.Cipher.AES.AES256`++ 1.5.1 ===== -* Added ChangeLog-* zerobin command supports reading stdin:-	`zerobin -f /etc/fstab` can be done as-	`cat /etc/fstab | zerobin -f -` or `zerobin -f < /etc/fstab`+  * Added ChangeLog+  * zerobin command supports reading stdin:+    `zerobin -f /etc/fstab` can be done as+    `cat /etc/fstab | zerobin -f -` or `zerobin -f < /etc/fstab`+
README.md view
@@ -1,5 +1,6 @@ About =====+ This is a library and a command-line utility to share secrets via ["zerobin"](https://github.com/sametmax/0bin) sites like https://paste.ec@@ -8,21 +9,19 @@ This library reimplements encryption part of [SJCL](https://crypto.stanford.edu/sjcl/) allowing you to post secrets from Haskell programs and shell scripts. + Requirements ============+ ZeroBin is written in Haskell with [GHC](http://www.haskell.org/ghc/). All required Haskell libraries are listed in [zerobin.cabal](zerobin.cabal). Use [cabal-install](http://www.haskell.org/haskellwiki/Cabal-Install) to fetch and build all pre-requisites automatically. -Installation-============-    $ git clone https://github.com/zalora/zerobin.git-    $ cd zerobin-    $ cabal install  Command-line utility ====================+ The command-line utility `zerobin` encrypts text or file, post the encrypted data to https://paste.ec and prints URI to be shared or error message:@@ -38,7 +37,7 @@      Options:       -b, --bin=BIN   0bin service [default: https://paste.ec]-      -f, --file      Paste the content of file TEXT instead of plain TEXT+      -f, --file      Paste the content of file TEXT ("-" for stdin)       -e, --expire=E  Set expiration of paste: once, day, week, month [default: day]        -h, --help      Show this message@@ -46,32 +45,33 @@     Examples:       zerobin hello                      paste "hello" for a day       zerobin -f /etc/fstab              paste file /etc/fstab for a day+      cat /etc/fstab | zerobin -f -      likewise       zerobin -e once hello              paste "hello", it will burn after reading       zerobin -b http://0bin.net hello   paste to 0bin.net   Hacking =======+ There is a simple test program in the [./nodejs](./nodejs) directory. It uses this library to encrypt a message and original SJCL running by [Node.js](https://nodejs.org) to decrypt: -    $ git clone https://github.com/zalora/zerobin.git-    $ cd zerobin     $ cabal install -f nodejs --dependencies-only     $ cabal install -f nodejs --ghc-option="-Werror"-    $ # get nodejs and npm, e. g. on Debian; sudo apt-get install nodejs npm+    $ # get nodejs and npm, e. g. on Debian: sudo apt-get install nodejs npm     $ npm install sjcl     $ ./dist/build/zerobin-nodejs/zerobin-nodejs     heinrich hertz + Features/Bugs/TODOs ===================+ 1. [0bin](https://github.com/sametmax/0bin) supports images,    `zerobin` can encrypt anything, but only plain text will be decrypted.-2. "Burn after reading" (`-e once`) really means "burn after two readings",+2. "Burn after reading" (`-e once`) might mean "burn after two readings",    because we do not redirect like browser does.    You can verify your paste before sharing the link ;-) 3. http://0bin.net does not support `-e week`- 
cli/Main.hs view
@@ -53,9 +53,9 @@   exitFailure  getContent :: Bool -> String -> IO BS.ByteString-getContent fromFile text-  | fromFile && (text == "-") = BS.getContents-  | fromFile = BS.readFile text+getContent isFile text+  | isFile && (text == "-") = BS.getContents+  | isFile = BS.readFile text   | otherwise = return $ C.pack text  main :: IO ()
src/Web/ZeroBin/SJCL.hs view
@@ -14,7 +14,7 @@   encrypt ) where -import Crypto.Cipher.AES (AES256)+import Crypto.Cipher.AES (AES128) import Crypto.Cipher.Types (ivAdd, blockSize, cipherInit, ecbEncrypt, ctrCombine, makeIV) import Crypto.Error (throwCryptoErrorIO) import Crypto.Hash.Algorithms (SHA256(..))@@ -43,7 +43,7 @@ instance JSON.ToJSON Content where   toJSON = JSON.genericToJSON JSON.defaultOptions -makeCipher :: ByteString -> IO AES256+makeCipher :: ByteString -> IO AES128 makeCipher = throwCryptoErrorIO . cipherInit  -- https://github.com/bitwiseshiftleft/sjcl/blob/master/core/pbkdf2.js
zerobin.cabal view
@@ -1,5 +1,5 @@ name: zerobin-version: 1.5.1+version: 1.5.2 synopsis: Post to 0bin services description: Post encrypted content to 0bin sites   like http://0bin.net or https://paste.ec@@ -8,6 +8,7 @@ author: Igor Pashev maintainer: Igor Pashev <pashev.igor@gmail.com> copyright: 2015, Zalora South East Asia Pte. Ltd+           2017, Igor Pashev <pashev.igor@gmail.com> category: Cryptography, Web build-type: Simple extra-source-files: README.md ChangeLog.md@@ -15,7 +16,7 @@  source-repository head   type: git-  location: https://github.com/zalora/zerobin.git+  location: https://github.com/ip1981/zerobin.git  flag nodejs     description: Build a test program for decrypting with Node.js and SJCL.