Werid behavior of API about yabin HOT 3 OPEN

1. cannot create a new paste using the same initVector

That is intentional. https://crypto.stackexchange.com/a/28980 states that the initVector can be public, but must be unique. There's a check on the server side that only allows for unique initVectors.

However, it should not return Internal Error. I will fix the error message.

2. meaning of encrypted and passwordProtected
   It seems like on the API side, encrypted and passwordProtected have no effect on enhancing data security, cause it always return full information of a paste.

encrypted and passwordProtected are just for indicating to the server that the data is encrypted with AES-256-GCM (and passwordProtected with SHA-512-PBKDF2 + 310,000 iterations). It is returning plaintext since you sent the data to the server in plaintext, and I do not want any sort of encryption to happen on the server side (since this might potentially allow someone to decode your message by storing the keys on the server. If you send encrypted: true, it is your job to encrypt the data and then send it.

To deal with this, I am making a simple CLI client (#5), using Python. I will also improve the API documentation.

from yabin.

1. cannot create a new paste using the same initVector

That is intentional. https://crypto.stackexchange.com/a/28980 states that the initVector can be public, but must be unique. There's a check on the server side that only allows for unique initVectors.

However, it should not return Internal Error. I will fix the error message.

What is the expected error message over here? I may resolve it @Yureien

from yabin.

Will "Not unique Initvector" work?

from yabin.