Key specs

1. --- Server specification ---
2.  
3. INCOMING MESSAGE
4. POST <url>
5. <payload>
6.  
7. if url="/key": payload is a 32 byte octet stream (AES256 key)
8. if url="/id": payload is a 64 byte octet stream (SHA512 hash)
9.  
10.  
11. OUTGOING MESSAGE
12. <status>
13. <payload>
14.  
15. if status=200|201:
16. if url="/key": payload is a 64 byte octet stream (SHA512 hash)
17. if url="/id": payload is a 32 byte octet stream (AES256 key)
18.  
19. Possible error status codes:
20. 400 Bad Request
21. 401 Unauthorized
22. 402 Payment Required
23. 406 Not Acceptable
24. 429 Too Many Requests
25. 500 Internal Server Error
26.  
27.  
28.  
29. CRYPTO PATH
30. /key:
31. AES256-key -> SHA512-keyhash => obj.id (obj: item of the JSON store)
32. " " -> AES256-enckey => obj.key
33. passphrase -^ (passphrase given as stdin)
34.  
35. /id:
36. SHA512-id -> [compare to keyhash]
37. obj.key => AES256-enckey -> AES256-key -> SHA512-keyhash
38. ....... passphrase -^
39. [if keyhash =/= id: passphrase wrong, unauthorized!]
40. [else: return payment status]
41.  
42. Note: To use the passphrase as AES256 key, it has to be 32 bytes large.
43. E.g. make a SHA256 hash from the stdin
44.  
45. ---