Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

gpg encryption support #162

Merged
merged 18 commits into from
Mar 11, 2023
Merged

gpg encryption support #162

merged 18 commits into from
Mar 11, 2023

Conversation

aspacca
Copy link
Collaborator

@aspacca aspacca commented Oct 6, 2018

X-Encrypt-Password/X-Decrypt-Password headers work seemingless as in gpg piping shell examples

@aspacca aspacca requested a review from nl5887 October 6, 2018 17:07
@aspacca
Copy link
Collaborator Author

aspacca commented Oct 6, 2018

  • missing tests
  • missing updated doc

@aspacca aspacca mentioned this pull request Jul 14, 2019
Open
@aspacca aspacca removed the request for review from nl5887 August 22, 2021 16:24
@JacksonChen666
Copy link

JacksonChen666 commented Dec 16, 2021
edited
Loading

the idea of the server managing the encryption instead of the client makes it not end to end encrypted, plus the password could be read by the server anyways.
while it is encrypted at rest, there is nothing preventing the servers from reading the headers for the password. there's also nothing preventing the server from not encrypting at all.
so, if you want encryption for secret stuff, encrypt it before you even send it to the server.

@aspacca aspacca mentioned this pull request Mar 1, 2022
Closed
@aspacca aspacca added the wip label Mar 2, 2022
@aspacca
Copy link
Collaborator Author

aspacca commented Sep 12, 2022

@stefanbenten what do you think of this?
I've refectored in order to use a maintained opengpg library

@aspacca aspacca added reviewer-can-merge This Pull Request is fine to merge after approval. and removed wip labels Sep 12, 2022
@aspacca aspacca added wip and removed reviewer-can-merge This Pull Request is fine to merge after approval. labels Sep 12, 2022
@aspacca aspacca removed the wip label Sep 14, 2022
@aspacca
Update README.md
6bb5548 
do not reference server public hosting version in encrypt/decrypt headers example
@stefanbenten
Copy link
Collaborator

I'll review this today :)

@aspacca
Copy link
Collaborator Author

aspacca commented Nov 29, 2022

@stefanbenten did you have a chance to review?
I'd like to merge it

stefanbenten
stefanbenten approved these changes Dec 1, 2022
View reviewed changes
Copy link
Collaborator

@stefanbenten stefanbenten left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Small code styling comments, overall looks good.
Will do a staging test now, if you do not hear from me until midnight UTC, assume it worked :)

server/handlers.go Show resolved Hide resolved
server/handlers.go Show resolved Hide resolved
@issadarkthing
Copy link

Has this been tested yet?

@aspacca
Copy link
Collaborator Author

aspacca commented Feb 10, 2023

Has this been tested yet?

going to merge soon

@aspacca
Copy link
Collaborator Author

aspacca commented Feb 11, 2023

indeed will wait #527 before

@aspacca aspacca mentioned this pull request Mar 10, 2023
Closed
@aspacca aspacca merged commit 3b777e1 into main Mar 11, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stefanbenten stefanbenten stefanbenten approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@aspacca @JacksonChen666 @stefanbenten @issadarkthing