Started client
This commit is contained in:
parent
07ab1498e7
commit
96f611f1a1
18
Client.md
Normal file
18
Client.md
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
# GoSmartKeyboard Client
|
||||||
|
|
||||||
|
|
||||||
|
This is the base client, it only connects and authenticates.
|
||||||
|
|
||||||
|
|
||||||
|
The authentication token is loaded from the environment variable `KEYBOARD_AUTH`, if it does not exist we read it from stdin in base64 form, ended with a newline.
|
||||||
|
|
||||||
|
``` go
|
||||||
|
|
||||||
|
--- start client
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
|
||||||
|
```
|
5
Makefile
5
Makefile
@ -1,7 +1,8 @@
|
|||||||
weave:
|
weave:
|
||||||
srcweave --formatter srcweave-format --weave docs/ ReadMe.md security/Authentication.md EnvironmentVariables.md Dependencies.md Server.md Streaming.md
|
srcweave --formatter srcweave-format --weave docs/ ReadMe.md security/Authentication.md EnvironmentVariables.md Dependencies.md Server.md Streaming.md ThreatModel.md
|
||||||
|
util/removefencedcode.py
|
||||||
tangle:
|
tangle:
|
||||||
srcweave --formatter srcweave-format --tangle smartkeyboard/ ReadMe.md security/Authentication.md EnvironmentVariables.md Dependencies.md Server.md Streaming.md
|
srcweave --formatter srcweave-format --tangle smartkeyboard/ ReadMe.md security/Authentication.md EnvironmentVariables.md Dependencies.md Server.md Streaming.md ThreatModel.md
|
||||||
clean:
|
clean:
|
||||||
rm -rf docs
|
rm -rf docs
|
||||||
find smartkeyboard/ -type f -not -name "*_test.go" -delete
|
find smartkeyboard/ -type f -not -name "*_test.go" -delete
|
||||||
|
11
ReadMe.md
11
ReadMe.md
@ -14,6 +14,7 @@ This is done with a simple websocket server meant to accept a single connection,
|
|||||||
|
|
||||||
The goal of this particular daemon is not to perfectly emulate a HID, so it may trip up on Windows UAC or game anticheat systems.
|
The goal of this particular daemon is not to perfectly emulate a HID, so it may trip up on Windows UAC or game anticheat systems.
|
||||||
|
|
||||||
|
A client is included that simply connects and authenticates. It is meant to be used with unix philosophy modules, for example a password manager wrapper. A UI could then wrap the client and said modules.
|
||||||
|
|
||||||
|
|
||||||
## Why a smart keyboard?
|
## Why a smart keyboard?
|
||||||
@ -48,7 +49,8 @@ markdown book is actually the source code
|
|||||||
* Well defined [threat model](ThreatModel.md)
|
* Well defined [threat model](ThreatModel.md)
|
||||||
|
|
||||||
|
|
||||||
# Daemon Entrypoint
|
# Entrypoint
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
Right out of the gate, we make sure a token is provisioned. In the future we will use the system keyring.
|
Right out of the gate, we make sure a token is provisioned. In the future we will use the system keyring.
|
||||||
@ -60,6 +62,12 @@ Then we can start the web server and listen for websocket connections.
|
|||||||
--- entrypoint
|
--- entrypoint
|
||||||
|
|
||||||
func main(){
|
func main(){
|
||||||
|
|
||||||
|
if os.Args[1] == "connect" {
|
||||||
|
@{start client}
|
||||||
|
os.Exit(0)
|
||||||
|
}
|
||||||
|
|
||||||
tokenBase64, _ := auth.ProvisionToken()
|
tokenBase64, _ := auth.ProvisionToken()
|
||||||
fmt.Println(tokenBase64)
|
fmt.Println(tokenBase64)
|
||||||
server.StartServer()
|
server.StartServer()
|
||||||
@ -72,6 +80,7 @@ Then we can start the web server and listen for websocket connections.
|
|||||||
package main
|
package main
|
||||||
|
|
||||||
import(
|
import(
|
||||||
|
"os"
|
||||||
"fmt"
|
"fmt"
|
||||||
"keyboard.voidnet.tech/server"
|
"keyboard.voidnet.tech/server"
|
||||||
"keyboard.voidnet.tech/auth"
|
"keyboard.voidnet.tech/auth"
|
||||||
|
@ -1 +1,7 @@
|
|||||||
# GoSmartKeyboard Threat Model
|
# GoSmartKeyboard Threat Model
|
||||||
|
|
||||||
|
|
||||||
|
GoSmartKeyboard assumes that it is running behind a reverse proxy that provides TLS termination. This is a common setup for web applications, and is the default configuration for the [Caddy](https://caddyserver.com/) web server.
|
||||||
|
|
||||||
|
The daemon is intended to be used by a single user, with the client used by the same person.
|
||||||
|
It is not recommended to use this over the internet, as it is intended for the user to be able to physically see the screen.
|
@ -47,9 +47,9 @@ if authTokenFileIsSet == false {
|
|||||||
|
|
||||||
## Checking authentication
|
## Checking authentication
|
||||||
|
|
||||||
When a client connects, the [websocket server](Server.md) checks the token they send against the stored token.
|
When a client connects, the [websocket endpoint](Server.md) checks the token they send against the stored token.
|
||||||
|
|
||||||
We use a constant time comparison to avoid timing attacks.
|
We use a constant time comparison to avoid timing attacks, although it is not clear if this is necessary in this case.
|
||||||
|
|
||||||
|
|
||||||
``` go
|
``` go
|
||||||
|
Loading…
Reference in New Issue
Block a user