Skip to content

Commit dee6a29

Browse files
committed
Add blog post on how to setup end-to-end encryption
1 parent cf4e27a commit dee6a29

6 files changed

Lines changed: 279 additions & 34 deletions

File tree

api/cmd/loadtest/main.go

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -63,9 +63,9 @@ func sendSingle() {
6363
Host("leading-puma-internal.ngrok-free.app").
6464
Header("x-api-key", os.Getenv("HTTPSMS_KEY")).
6565
BodyJSON(&map[string]any{
66-
"content": encrypt(fmt.Sprintf("%s", time.Now())),
66+
"content": encrypt("This is a test text message"),
6767
"from": os.Getenv("HTTPSMS_FROM"),
68-
"to": os.Getenv("HTTPSMS_TO_BULK"),
68+
"to": os.Getenv("HTTPSMS_FROM"),
6969
"encrypted": true,
7070
"request_id": fmt.Sprintf("load-%s-%d", uuid.NewString(), i),
7171
}).
@@ -79,7 +79,7 @@ func sendSingle() {
7979
}
8080

8181
func encrypt(value string) string {
82-
key := sha256.Sum256([]byte(os.Getenv("HTTPSMS_ENCRYPTION_KEY")))
82+
key := sha256.Sum256([]byte("Password123"))
8383
iv := make([]byte, 16)
8484
_, err := rand.Read(iv)
8585
if err != nil {
@@ -88,6 +88,7 @@ func encrypt(value string) string {
8888
c := ase256(value, key[:], iv)
8989
fmt.Println("iv", base64.StdEncoding.EncodeToString(iv))
9090
fmt.Println("cypher", base64.StdEncoding.EncodeToString(c))
91+
fmt.Println("cypher+iv", base64.StdEncoding.EncodeToString(append(iv, c...)))
9192
return base64.StdEncoding.EncodeToString(append(iv, c...))
9293
}
9394

Lines changed: 253 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,253 @@
1+
<template>
2+
<v-container class="pt-8">
3+
<v-row class="mt-16">
4+
<v-col cols="12" md="9">
5+
<h1
6+
class="mt-1"
7+
:class="{
8+
'text-h2': $vuetify.breakpoint.mdAndUp,
9+
'text-h3': !$vuetify.breakpoint.mdAndUp,
10+
}"
11+
>
12+
Secure your conversations by encrypting your SMS messages end-to-end
13+
</h1>
14+
<p class="subtitle-2 mt-2">
15+
<span class="text-uppercase blue--text">{{ postDate }}</span>
16+
• <span class="text-uppercase">{{ readTime }}</span>
17+
</p>
18+
<p class="text--secondary subtitle-1 mt-2">
19+
We have added support for end-to-end encryption for SMS messages so
20+
that no one can see the content of the messages you send using httpSMS
21+
except you.
22+
</p>
23+
<p>
24+
The way it works is that you set up an encryption key which you use to
25+
encrypt your messages before making an API request to httpSMS and you
26+
also use the same key to decrypt the messages you receive from httpSMS
27+
via our
28+
<a href="https://docs.httpsms.com/webhooks/introduction"
29+
>webhook events</a
30+
>. We are using the
31+
<a href="https://en.wikipedia.org/wiki/Advanced_Encryption_Standard"
32+
>AES 265</a
33+
>
34+
encryption algorithm to encrypt and decrypt the messages.
35+
</p>
36+
<h3 class="text-h4 mt-8 mb-2">Setup your encryption key</h3>
37+
<p>
38+
<a
39+
target="_blank"
40+
class="text-decoration-none"
41+
href="https://github.com/NdoleStudio/httpsms/releases/latest/download/HttpSms.apk"
42+
>⬇️ Download and install</a
43+
>
44+
the httpSMS Android app on your phone and set you encryption key under
45+
the <b>App Settings</b> page of the app.
46+
</p>
47+
<v-img
48+
style="border-radius: 4px"
49+
alt="httpsms android app"
50+
height="800"
51+
contain
52+
:src="
53+
require('@/static/img/blog/end-to-end-encryption-to-sms-messages/encryption-key-android.png')
54+
"
55+
></v-img>
56+
<h3 class="text-h4 mb-4 mt-16">Encrypt your SMS message</h3>
57+
<p>
58+
We use the AES-265 encryption algorithm to encrypt the SMS messages.
59+
This algorithm requires a an encryption key which is 256 bits to work
60+
around this, we will hash your encryption key you set on the mobile
61+
app using the sha-265 algorithm so that it will produces a key which
62+
is always 256 bits.
63+
</p>
64+
<p>
65+
The AES algorithm also has an initialization vector (IV) parameter
66+
which is used to ensure that the same value encrypted multiple times
67+
will not produce the same encrypted value. The IV is 16 bits and it is
68+
appended to the encrypted message before encoding in base64.
69+
</p>
70+
<p>
71+
When you use our client libraries it will automatically take care of
72+
encrypting your message so you don't have to deal with creating the
73+
initialization vector and encoding the payload yourself.
74+
</p>
75+
<v-tabs v-model="selectedTab" show-arrows>
76+
<v-tab href="#go">
77+
<v-icon color="#efd81d" class="mr-1">{{ mdiLanguageGo }}</v-icon>
78+
Go
79+
</v-tab>
80+
</v-tabs>
81+
<v-tabs-items v-model="selectedTab">
82+
<v-tab-item value="go">
83+
<pre v-highlight class="go w-full mb-n12">
84+
<code>import "github.com/NdoleStudio/httpsms-go"
85+
86+
client := htpsms.New(htpsms.WithAPIKey(/* API Key from https://httpsms.com/settings */))
87+
88+
key := "Password123" // use the same key on the Android app
89+
encryptedMessage := client.Cipher.Encrypt(key, "This is a test text message")
90+
91+
// The encrypted message looks like this
92+
// Qk3XGN5+Ax38Ig01m4AqaP6Y0b0wYpCXtx59sU23uVLWUU/c7axF7LozDg==
93+
</code>
94+
</pre>
95+
</v-tab-item>
96+
</v-tabs-items>
97+
<h3 class="text-h4 mt-6">Send an encrypted message</h3>
98+
<p>
99+
After generating the encrypted message payload, you can send it
100+
directly using the httpSMS API. Make sure to set
101+
<code>encrypted: true</code> in the JSON request payload so that
102+
httpSMS knows that the message is encrypted and it will be decoded in
103+
the Android app before sending to your recipient.
104+
</p>
105+
<v-tabs v-model="selectedTab" show-arrows>
106+
<v-tab href="#go">
107+
<v-icon color="#efd81d" class="mr-1">{{ mdiLanguageGo }}</v-icon>
108+
Go
109+
</v-tab>
110+
</v-tabs>
111+
<v-tabs-items v-model="selectedTab">
112+
<v-tab-item value="go">
113+
<pre v-highlight class="go w-full mb-n12">
114+
<code>import "github.com/NdoleStudio/httpsms-go"
115+
116+
client.Messages.Send(context.Background(), &httpsms.MessageSendParams{
117+
Content: encryptedMessage,
118+
From: "+18005550199",
119+
To: "+18005550100",
120+
Encrypted: true,
121+
})
122+
</code>
123+
</pre>
124+
</v-tab-item>
125+
</v-tabs-items>
126+
<p class="mt-4">
127+
When you make the API request, the message will be decrypted before
128+
sending to the recipient. This is a screenshot of the SMS message
129+
which is sent to the recipient.
130+
</p>
131+
<v-img
132+
style="border-radius: 4px"
133+
alt="httpsms android app"
134+
height="800"
135+
contain
136+
:src="
137+
require('@/static/img/blog/end-to-end-encryption-to-sms-messages/send-sms-message.png')
138+
"
139+
></v-img>
140+
<h3 class="text-h4 mb-4 mt-16">Receiving an encrypted message</h3>
141+
<p>
142+
When your android phone receives a new message, it will be encrypted
143+
with the encryption Key on your Android phone before it is delivered
144+
to your server's webhook endpoint. You can configure webhooks by
145+
following
146+
<a
147+
href="https://httpsms.com/blog/forward-incoming-sms-from-phone-to-webhook"
148+
>this guide.</a
149+
>
150+
</p>
151+
<v-tabs v-model="selectedTab" show-arrows>
152+
<v-tab href="#go">
153+
<v-icon color="#efd81d" class="mr-1">{{ mdiLanguageGo }}</v-icon>
154+
Go
155+
</v-tab>
156+
</v-tabs>
157+
<v-tabs-items v-model="selectedTab">
158+
<v-tab-item value="go">
159+
<pre v-highlight class="go w-full mb-n12">
160+
<code>import "github.com/NdoleStudio/httpsms-go"
161+
162+
client := htpsms.New(htpsms.WithAPIKey(/* API Key from https://httpsms.com/settings */))
163+
164+
// The payload in the webhook HTTP request looks like this
165+
/*
166+
{
167+
"specversion": "1.0",
168+
"id": "8dca3b0a-446a-4a5d-8d2a-95314926c4ed",
169+
"source": "/v1/messages/receive",
170+
"type": "message.phone.received",
171+
"datacontenttype": "application/json",
172+
"time": "2024-01-21T12:27:29.1605708Z",
173+
"data": {
174+
"message_id": "0681b838-4157-44bb-a4ea-721e40ee7ca7",
175+
"user_id": "XtABz6zdeFMoBLoltz6SREDvRSh2",
176+
"owner": "+37253920216",
177+
"encrypted": true,
178+
"contact": "+37253920216",
179+
"timestamp": "2024-01-21T12:27:17.949Z",
180+
"content": "bdmZ7n6JVf/ST+SoNlSaOGUL1DcL5705ETw8GAB4llYBgE9HOOL+Pu/h+w==",
181+
"sim": "SIM1"
182+
}
183+
}
184+
*/
185+
186+
encryptedMessage = "bdmZ7n6JVf/ST+SoNlSaOGUL1DcL5705ETw8GAB4llYBgE9HOOL+Pu/h+w==" // get the encrypted message from the request payload
187+
key := "Password123" // use the same key on the Android app
188+
decryptedMessage := client.Cipher.Decrypt(key, encryptedMessage)
189+
190+
// This is a test text message
191+
</code>
192+
</pre>
193+
</v-tab-item>
194+
</v-tabs-items>
195+
<h3 class="text-h4 mt-12">Conclusion</h3>
196+
<p>
197+
Congratulations, you have successfully configured your Android phone
198+
to send and receive SMS messages with end-to-end encryption. Don't
199+
hesitate to contact us if you face any problems while following this
200+
guide.
201+
</p>
202+
<blog-author-bio></blog-author-bio>
203+
<v-divider class="mx-16"></v-divider>
204+
<div class="text-center mt-8 mb-4">
205+
<back-button></back-button>
206+
</div>
207+
</v-col>
208+
<v-col v-if="$vuetify.breakpoint.mdAndUp" md="3">
209+
<blog-info></blog-info>
210+
</v-col>
211+
</v-row>
212+
</v-container>
213+
</template>
214+
215+
<script lang="ts">
216+
import { mdiLanguageGo, mdiTwitter } from '@mdi/js'
217+
export default {
218+
name: 'EndToEndEncryptionToSmsMessages',
219+
layout: 'website',
220+
data() {
221+
return {
222+
mdiTwitter,
223+
mdiLanguageGo,
224+
selectedTab: 'go',
225+
authorImage: require('@/assets/img/arnold.png'),
226+
authorName: 'Acho Arnold',
227+
postDate: 'January 21, 2024',
228+
readTime: '10 min read',
229+
authorTwitter: 'acho_arnold',
230+
}
231+
},
232+
head() {
233+
return {
234+
title:
235+
'Secure your conversations with end-to-end encryption for SMS messages - httpSMS',
236+
meta: [
237+
{
238+
hid: 'og:title',
239+
property: 'og:title',
240+
content:
241+
'Secure your conversations with end-to-end encryption for SMS messages',
242+
},
243+
{
244+
hid: 'og:description',
245+
property: 'og:description',
246+
content:
247+
'Configure your Android phone as an SMS gateway to automate sending text messages with the Python programing language.',
248+
},
249+
],
250+
}
251+
},
252+
}
253+
</script>

web/pages/blog/index.vue

Lines changed: 13 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
<v-row class="mt-16">
44
<v-col cols="12" md="9">
55
<v-row>
6-
<v-col v-for="post in blogPosts" :key="post.route" cols="12" md="6">
6+
<v-col v-for="post in blogPosts" :key="post.route" cols="12">
77
<v-hover v-slot="{ hover }">
88
<vue-glow
99
color="#329ef4"
@@ -65,6 +65,18 @@ export default {
6565
mdiTwitter,
6666
mdiGithub,
6767
blogPosts: [
68+
{
69+
route: '/blog/end-to-end-encryption-to-sms-messages',
70+
title:
71+
'Secure your conversations with end-to-end encryption for SMS messages',
72+
date: 'January 21, 2024',
73+
readTime: '10 min read',
74+
authorImage: require('@/assets/img/arnold.png'),
75+
description:
76+
'Take control of your privacy by encrypting your SMS messages end-to-end. Safeguard your messages from prying eyes, ensuring absolute confidentiality.',
77+
authorName: 'Acho Arnold',
78+
authorTwitter: 'acho_arnold',
79+
},
6880
{
6981
route:
7082
'/blog/send-sms-when-new-row-is-added-to-google-sheets-using-zapier',

web/pages/index.vue

Lines changed: 9 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -18,11 +18,11 @@
1818
'mt-8': $vuetify.breakpoint.smAndDown,
1919
}"
2020
>
21-
Convert your android phone into an SMS gateway.
21+
Convert your Android phone into an SMS gateway.
2222
</h1>
2323
<h2 class="text--secondary text-h5 mt-8 mb-8">
24-
Use your android phone to send and receive SMS messages using a
25-
simple programmable API with end-to-end encryption.
24+
<b>Save money</b> by using your phone to send and receive SMS
25+
messages via a simple programmable API with end-to-end encryption.
2626
</h2>
2727
<div :class="{ 'text-center': $vuetify.breakpoint.mdAndDown }">
2828
<v-btn
@@ -256,16 +256,14 @@
256256
<div>
257257
<h3 class="text-h3 mb-1">Encryption 🔐</h3>
258258
<h5 class="text-h6 mb-3 font-weight-light">
259-
You can encrypt your messages end-to-end using the military
260-
grade
259+
Take control of your privacy with our end-to-end encrypted SMS
260+
feature. Safeguard your messages from prying eyes, ensuring
261+
absolute confidentiality using the military grade
261262
<a
262263
href="https://en.wikipedia.org/wiki/Advanced_Encryption_Standard"
263264
>AES-256 encryption</a
264265
>
265-
algorithm. Your encryption key is stored only on our mobile
266-
phone so our servers won't have any way to view the content of
267-
your SMS messages which are sent and received on your Android
268-
phone.
266+
algorithm.
269267
</h5>
270268
</div>
271269
</v-col>
@@ -745,7 +743,7 @@ Console.WriteLine(await response.Content.ReadAsStringAsync());
745743
</v-sheet>
746744
<v-container>
747745
<v-row class="mt-16">
748-
<v-col>
746+
<v-col md="8" offset-md="2">
749747
<h2 class="text-h3 text-center">Frequently Asked Questions</h2>
750748
<h4 class="text-center text-h6 mt-4 text--secondary">
751749
If you still cannot find the answer to your question,
@@ -755,7 +753,7 @@ Console.WriteLine(await response.Content.ReadAsStringAsync());
755753
</v-col>
756754
</v-row>
757755
<v-row>
758-
<v-col>
756+
<v-col md="8" offset-md="2" class="mb-16">
759757
<v-expansion-panels focusable>
760758
<v-expansion-panel>
761759
<v-expansion-panel-header class="text-h6">
@@ -798,25 +796,6 @@ Console.WriteLine(await response.Content.ReadAsStringAsync());
798796
</v-expansion-panels>
799797
</v-col>
800798
</v-row>
801-
<client-only>
802-
<v-row>
803-
<v-col class="text-center pb-16" md="6" offset-md="3">
804-
<p class="text-h6 text--secondary mt-6 mb-4">
805-
Subscribe to my newsletter where I share new features and updates
806-
on httpSMS.
807-
</p>
808-
<v-progress-circular
809-
v-if="!substackLoaded"
810-
indeterminate
811-
size="40"
812-
width="2"
813-
class="mt-8"
814-
color="primary"
815-
></v-progress-circular>
816-
<div id="custom-substack-embed" ref="substackEmbed"></div>
817-
</v-col>
818-
</v-row>
819-
</client-only>
820799
</v-container>
821800
</div>
822801
</template>
83.7 KB
Loading
140 KB
Loading

0 commit comments

Comments
 (0)