According to Wikipedia, Harpocrates is the Greek god of silence, secrets, and confidentiality. Wikipedia
Cryptography, specifically encryption, is the process of making text unintelligible, or "making it secret" Fruhlinger.
harpocrates-web-backend is a Spring Boot application that provides functionality to create encrypted secrets, with a set amount of views, linked to a single ID. This ID is the key - if you have the ID, you can fetch and view the secret contents. You can also burn any secret by its ID as well.
I wanted to create a secret-share site like https://onetimesecret.com. Harpocrates is a personal side project that allowed me to migrate away from Spring 2.7 and experiment with Spring 3.
The goal is to make it simple, so that it can be easily ran locally, via a container, or using docker-compose. The goal is to allow someone to pull down the repo, then run it easily.
Harpocrates is available to be run locally, as a Docker container, or via docker-compose.
Harpocrates relies on the following configuration to work correctly:
SERVER_PORT- defaults to 8080 if not providedHARPOCRATES_SECRET_KEY- highly recommended that a custom, 16 character string is used hereHARPOCRATES_INIT_VECTOR- highly recommended that a custom, 16 character string is used hereREDIS_DATABASE- defaults to0if not providedREDIS_HOST- defaults to0.0.0.0if not providedREDIS_PORT- defaults to6379if not providedREDIS_PASSWORD- highly recommended that a custom password is providedREDIS_TIMEOUT- defaults to 60000 if not provided
To run locally, first you'll need to ensure you have a Redis connection available.
Set the relevant environment variables to work with Harpocrates configuration, then run the app.
To run as a Docker container, you will first need to build the project with gradle.
A Makefile command make app/build is provided to simplify this.
You can use the provided Dockerfile to build the image, then run the container with the relevant environment variables to work with Harpocrates configuration.
To run with docker-compose, you can utilize the provided docker-compose.yml file.
First, you'll need to build the project with gradle.
A Makefile command make app/build is provided to simplify this.
Then, you can use the docker-compose.yml file and provide it your configuration to work with Harpocrates.
Alternatively, you can create a .env file and fill in the relevant configuration properties there, then use the Makefile command make docker/compose-with-env if your .env file is in the root.
Otherwise, you can use docker-compose and point it at your .env file if it's in a different location: docker compose --env-file <your .env file> up --build.
An example of an .env file can be based off the .env.example file.
A codec is a device or program that encodes or decodes data.
The encryption codec used in Harpocrates is configured to use the AES algorithm, specifically the AES/CBC/PKCS5Padding transformation.
The codec relies on two pieces of configuration:
- A secret key
- An init vector
Both the secret key and the init vector must be 16 byte strings, otherwise InvalidKeyException or InvalidAlgorithmParameterException exceptions can be encountered.
The secret key and init vector are tied to the following application properties:
harpocrates.secret.keyharpocrates.init.vector
The Swagger UI interface can be found at /api/swagger-ui/index.html
The OpenAPI specification can be found at /api/docs
- Allow for other persistence sources to be used, like Postgres or MySQL
- Improve READMe
- Add vulnerability monitoring
- Add code quality monitoring
- Add lifetime to secrets, automatically burning them once the lifetime has been reached
Harpocrates. (n.d.). In Wikipedia. Retrieved August 6, 2023, from https://en.wikipedia.org/wiki/Harpocrates
Fruhlinger, J. (2022, May 22). What is cryptography? How algorithms keep information secret and safe. https://www.csoonline.com/article/569921/what-is-cryptography-how-algorithms-keep-information-secret-and-safe.html