Started client

This commit is contained in:
Kevin F 2022-12-31 19:23:52 -06:00
parent 07ab1498e7
commit 96f611f1a1
5 changed files with 40 additions and 6 deletions

18
Client.md Normal file
View File

@ -0,0 +1,18 @@
# GoSmartKeyboard Client
This is the base client, it only connects and authenticates.
The authentication token is loaded from the environment variable `KEYBOARD_AUTH`, if it does not exist we read it from stdin in base64 form, ended with a newline.
``` go
--- start client
---
```

View File

@ -1,7 +1,8 @@
weave:
srcweave --formatter srcweave-format --weave docs/ ReadMe.md security/Authentication.md EnvironmentVariables.md Dependencies.md Server.md Streaming.md
srcweave --formatter srcweave-format --weave docs/ ReadMe.md security/Authentication.md EnvironmentVariables.md Dependencies.md Server.md Streaming.md ThreatModel.md
util/removefencedcode.py
tangle:
srcweave --formatter srcweave-format --tangle smartkeyboard/ ReadMe.md security/Authentication.md EnvironmentVariables.md Dependencies.md Server.md Streaming.md
srcweave --formatter srcweave-format --tangle smartkeyboard/ ReadMe.md security/Authentication.md EnvironmentVariables.md Dependencies.md Server.md Streaming.md ThreatModel.md
clean:
rm -rf docs
find smartkeyboard/ -type f -not -name "*_test.go" -delete

View File

@ -14,6 +14,7 @@ This is done with a simple websocket server meant to accept a single connection,
The goal of this particular daemon is not to perfectly emulate a HID, so it may trip up on Windows UAC or game anticheat systems.
A client is included that simply connects and authenticates. It is meant to be used with unix philosophy modules, for example a password manager wrapper. A UI could then wrap the client and said modules.
## Why a smart keyboard?
@ -48,7 +49,8 @@ markdown book is actually the source code
* Well defined [threat model](ThreatModel.md)
# Daemon Entrypoint
# Entrypoint
Right out of the gate, we make sure a token is provisioned. In the future we will use the system keyring.
@ -60,6 +62,12 @@ Then we can start the web server and listen for websocket connections.
--- entrypoint
func main(){
if os.Args[1] == "connect" {
@{start client}
os.Exit(0)
}
tokenBase64, _ := auth.ProvisionToken()
fmt.Println(tokenBase64)
server.StartServer()
@ -72,6 +80,7 @@ Then we can start the web server and listen for websocket connections.
package main
import(
"os"
"fmt"
"keyboard.voidnet.tech/server"
"keyboard.voidnet.tech/auth"

View File

@ -1 +1,7 @@
# GoSmartKeyboard Threat Model
# GoSmartKeyboard Threat Model
GoSmartKeyboard assumes that it is running behind a reverse proxy that provides TLS termination. This is a common setup for web applications, and is the default configuration for the [Caddy](https://caddyserver.com/) web server.
The daemon is intended to be used by a single user, with the client used by the same person.
It is not recommended to use this over the internet, as it is intended for the user to be able to physically see the screen.

View File

@ -47,9 +47,9 @@ if authTokenFileIsSet == false {
## Checking authentication
When a client connects, the [websocket server](Server.md) checks the token they send against the stored token.
When a client connects, the [websocket endpoint](Server.md) checks the token they send against the stored token.
We use a constant time comparison to avoid timing attacks.
We use a constant time comparison to avoid timing attacks, although it is not clear if this is necessary in this case.
``` go