func saveKey(path string, key *otr.PrivateKey) { var rawKey []byte establishDir(true) rawKey = key.Serialize(rawKey) base64Key := make([]byte, base64.StdEncoding.EncodedLen(len(rawKey))) base64.StdEncoding.Encode(base64Key, rawKey) if err := ioutil.WriteFile(path, base64Key, 0600); err != nil { exitError(err) } }
func enroll(config *Config, term *terminal.Terminal) bool { var err error warn(term, "Enrolling new config file") var domain string for { term.SetPrompt("Account (i.e. [email protected], enter to quit): ") if config.Account, err = term.ReadLine(); err != nil || len(config.Account) == 0 { return false } parts := strings.SplitN(config.Account, "@", 2) if len(parts) != 2 { alert(term, "invalid username (want user@domain): "+config.Account) continue } domain = parts[1] break } term.SetPrompt("Resource name (i.e. work, enter for empty): ") if config.Resource, err = term.ReadLine(); err != nil { return false } const debugLogFile = "/tmp/xmpp-client-debug.log" term.SetPrompt("Enable debug logging to " + debugLogFile + " (y/n)?: ") if debugLog, err := term.ReadLine(); err != nil || !isYes(debugLog) { info(term, "Not enabling debug logging...") } else { config.RawLogFile = debugLogFile info(term, "Debug logging enabled.") } term.SetPrompt("Use Tor (y/n)?: ") if useTorQuery, err := term.ReadLine(); err != nil || !isYes(useTorQuery) { info(term, "Not using Tor...") config.UseTor = false } else { info(term, "Using Tor...") config.UseTor = true } term.SetPrompt("File to import libotr private key from (enter to generate): ") var priv otr.PrivateKey for { importFile, err := term.ReadLine() if err != nil { return false } if len(importFile) > 0 { privKeyBytes, err := ioutil.ReadFile(importFile) if err != nil { alert(term, "Failed to open private key file: "+err.Error()) continue } if !priv.Import(privKeyBytes) { alert(term, "Failed to parse libotr private key file (the parser is pretty simple I'm afraid)") continue } break } else { info(term, "Generating private key...") priv.Generate(rand.Reader) break } } config.PrivateKey = priv.Serialize(nil) config.OTRAutoAppendTag = true config.OTRAutoStartSession = true config.OTRAutoTearDown = false // List well known Tor hidden services. knownTorDomain := map[string]string{ "jabber.ccc.de": "okj7xc6j2szr2y75.onion", "riseup.net": "4cjw6cwpeaeppfqz.onion", "jabber.calyxinstitute.org": "ijeeynrc6x2uy5ob.onion", "jabber.otr.im": "5rgdtlawqkcplz75.onion", "wtfismyip.com": "ofkztxcohimx34la.onion", "rows.io": "yz6yiv2hxyagvwy6.onion", } // Autoconfigure well known Tor hidden services. if hiddenService, ok := knownTorDomain[domain]; ok && config.UseTor { const torProxyURL = "socks5://127.0.0.1:9050" info(term, "It appears that you are using a well known server and we will use its Tor hidden service to connect.") config.Server = hiddenService config.Port = 5222 config.Proxies = []string{torProxyURL} term.SetPrompt("> ") return true } var proxyStr string proxyDefaultPrompt := ", enter for none" if config.UseTor { proxyDefaultPrompt = ", which is the default" } term.SetPrompt("Proxy (i.e socks5://127.0.0.1:9050" + proxyDefaultPrompt + "): ") for { if proxyStr, err = term.ReadLine(); err != nil { return false } if len(proxyStr) == 0 { if !config.UseTor { break } else { proxyStr = "socks5://127.0.0.1:9050" } } u, err := url.Parse(proxyStr) if err != nil { alert(term, "Failed to parse "+proxyStr+" as a URL: "+err.Error()) continue } if _, err = proxy.FromURL(u, proxy.Direct); err != nil { alert(term, "Failed to parse "+proxyStr+" as a proxy: "+err.Error()) continue } break } if len(proxyStr) > 0 { config.Proxies = []string{proxyStr} info(term, "Since you selected a proxy, we need to know the server and port to connect to as a SRV lookup would leak information every time.") term.SetPrompt("Server (i.e. xmpp.example.com, enter to lookup using unproxied DNS): ") if config.Server, err = term.ReadLine(); err != nil { return false } if len(config.Server) == 0 { var port uint16 info(term, "Performing SRV lookup") if config.Server, port, err = xmpp.Resolve(domain); err != nil { alert(term, "SRV lookup failed: "+err.Error()) return false } config.Port = int(port) info(term, "Resolved "+config.Server+":"+strconv.Itoa(config.Port)) } else { for { term.SetPrompt("Port (enter for 5222): ") portStr, err := term.ReadLine() if err != nil { return false } if len(portStr) == 0 { portStr = "5222" } if config.Port, err = strconv.Atoi(portStr); err != nil || config.Port <= 0 || config.Port > 65535 { info(term, "Port numbers must be 0 < port <= 65535") continue } break } } } term.SetPrompt("> ") return true }
func main() { flag.Parse() log.SetFlags(log.Ldate | log.Lmicroseconds | log.Lshortfile) prv := otr.PrivateKey{} if *genKey { prv.Generate(rand.Reader) fmt.Println(base64.RawStdEncoding.EncodeToString(prv.Serialize(nil))) return } if *prvDataEnc == "" { log.Fatalln("You have to provide OTR key") } prvData, err := base64.RawStdEncoding.DecodeString(*prvDataEnc) if err != nil { log.Fatalln("Invalid private key's Base64 encoding:", err) } if _, ok := prv.Parse(prvData); !ok { log.Fatalln("Unable to parse private key") } log.Println("Our fingerprint:", hex.EncodeToString(prv.Fingerprint())) var wg sync.WaitGroup var ctin *os.File var ctout *os.File var ptin *os.File var ptout *os.File opener := func(fdd **os.File, path string, flag int) { fd, err := os.OpenFile(path, flag, os.FileMode(0600)) if err != nil { log.Fatalln("Unable to open", path, "file:", err) } *fdd = fd wg.Done() } wg.Add(1) go opener(&ctin, *ctInPath, os.O_RDONLY) wg.Add(1) go opener(&ptin, *ptInPath, os.O_RDONLY) wg.Add(1) go opener(&ctout, *ctOutPath, os.O_WRONLY) wg.Add(1) go opener(&ptout, *ptOutPath, os.O_WRONLY) wg.Wait() conv := otr.Conversation{PrivateKey: &prv, FragmentSize: MaxMsgSize} exited := make(chan struct{}) go func() { scanner := bufio.NewScanner(ptin) var err error var msg []byte var msgs [][]byte var t string for scanner.Scan() { t = scanner.Text() if strings.HasPrefix(t, OTRStart) { ctout.Write(append([]byte(otr.QueryMessage), '\n')) continue } else if t == OTRStop { msgs = conv.End() } else if strings.HasPrefix(t, OTRSMP) { ss := strings.SplitN(t, " ", 3) var question string if len(ss) == 1 { log.Println("Invalid SMP usage") continue } else if len(ss) == 3 { question = ss[2] } msgs, err = conv.Authenticate(question, []byte(ss[1])) if err != nil { log.Println("Error during authentication:", err) continue } } else { msgs, err = conv.Send(scanner.Bytes()) if err != nil { log.Println("Error during sending:", err) continue } } for _, msg = range msgs { ctout.Write(append(msg, '\n')) } } exited <- struct{}{} }() go func() { scanner := bufio.NewScanner(ctin) var got []byte var msg []byte var enc bool var change otr.SecurityChange var toSend [][]byte var err error for scanner.Scan() { got, enc, change, toSend, err = conv.Receive(scanner.Bytes()) if err != nil { log.Println("Error during receiving:", err) continue } for _, msg = range toSend { ctout.Write(append(msg, '\n')) } switch change { case otr.NewKeys: log.Println( "OTR established, remote fingerprint:", hex.EncodeToString(conv.TheirPublicKey.Fingerprint()), ) case otr.ConversationEnded: log.Println("OTR terminated") case otr.SMPSecretNeeded: log.Println("SMP requested:", conv.SMPQuestion()) case otr.SMPComplete: log.Println("SMP succeeded") case otr.SMPFailed: log.Println("SMP failed") } if len(got) > 0 { if !enc { got = append([]byte("Unencrypted:"), got...) } ptout.Write(append(got, '\n')) } } exited <- struct{}{} }() killed := make(chan os.Signal) signal.Notify(killed, os.Interrupt, os.Kill) select { case <-exited: case <-killed: } if conv.IsEncrypted() { for _, msg := range conv.End() { ctout.Write(append(msg, '\n')) } } ctout.Close() ctin.Close() ptout.Close() ptin.Close() }