silentsilas
/
sure
1
0
Fork 0
Code Issues 7 Pull Requests Packages Projects 1 Releases Wiki Activity
sure/index.html

104 lines
4.3 KiB
HTML
Raw Blame History

<!DOCTYPE html>
<html lang="en" class="no-js">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>SURE - Secure URL Requests</title>
<script type="module">
document.documentElement.classList.remove("no-js");
document.documentElement.classList.add("js");
</script>
<meta name="description" content="Securely request information via SURE links" />
<meta property="og:title" content="SURE - Secure URL Requests" />
<meta property="og:description" content="Securely request information via SURE links" />
<meta property="og:image" content="https://sure.dog/img/logo.png" />
<meta property="og:image:alt" content="Abstract logo of the letter S" />
<meta property="og:locale" content="en_US" />
<meta property="og:type" content="website" />
<meta name="twitter:card" content="summary_large_image" />
<meta property="og:url" content="https://sure.dog/" />
<link rel="canonical" href="https://sure.dog/" />
<link rel="icon" href="/favicon.ico" />
<link rel="apple-touch-icon" href="/apple-touch-icon.png" />
<link rel="manifest" href="/manifest.json" />
<meta name="mobile-web-app-capable" content="yes" />
<meta name="apple-mobile-web-app-capable" content="yes" />
<meta name="application-name" content="SURE" />
<meta name="apple-mobile-web-app-title" content="SURE" />
<meta name="theme-color" content="#44a616" />
<meta name="msapplication-navbutton-color" content="#44a616" />
<meta name="apple-mobile-web-app-status-bar-style" content="black-translucent" />
<meta name="msapplication-starturl" content="/" />
</head>
<body>
<header class="container">
<hgroup>
<h1>
SURE
</h1>
<p>
<span style="color: #44a616;">S</span>ecure
<span style="color: #44a616;">U</span>RL
<span style="color: #44a616;">Re</span>quests
</p>
</hgroup>
</header>
<!-- No JS Warning -->
<dialog open class="js-warning">
<article>
<header>No Javascript Detected</header>
<p>
Unfortunately, this site requires Javascript in order to generate
keypairs, save them in localstorage, and encrypt/decrypt data. Please
enable Javascript and refresh the page.
</p>
</article>
</dialog>
<main class="container">
<section>
<div id="app"></div>
<details>
<summary>How it Works:</summary>
<ul>
<li>Each client generates an ECDH keypair, consisting of a public key and a private key.</li>
<li>Your private key is kept in localStorage, and never leaves your device.</li>
<li>Your public key is embedded in the URLs you generate. This key can be safely shared anywhere without
compromising security.</li>
<li>When another client opens your generated URL, they will find your public ECDH key. They then generate a
random IV for this specific message, and use it, along with their private ECDH key and your public ECDH key,
to derive a shared secret (AES-GCM).</li>
<li>This derived shared secret never leaves their device. It is used to encrypt their message to you.
The encrypted message, along with their public key and the IV for this message, are embedded in the URL they
generate.</li>
<li>Upon opening the response URL, your device uses your private ECDH key, along with the public key and IV
from the URL, to recreate the shared secret. This secret is used to decrypt the message. If the message was
properly encrypted using the expected keys, it will be successfully decrypted and displayed to you.</li>
<li>If you clear your browser's local storage, you will not be able to decrypt any response URLs generated
with your previous unique URL.</li>
</ul>
</details>
</section>
</main>
<footer class="container">
<p>
<a href="https://git.silentsilas.com/silentsilas/sure" target="_blank" rel="noopener noreferrer">Source Code</a> |
<a href="https://silentsilas.com" target="_blank" rel="noopener noreferrer">whoami</a>
</p>
</footer>
<script type="module" src="/src/main.ts"></script>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink