Started client

Client.md

@@ -0,0 +1,18 @@
+# GoSmartKeyboard Client
+
+
+This is the base client, it only connects and authenticates.
+
+
+The authentication token is loaded from the environment variable `KEYBOARD_AUTH`, if it does not exist we read it from stdin in base64 form, ended with a newline.
+
+``` go
+
+--- start client
+
+
+
+---
+
+
+```

Makefile

@@ -1,7 +1,8 @@
 weave:
-	srcweave --formatter srcweave-format --weave docs/ ReadMe.md security/Authentication.md EnvironmentVariables.md Dependencies.md Server.md Streaming.md
+	srcweave --formatter srcweave-format --weave docs/ ReadMe.md security/Authentication.md EnvironmentVariables.md Dependencies.md Server.md Streaming.md ThreatModel.md
+	util/removefencedcode.py
 tangle:
-	srcweave --formatter srcweave-format --tangle smartkeyboard/ ReadMe.md security/Authentication.md EnvironmentVariables.md Dependencies.md Server.md Streaming.md
+	srcweave --formatter srcweave-format --tangle smartkeyboard/ ReadMe.md security/Authentication.md EnvironmentVariables.md Dependencies.md Server.md Streaming.md ThreatModel.md
 clean:
 	rm -rf docs
 	find smartkeyboard/ -type f -not -name "*_test.go" -delete

ReadMe.md

@@ -14,6 +14,7 @@ This is done with a simple websocket server meant to accept a single connection,
 
 The goal of this particular daemon is not to perfectly emulate a HID, so it may trip up on Windows UAC or game anticheat systems.
 
+A client is included that simply connects and authenticates. It is meant to be used with unix philosophy modules, for example a password manager wrapper. A UI could then wrap the client and said modules.
 
 
 ## Why a smart keyboard?
@@ -48,7 +49,8 @@ markdown book is actually the source code
 * Well defined [threat model](ThreatModel.md)
 
 
-# Daemon Entrypoint
+# Entrypoint
+
 
 
 Right out of the gate, we make sure a token is provisioned. In the future we will use the system keyring.
@@ -60,6 +62,12 @@ Then we can start the web server and listen for websocket connections.
 --- entrypoint
 
     func main(){
+        
+        if os.Args[1] == "connect" {
+            @{start client}
+            os.Exit(0)
+        }
+
         tokenBase64, _ := auth.ProvisionToken()
         fmt.Println(tokenBase64)
         server.StartServer()
@@ -72,6 +80,7 @@ Then we can start the web server and listen for websocket connections.
     package main
 
     import(
+        "os"
         "fmt"
         "keyboard.voidnet.tech/server"
         "keyboard.voidnet.tech/auth"

ThreatModel.md

@@ -1 +1,7 @@
 # GoSmartKeyboard Threat Model
+
+
+GoSmartKeyboard assumes that it is running behind a reverse proxy that provides TLS termination. This is a common setup for web applications, and is the default configuration for the [Caddy](https://caddyserver.com/) web server.
+
+The daemon is intended to be used by a single user, with the client used by the same person.
+It is not recommended to use this over the internet, as it is intended for the user to be able to physically see the screen.

security/Authentication.md

@@ -47,9 +47,9 @@ if authTokenFileIsSet == false {
 
 ## Checking authentication
 
-When a client connects, the [websocket server](Server.md) checks the token they send against the stored token.
+When a client connects, the [websocket endpoint](Server.md) checks the token they send against the stored token.
 
-We use a constant time comparison to avoid timing attacks.
+We use a constant time comparison to avoid timing attacks, although it is not clear if this is necessary in this case.
 
 
 ``` go