TL;DR: Secure Snippet is an anonymous secure way to share snippets. All the content is ciphered (AES) and you are the only one to know the key, even the admin can't read the content.

Motivations

Sharing plain text file like code or document is very easy nowadays with some services as Gist or Pastebin. Those solutions are great but what if you want to limit access to the content including to the service provider?

Secure Snippet address this issue, providing an easy way to exchange securely some files. Entire shared content is ciphered using AES algorithm directly on the client side who is the only key owner.

Features

How to test it

A maven (version 3) installation is required (and thus Java platform).

To compile the source code:

mvn package

The packaging methods have produced run script in target/bin. Simply run it to launch Tomcat server:

sh target/bin/webapp

The server should be running at localhost:8080.

See rc/main/resources/META-INF/persistence.xml for details about database configuration. Default test settings will store all the database in memory, thing you may want to avoid with a real service.

Technologies

Secure Snippet is a JEE application, it uses the Spring framework to power the REST API and HSQLDB through Hibernate to store ciphered information. Dependencies are managed using Maven.

The web interface is full HTML5, CSS3 and JavaScript.

This service is standalone, it can be deployed without any requirements, the web server is a embedded Tomcat.

Database schema

Secure Snippet DB Schema

The description field are optional and ciphered. The lifetime is the number of days the snippet remains accessible, if not defined it will not expire.

A snippet is composed of one or multiple files defined by the name. The default type is raw text but can be anything.

The content of the file is stored ciphered in a file linked by a reference in the database. The file content is not stored directly in the database for performance.

Screenshots

Add a new Snippet

Snippet uploaded

View Snippet