Пример #1
0
func saveKey(path string, key *otr.PrivateKey) {
	var rawKey []byte

	establishDir(true)
	rawKey = key.Serialize(rawKey)
	base64Key := make([]byte, base64.StdEncoding.EncodedLen(len(rawKey)))
	base64.StdEncoding.Encode(base64Key, rawKey)
	if err := ioutil.WriteFile(path, base64Key, 0600); err != nil {
		exitError(err)
	}
}
Пример #2
0
// ImportFromLibOTR parses the contents of a libotr private key file and imports all the keys found.
func ImportFromLibOTR(in []byte) []otr.PrivateKey {
	acctStart := []byte("(account")
	ret := []otr.PrivateKey{}

	var i, p int
	for {
		i = bytes.Index(in[p:], acctStart)
		if i == -1 {
			break
		}

		p += i + len(acctStart)

		key := otr.PrivateKey{}
		if key.Import(in[p:]) {
			ret = append(ret, key)
		}
	}

	return ret
}
Пример #3
0
// Loads and parses a private key.
func loadKey(path string) *otr.PrivateKey {
	establishDir(false)
	base64Key, err := ioutil.ReadFile(path)
	if os.IsNotExist(err) {
		exitPrintf("The private key (%s) does not exist.  Please use genkey.\n",
			path)
	}
	if err != nil {
		exitError(err)
	}

	rawKey := make([]byte, base64.StdEncoding.DecodedLen(len(base64Key)))
	n, err := base64.StdEncoding.Decode(rawKey, base64Key)
	if err != nil {
		exitError(err)
	}

	key := new(otr.PrivateKey)
	if _, ok := key.Parse(rawKey[:n]); !ok {
		exitPrintf("Invalid or corrupted private key (%s).\n", path)
	}

	return key
}
Пример #4
0
func enroll(config *Config, term *terminal.Terminal) bool {
	var err error
	warn(term, "Enrolling new config file")

	var domain string
	for {
		term.SetPrompt("Account (i.e. [email protected], enter to quit): ")
		if config.Account, err = term.ReadLine(); err != nil || len(config.Account) == 0 {
			return false
		}

		parts := strings.SplitN(config.Account, "@", 2)
		if len(parts) != 2 {
			alert(term, "invalid username (want user@domain): "+config.Account)
			continue
		}
		domain = parts[1]
		break
	}

	term.SetPrompt("Resource name (i.e. work, enter for empty): ")
	if config.Resource, err = term.ReadLine(); err != nil {
		return false
	}

	const debugLogFile = "/tmp/xmpp-client-debug.log"
	term.SetPrompt("Enable debug logging to " + debugLogFile + " (y/n)?: ")
	if debugLog, err := term.ReadLine(); err != nil || !isYes(debugLog) {
		info(term, "Not enabling debug logging...")
	} else {
		config.RawLogFile = debugLogFile
		info(term, "Debug logging enabled.")
	}

	term.SetPrompt("Use Tor (y/n)?: ")
	if useTorQuery, err := term.ReadLine(); err != nil || !isYes(useTorQuery) {
		info(term, "Not using Tor...")
		config.UseTor = false
	} else {
		info(term, "Using Tor...")
		config.UseTor = true
	}

	term.SetPrompt("File to import libotr private key from (enter to generate): ")

	var priv otr.PrivateKey
	for {
		importFile, err := term.ReadLine()
		if err != nil {
			return false
		}
		if len(importFile) > 0 {
			privKeyBytes, err := ioutil.ReadFile(importFile)
			if err != nil {
				alert(term, "Failed to open private key file: "+err.Error())
				continue
			}

			if !priv.Import(privKeyBytes) {
				alert(term, "Failed to parse libotr private key file (the parser is pretty simple I'm afraid)")
				continue
			}
			break
		} else {
			info(term, "Generating private key...")
			priv.Generate(rand.Reader)
			break
		}
	}
	config.PrivateKey = priv.Serialize(nil)

	config.OTRAutoAppendTag = true
	config.OTRAutoStartSession = true
	config.OTRAutoTearDown = false

	// List well known Tor hidden services.
	knownTorDomain := map[string]string{
		"jabber.ccc.de":             "okj7xc6j2szr2y75.onion",
		"riseup.net":                "4cjw6cwpeaeppfqz.onion",
		"jabber.calyxinstitute.org": "ijeeynrc6x2uy5ob.onion",
		"jabber.otr.im":             "5rgdtlawqkcplz75.onion",
		"wtfismyip.com":             "ofkztxcohimx34la.onion",
		"rows.io":                   "yz6yiv2hxyagvwy6.onion",
	}

	// Autoconfigure well known Tor hidden services.
	if hiddenService, ok := knownTorDomain[domain]; ok && config.UseTor {
		const torProxyURL = "socks5://127.0.0.1:9050"
		info(term, "It appears that you are using a well known server and we will use its Tor hidden service to connect.")
		config.Server = hiddenService
		config.Port = 5222
		config.Proxies = []string{torProxyURL}
		term.SetPrompt("> ")
		return true
	}

	var proxyStr string
	proxyDefaultPrompt := ", enter for none"
	if config.UseTor {
		proxyDefaultPrompt = ", which is the default"
	}
	term.SetPrompt("Proxy (i.e socks5://127.0.0.1:9050" + proxyDefaultPrompt + "): ")

	for {
		if proxyStr, err = term.ReadLine(); err != nil {
			return false
		}
		if len(proxyStr) == 0 {
			if !config.UseTor {
				break
			} else {
				proxyStr = "socks5://127.0.0.1:9050"
			}
		}
		u, err := url.Parse(proxyStr)
		if err != nil {
			alert(term, "Failed to parse "+proxyStr+" as a URL: "+err.Error())
			continue
		}
		if _, err = proxy.FromURL(u, proxy.Direct); err != nil {
			alert(term, "Failed to parse "+proxyStr+" as a proxy: "+err.Error())
			continue
		}
		break
	}

	if len(proxyStr) > 0 {
		config.Proxies = []string{proxyStr}

		info(term, "Since you selected a proxy, we need to know the server and port to connect to as a SRV lookup would leak information every time.")
		term.SetPrompt("Server (i.e. xmpp.example.com, enter to lookup using unproxied DNS): ")
		if config.Server, err = term.ReadLine(); err != nil {
			return false
		}
		if len(config.Server) == 0 {
			var port uint16
			info(term, "Performing SRV lookup")
			if config.Server, port, err = xmpp.Resolve(domain); err != nil {
				alert(term, "SRV lookup failed: "+err.Error())
				return false
			}
			config.Port = int(port)
			info(term, "Resolved "+config.Server+":"+strconv.Itoa(config.Port))
		} else {
			for {
				term.SetPrompt("Port (enter for 5222): ")
				portStr, err := term.ReadLine()
				if err != nil {
					return false
				}
				if len(portStr) == 0 {
					portStr = "5222"
				}
				if config.Port, err = strconv.Atoi(portStr); err != nil || config.Port <= 0 || config.Port > 65535 {
					info(term, "Port numbers must be 0 < port <= 65535")
					continue
				}
				break
			}
		}
	}

	term.SetPrompt("> ")

	return true
}
Пример #5
0
func main() {
	flag.Parse()
	log.SetFlags(log.Ldate | log.Lmicroseconds | log.Lshortfile)

	prv := otr.PrivateKey{}
	if *genKey {
		prv.Generate(rand.Reader)
		fmt.Println(base64.RawStdEncoding.EncodeToString(prv.Serialize(nil)))
		return
	}

	if *prvDataEnc == "" {
		log.Fatalln("You have to provide OTR key")
	}
	prvData, err := base64.RawStdEncoding.DecodeString(*prvDataEnc)
	if err != nil {
		log.Fatalln("Invalid private key's Base64 encoding:", err)
	}
	if _, ok := prv.Parse(prvData); !ok {
		log.Fatalln("Unable to parse private key")
	}
	log.Println("Our fingerprint:", hex.EncodeToString(prv.Fingerprint()))

	var wg sync.WaitGroup
	var ctin *os.File
	var ctout *os.File
	var ptin *os.File
	var ptout *os.File
	opener := func(fdd **os.File, path string, flag int) {
		fd, err := os.OpenFile(path, flag, os.FileMode(0600))
		if err != nil {
			log.Fatalln("Unable to open", path, "file:", err)
		}
		*fdd = fd
		wg.Done()
	}
	wg.Add(1)
	go opener(&ctin, *ctInPath, os.O_RDONLY)
	wg.Add(1)
	go opener(&ptin, *ptInPath, os.O_RDONLY)
	wg.Add(1)
	go opener(&ctout, *ctOutPath, os.O_WRONLY)
	wg.Add(1)
	go opener(&ptout, *ptOutPath, os.O_WRONLY)

	wg.Wait()
	conv := otr.Conversation{PrivateKey: &prv, FragmentSize: MaxMsgSize}
	exited := make(chan struct{})

	go func() {
		scanner := bufio.NewScanner(ptin)
		var err error
		var msg []byte
		var msgs [][]byte
		var t string
		for scanner.Scan() {
			t = scanner.Text()
			if strings.HasPrefix(t, OTRStart) {
				ctout.Write(append([]byte(otr.QueryMessage), '\n'))
				continue
			} else if t == OTRStop {
				msgs = conv.End()
			} else if strings.HasPrefix(t, OTRSMP) {
				ss := strings.SplitN(t, " ", 3)
				var question string
				if len(ss) == 1 {
					log.Println("Invalid SMP usage")
					continue
				} else if len(ss) == 3 {
					question = ss[2]
				}
				msgs, err = conv.Authenticate(question, []byte(ss[1]))
				if err != nil {
					log.Println("Error during authentication:", err)
					continue
				}
			} else {
				msgs, err = conv.Send(scanner.Bytes())
				if err != nil {
					log.Println("Error during sending:", err)
					continue
				}
			}
			for _, msg = range msgs {
				ctout.Write(append(msg, '\n'))
			}
		}
		exited <- struct{}{}
	}()

	go func() {
		scanner := bufio.NewScanner(ctin)
		var got []byte
		var msg []byte
		var enc bool
		var change otr.SecurityChange
		var toSend [][]byte
		var err error
		for scanner.Scan() {
			got, enc, change, toSend, err = conv.Receive(scanner.Bytes())
			if err != nil {
				log.Println("Error during receiving:", err)
				continue
			}
			for _, msg = range toSend {
				ctout.Write(append(msg, '\n'))
			}
			switch change {
			case otr.NewKeys:
				log.Println(
					"OTR established, remote fingerprint:",
					hex.EncodeToString(conv.TheirPublicKey.Fingerprint()),
				)
			case otr.ConversationEnded:
				log.Println("OTR terminated")
			case otr.SMPSecretNeeded:
				log.Println("SMP requested:", conv.SMPQuestion())
			case otr.SMPComplete:
				log.Println("SMP succeeded")
			case otr.SMPFailed:
				log.Println("SMP failed")
			}
			if len(got) > 0 {
				if !enc {
					got = append([]byte("Unencrypted:"), got...)
				}
				ptout.Write(append(got, '\n'))
			}
		}
		exited <- struct{}{}
	}()

	killed := make(chan os.Signal)
	signal.Notify(killed, os.Interrupt, os.Kill)
	select {
	case <-exited:
	case <-killed:
	}
	if conv.IsEncrypted() {
		for _, msg := range conv.End() {
			ctout.Write(append(msg, '\n'))
		}
	}
	ctout.Close()
	ctin.Close()
	ptout.Close()
	ptin.Close()
}