diff options
| author | Gab <24553253+gabrix73@users.noreply.github.com> | 2025-02-11 16:00:59 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-02-11 16:00:59 +0100 |
| commit | b5ff9cd0a133c346dff9a9497022c3f3848c0e66 (patch) | |
| tree | 7c2c569e9900ab33d922f3eae2092870a37cd04c | |
| parent | 70b369e70197e8db6f77e5390a74ea0ae6667e60 (diff) | |
| download | nofuture-go-memguard-b5ff9cd0a133c346dff9a9497022c3f3848c0e66.tar.gz nofuture-go-memguard-b5ff9cd0a133c346dff9a9497022c3f3848c0e66.tar.xz nofuture-go-memguard-b5ff9cd0a133c346dff9a9497022c3f3848c0e66.zip | |
Add files via upload
This secure messaging application enables encrypted communication through mainstream messaging platforms without requiring extensions. The session-based encryption ensures your messages remain secure while active, and once ended, the encryption keys are securely wiped from memory using Memguard protection.
| -rw-r--r-- | go.mod | 38 | ||||
| -rw-r--r-- | go.sum | 94 | ||||
| -rw-r--r-- | index.html | 723 | ||||
| -rw-r--r-- | keyboard.js | 135 | ||||
| -rw-r--r-- | nofuture.go | 347 |
5 files changed, 1337 insertions, 0 deletions
@@ -0,0 +1,38 @@ +module nofuture + +go 1.23.4 + +require ( + github.com/awnumar/memguard v0.22.3 + github.com/gin-gonic/gin v1.10.0 + golang.org/x/crypto v0.33.0 +) + +require ( + github.com/awnumar/memcall v0.2.0 // indirect + github.com/bytedance/sonic v1.11.6 // indirect + github.com/bytedance/sonic/loader v0.1.1 // indirect + github.com/cloudwego/base64x v0.1.4 // indirect + github.com/cloudwego/iasm v0.2.0 // indirect + github.com/gabriel-vasile/mimetype v1.4.3 // indirect + github.com/gin-contrib/sse v0.1.0 // indirect + github.com/go-playground/locales v0.14.1 // indirect + github.com/go-playground/universal-translator v0.18.1 // indirect + github.com/go-playground/validator/v10 v10.20.0 // indirect + github.com/goccy/go-json v0.10.2 // indirect + github.com/json-iterator/go v1.1.12 // indirect + github.com/klauspost/cpuid/v2 v2.2.7 // indirect + github.com/leodido/go-urn v1.4.0 // indirect + github.com/mattn/go-isatty v0.0.20 // indirect + github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect + github.com/modern-go/reflect2 v1.0.2 // indirect + github.com/pelletier/go-toml/v2 v2.2.2 // indirect + github.com/twitchyliquid64/golang-asm v0.15.1 // indirect + github.com/ugorji/go/codec v1.2.12 // indirect + golang.org/x/arch v0.8.0 // indirect + golang.org/x/net v0.25.0 // indirect + golang.org/x/sys v0.30.0 // indirect + golang.org/x/text v0.22.0 // indirect + google.golang.org/protobuf v1.34.1 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect +) @@ -0,0 +1,94 @@ +github.com/awnumar/memcall v0.2.0 h1:sRaogqExTOOkkNwO9pzJsL8jrOV29UuUW7teRMfbqtI= +github.com/awnumar/memcall v0.2.0/go.mod h1:S911igBPR9CThzd/hYQQmTc9SWNu3ZHIlCGaWsWsoJo= +github.com/awnumar/memguard v0.22.3 h1:b4sgUXtbUjhrGELPbuC62wU+BsPQy+8lkWed9Z+pj0Y= +github.com/awnumar/memguard v0.22.3/go.mod h1:mmGunnffnLHlxE5rRgQc3j+uwPZ27eYb61ccr8Clz2Y= +github.com/bytedance/sonic v1.11.6 h1:oUp34TzMlL+OY1OUWxHqsdkgC/Zfc85zGqw9siXjrc0= +github.com/bytedance/sonic v1.11.6/go.mod h1:LysEHSvpvDySVdC2f87zGWf6CIKJcAvqab1ZaiQtds4= +github.com/bytedance/sonic/loader v0.1.1 h1:c+e5Pt1k/cy5wMveRDyk2X4B9hF4g7an8N3zCYjJFNM= +github.com/bytedance/sonic/loader v0.1.1/go.mod h1:ncP89zfokxS5LZrJxl5z0UJcsk4M4yY2JpfqGeCtNLU= +github.com/cloudwego/base64x v0.1.4 h1:jwCgWpFanWmN8xoIUHa2rtzmkd5J2plF/dnLS6Xd/0Y= +github.com/cloudwego/base64x v0.1.4/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w= +github.com/cloudwego/iasm v0.2.0 h1:1KNIy1I1H9hNNFEEH3DVnI4UujN+1zjpuk6gwHLTssg= +github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQPiEFhY= +github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= +github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= +github.com/gabriel-vasile/mimetype v1.4.3 h1:in2uUcidCuFcDKtdcBxlR0rJ1+fsokWf+uqxgUFjbI0= +github.com/gabriel-vasile/mimetype v1.4.3/go.mod h1:d8uq/6HKRL6CGdk+aubisF/M5GcPfT7nKyLpA0lbSSk= +github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE= +github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI= +github.com/gin-gonic/gin v1.10.0 h1:nTuyha1TYqgedzytsKYqna+DfLos46nTv2ygFy86HFU= +github.com/gin-gonic/gin v1.10.0/go.mod h1:4PMNQiOhvDRa013RKVbsiNwoyezlm2rm0uX/T7kzp5Y= +github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s= +github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4= +github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA= +github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY= +github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY= +github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY= +github.com/go-playground/validator/v10 v10.20.0 h1:K9ISHbSaI0lyB2eWMPJo+kOS/FBExVwjEviJTixqxL8= +github.com/go-playground/validator/v10 v10.20.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM= +github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU= +github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= +github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= +github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= +github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= +github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM= +github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo= +github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= +github.com/klauspost/cpuid/v2 v2.2.7 h1:ZWSB3igEs+d0qvnxR/ZBzXVmxkgt8DdzP6m9pfuVLDM= +github.com/klauspost/cpuid/v2 v2.2.7/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= +github.com/knz/go-libedit v1.10.1/go.mod h1:MZTVkCWyz0oBc7JOWP3wNAzd002ZbM/5hgShxwh4x8M= +github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ= +github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI= +github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY= +github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= +github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= +github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= +github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= +github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= +github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM= +github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs= +github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= +github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= +github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= +github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= +github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= +github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= +github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= +github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg= +github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= +github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI= +github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08= +github.com/ugorji/go/codec v1.2.12 h1:9LC83zGrHhuUA9l16C9AHXAqEV/2wBQ4nkvumAE65EE= +github.com/ugorji/go/codec v1.2.12/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg= +golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8= +golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc= +golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys= +golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus= +golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M= +golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= +golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= +golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc= +golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM= +golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= +golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= +google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg= +google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +nullprogram.com/x/optparse v1.0.0/go.mod h1:KdyPE+Igbe0jQUrVfMqDMeJQIJZEuyV7pjYmp6pbG50= +rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4= diff --git a/index.html b/index.html new file mode 100644 index 0000000..b13beb4 --- /dev/null +++ b/index.html @@ -0,0 +1,723 @@ +<!DOCTYPE html> +<html lang="en"> +<head> + <meta charset="UTF-8"> + <meta name="viewport" content="width=device-width, initial-scale=1.0"> + <title>Nofuture Buddy Web Interface (Memguard GO Powered)</title> + <style> + :root { + --bg-color-day: #f0f0f0; + --text-color-day: #333; + --bg-color-night: #2e2e2e; + --text-color-night: #f0f0f0; + --primary-color: #0088cc; + --primary-hover: #007bb5; + --session-id-color: #ff4444; + } + + body { + margin: 0; + padding: 0; + font-family: 'Segoe UI', Arial, sans-serif; + background-color: var(--bg-color-night); + color: var(--text-color-night); + display: flex; + flex-direction: column; + min-height: 100vh; + } + + header { + background-color: var(--primary-color); + padding: 1rem; + text-align: center; + color: #fff; + } + + header h1 { margin: 0; } + + main { + flex: 1; + max-width: 800px; + margin: auto; + padding: 1rem; + } + + .instructions { + margin-bottom: 1rem; + } + + .session-buttons, .buttons { + display: flex; + flex-wrap: wrap; + gap: 0.5rem; + margin-bottom: 1rem; + } + + button { + flex: 1; + padding: 0.75rem; + border: none; + border-radius: 4px; + background-color: var(--primary-color); + color: #fff; + font-size: 1rem; + cursor: pointer; + transition: background-color 0.2s; + } + + button:hover { + background-color: var(--primary-hover); + } + + .row { + display: flex; + flex-direction: column; + margin-bottom: 1rem; + } + + .row label { + margin-bottom: 0.5rem; + } + + .row input[type="text"], .row textarea { + width: 100%; + padding: 0.5rem; + border: 1px solid #ccc; + border-radius: 4px; + box-sizing: border-box; + background-color: #333; + color: #fff; + } + + textarea { + min-height: 300px; + resize: vertical; + } + + #sessionIdContainer { + display: none; + margin-bottom: 1rem; + padding: 1rem; + background-color: rgba(0,0,0,0.2); + border-radius: 4px; + } + + #sessionIdValue { + color: var(--session-id-color); + font-weight: bold; + margin-left: 0.5rem; + } + + .status-message { + padding: 1rem; + margin: 1rem 0; + border-radius: 4px; + display: none; + } + + .status-success { + background-color: #4CAF50; + color: white; + } + + .status-error { + background-color: #f44336; + color: white; + } + + /* Session Status Indicator Styles */ + #sessionStatusIndicator { + position: fixed; + top: 1rem; + left: 1rem; + display: flex; + align-items: center; + padding: 0.5rem 1rem; + border-radius: 20px; + background-color: #4a4a4a; + color: white; + font-size: 0.9rem; + transition: all 0.3s ease; + z-index: 1000; + } + + #statusDot { + width: 10px; + height: 10px; + border-radius: 50%; + margin-right: 8px; + background-color: #666; + transition: background-color 0.3s ease; + } + + .status-none #statusDot { background-color: #666; } + .status-active #statusDot { background-color: #4CAF50; } + .status-paired #statusDot { background-color: #FFC107; } + .status-error #statusDot { background-color: #f44336; } + + /* Virtual Keyboard Styles */ + #keyboardContainer { + position: fixed; + top: 50%; + left: 50%; + transform: translate(-50%, -50%); + width: 360px; /* Reduced from 400px */ + background-color: #2a2a2a; + border: 1px solid #444; + border-radius: 8px; + box-shadow: 0 4px 8px rgba(0, 0, 0, 0.3); + z-index: 1000; + display: none; + font-family: 'Cascadia Code', 'Consolas', monospace; + } + + #keyboardHeader { + background-color: #007acc; + color: white; + padding: 10px; + cursor: move; + display: flex; + justify-content: space-between; + align-items: center; + user-select: none; + border-radius: 8px 8px 0 0; + } + + #closeKeyboardButton { + background: none; + border: none; + color: white; + font-size: 20px; + cursor: pointer; + padding: 0 5px; + } + + #virtualKeyboard { + display: grid; + grid-template-columns: repeat(8, 1fr); + gap: 6px; + padding: 12px; + } + + .key { + position: relative; + padding: 8px 4px; + background-color: #3a3a3a; + color: white; + text-align: center; + border-radius: 6px; + cursor: pointer; + user-select: none; + display: flex; + flex-direction: column; + justify-content: center; + align-items: center; + min-height: 45px; + transition: background-color 0.2s; + border: 1px solid #555; + } + + .key .primary { + font-size: 18px; + font-weight: bold; + margin-bottom: 2px; + } + + .key .secondary { + font-size: 10px; + opacity: 0.7; + position: absolute; + top: 2px; + right: 4px; + } + + .key:hover { + background-color: #4a4a4a; + } + + .key-number { background-color: #2c3e50; } + .key-symbol { background-color: #8e44ad; } + .key-letter { background-color: #2980b9; } + .key-special { + background-color: #c0392b; + grid-column: span 2; + } + .key-space { + background-color: #27ae60; + grid-column: span 4; + } + + #keyboardTooltip { + position: absolute; + width: 280px; + background-color: #2a2a2a; + color: #fff; + border: 2px solid #444; + border-radius: 8px; + box-shadow: 0 4px 8px rgba(0, 0, 0, 0.3); + padding: 10px; + z-index: 1000; + display: none; + font-size: 14px; + line-height: 1.5; + bottom: 100%; + left: 50%; + transform: translateX(-50%); + margin-bottom: 10px; + } + + #showKeyboardButton { + padding: 12px 24px; + font-size: 16px; + cursor: pointer; + position: relative; + display: block; + margin: 30px auto; + background-color: #2980b9; + border: none; + border-radius: 6px; + color: white; + transition: background-color 0.2s; + } + + #showKeyboardButton:hover { + background-color: #3498db; + } + </style> +</head> +<body> + <div id="sessionStatusIndicator" class="status-none"> + <div id="statusDot"></div> + <span id="statusText">No Session</span> + </div> + + <button id="themeToggle">Day</button> + + <header> + <h1>Nofuture Buddy Web Interface - Memguard GO Powered</h1> + </header> + + <main> + <div id="statusMessage" class="status-message"></div> + + <p class="instructions"> + This secure messaging application enables encrypted communication through mainstream messaging platforms without requiring extensions. + The session-based encryption ensures your messages remain secure while active, and once ended, the encryption keys are securely wiped from memory using Memguard protection. + + <br><br> + <strong>Security Features:</strong> + <ul> + <li>Memguard memory protection ensures encryption keys and sensitive data are protected against memory dumps and cold boot attacks</li> + <li>All cryptographic operations are performed in secure memory regions</li> + <li>Session keys are automatically wiped when the session ends</li> + </ul> + + <br> + <strong>Virtual Keyboard Security:</strong> + We strongly recommend using our built-in Virtual Keyboard to protect against: + <ul> + <li>Hardware and software keyloggers</li> + <li>Keyboard input monitoring malware</li> + <li>Screen recording spyware (keyboard layout randomly changes each time)</li> + </ul> + Right-click on keys to access secondary characters (uppercase/symbols). + </p> + + <div id="sessionIdContainer"> + <span>Your Session ID: </span> + <span id="sessionIdValue"></span> + <button id="copySessionIdBtn">Copy ID</button> + </div> + + <div class="session-buttons"> + <button id="startSessionBtn">Start Session</button> + <button id="endSessionBtn" style="display:none;">End Session</button> + </div> + + <div class="row"> + <label for="buddySessionIdInput">Buddy's Session ID:</label> + <input type="text" id="buddySessionIdInput" placeholder="Enter your buddy's session ID..."> + </div> + + <div class="session-buttons"> + <button id="pairSessionsBtn">Pair Sessions</button> + </div> + + <div class="row"> + <label for="textInput">Message:</label> + <textarea id="textInput" placeholder="Type your message here..."></textarea> + </div> + + <div class="buttons"> + <button id="buddyEncryptBtn">Encrypt</button> + <button id="buddyDecryptBtn">Decrypt</button> + </div> + + <div style="text-align: center; position: relative;"> + <button id="showKeyboardButton">Virtual Keyboard</button> + <div id="keyboardTooltip"> + <p>Our Virtual Keyboard helps avoid hardware keyloggers. Right-click for secondary characters.</p> + </div> + </div> + + <div id="keyboardContainer"> + <div id="keyboardHeader"> + <span>Virtual Keyboard (Right-click for secondary character)</span> + <button id="closeKeyboardButton">×</button> + </div> + <div id="virtualKeyboard"></div> + </div> + </main> + + <script> + let currentSessionId = null; + + // Use relative URLs for API endpoints + const API_START = "/api/start_session"; + const API_END = "/api/end_session"; + const API_PAIR = "/api/pair_sessions"; + const API_BUDDY_ENCRYPT = "/api/buddy_encrypt"; + const API_BUDDY_DECRYPT = "/api/buddy_decrypt"; + + // DOM Elements + const sessionIdContainer = document.getElementById('sessionIdContainer'); + const sessionIdValue = document.getElementById('sessionIdValue'); + const copySessionIdBtn = document.getElementById('copySessionIdBtn'); + const startSessionBtn = document.getElementById('startSessionBtn'); + const endSessionBtn = document.getElementById('endSessionBtn'); + const buddySessionIdInput = document.getElementById('buddySessionIdInput'); + const pairSessionsBtn = document.getElementById('pairSessionsBtn'); + const textInput = document.getElementById('textInput'); + const buddyEncryptBtn = document.getElementById('buddyEncryptBtn'); + const buddyDecryptBtn = document.getElementById('buddyDecryptBtn'); + const statusMessage = document.getElementById('statusMessage'); + const themeToggle = document.getElementById('themeToggle'); + const statusIndicator = document.getElementById('sessionStatusIndicator'); + const statusText = document.getElementById('statusText'); + + function showStatus(message, isError = false) { + statusMessage.textContent = message; + statusMessage.className = `status-message ${isError ? 'status-error' : 'status-success'}`; + statusMessage.style.display = 'block'; + setTimeout(() => { + statusMessage.style.display = 'none'; + }, 3000); + } + + async function apiRequest(endpoint, data = {}) { + try { + const response = await fetch(endpoint, { + method: 'POST', + headers: { + 'Content-Type': 'application/json', + }, + body: JSON.stringify(data), + }); + + if (!response.ok) { + throw new Error(`HTTP error! status: ${response.status}`); + } + + const result = await response.json(); + return result; + } catch (error) { + console.error('API Request Error:', error); + throw error; + } + } + + function updateSessionStatus(status, message) { + statusIndicator.className = `status-${status}`; + statusText.textContent = message; + } + + // Event Listeners + startSessionBtn.addEventListener('click', async () => { + try { + const data = await apiRequest(API_START); + if (data.session_id) { + currentSessionId = data.session_id; + sessionIdValue.textContent = currentSessionId; + sessionIdContainer.style.display = 'block'; + startSessionBtn.style.display = 'none'; + endSessionBtn.style.display = 'block'; + updateSessionStatus('active', 'Session Active'); + showStatus('Session started successfully'); + } + } catch (error) { + updateSessionStatus('error', 'Session Error'); + showStatus(`Failed to start session: ${error.message}`, true); + } + }); + + endSessionBtn.addEventListener('click', async () => { + if (!currentSessionId) return; + try { + await apiRequest(API_END, { session_id: currentSessionId }); + currentSessionId = null; + sessionIdContainer.style.display = 'none'; + startSessionBtn.style.display = 'block'; + endSessionBtn.style.display = 'none'; + buddySessionIdInput.value = ''; + textInput.value = ''; + updateSessionStatus('none', 'No Session'); + showStatus('Session ended successfully'); + } catch (error) { + updateSessionStatus('error', 'Session Error'); + showStatus(`Failed to end session: ${error.message}`, true); + } + }); + + copySessionIdBtn.addEventListener('click', () => { + if (!currentSessionId) return; + navigator.clipboard.writeText(currentSessionId) + .then(() => showStatus('Session ID copied to clipboard')) + .catch(error => showStatus('Failed to copy session ID', true)); + }); + + pairSessionsBtn.addEventListener('click', async () => { + if (!currentSessionId) { + showStatus('Start your session first', true); + return; + } + const buddySid = buddySessionIdInput.value.trim(); + if (!buddySid) { + showStatus('Please enter a buddy session ID', true); + return; + } + try { + const data = await apiRequest(API_PAIR, { + session_id_A: currentSessionId, + session_id_B: buddySid + }); + if (data.status === 'paired') { + updateSessionStatus('paired', 'Session Paired'); + showStatus('Sessions paired successfully'); + } + } catch (error) { + updateSessionStatus('error', 'Pairing Error'); + showStatus(`Failed to pair sessions: ${error.message}`, true); + } + }); + + buddyEncryptBtn.addEventListener('click', async () => { + if (!currentSessionId) { + showStatus('Start a session first', true); + return; + } + const plaintext = textInput.value.trim(); + if (!plaintext) { + showStatus('Nothing to encrypt', true); + return; + } + try { + const data = await apiRequest(API_BUDDY_ENCRYPT, { + session_id: currentSessionId, + plaintext: plaintext + }); + if (data.encrypted_b64) { + textInput.value = data.encrypted_b64; + showStatus('Message encrypted successfully'); + } + } catch (error) { + showStatus(`Encryption failed: ${error.message}`, true); + } + }); + + buddyDecryptBtn.addEventListener('click', async () => { + if (!currentSessionId) { + showStatus('Start a session first', true); + return; + } + const encrypted_b64 = textInput.value.trim(); + if (!encrypted_b64) { + showStatus('No ciphertext to decrypt', true); + return; + } + try { + const data = await apiRequest(API_BUDDY_DECRYPT, { + session_id: currentSessionId, + encrypted_b64: encrypted_b64 + }); + if (data.plaintext) { + textInput.value = data.plaintext; + showStatus('Message decrypted successfully'); + } + } catch (error) { + showStatus(`Decryption failed: ${error.message}`, true); + } + }); + + themeToggle.addEventListener('click', () => { + document.body.classList.toggle('dark-theme'); + themeToggle.textContent = document.body.classList.contains('dark-theme') ? 'Night' : 'Day'; + }); + + // Virtual Keyboard implementation + const letters = 'abcdefghijklmnopqrstuvwxyz'.split(''); + const numbers = '1234567890'.split(''); + const symbols = '!@#$%^&*()_+-=[]{}|;:,.<>?/'.split(''); + + function shuffleArray(array) { + for (let i = array.length - 1; i > 0; i--) { + const j = Math.floor(Math.random() * (i + 1)); + [array[i], array[j]] = [array[j], array[i]]; + } + return array; + } + + function createKeyboard() { + const keyboard = document.getElementById('virtualKeyboard'); + keyboard.innerHTML = ''; + + // Shuffle each group separately + const shuffledLetters = shuffleArray([...letters]); + const shuffledNumbers = shuffleArray([...numbers]); + const shuffledSymbols = shuffleArray([...symbols]); + + // Create keys for numbers with symbols as secondary characters + shuffledNumbers.forEach((num, i) => { + const key = document.createElement('div'); + key.className = 'key key-number'; + key.innerHTML = ` + <span class="primary">${num}</span> + <span class="secondary">${shuffledSymbols[i] || ''}</span> + `; + key.onclick = () => insertCharacter(num); + key.oncontextmenu = (e) => { + e.preventDefault(); + insertCharacter(shuffledSymbols[i] || ''); + }; + keyboard.appendChild(key); + }); + + // Create keys for letters with uppercase as secondary characters + shuffledLetters.forEach(letter => { + const key = document.createElement('div'); + key.className = 'key key-letter'; + key.innerHTML = ` + <span class="primary">${letter}</span> + <span class="secondary">${letter.toUpperCase()}</span> + `; + key.onclick = () => insertCharacter(letter); + key.oncontextmenu = (e) => { + e.preventDefault(); + insertCharacter(letter.toUpperCase()); + }; + keyboard.appendChild(key); + }); + + // Add backspace key + const backspaceKey = document.createElement('div'); + backspaceKey.className = 'key key-special'; + backspaceKey.innerHTML = '<span class="primary">⌫</span>'; + backspaceKey.onclick = () => { + const textInput = document.getElementById('textInput'); + const startPos = textInput.selectionStart; + const endPos = textInput.selectionEnd; + + if (startPos === endPos) { + if (startPos > 0) { + textInput.value = textInput.value.slice(0, startPos - 1) + textInput.value.slice(startPos); + textInput.setSelectionRange(startPos - 1, startPos - 1); + } + } else { + textInput.value = textInput.value.slice(0, startPos) + textInput.value.slice(endPos); + textInput.setSelectionRange(startPos, startPos); + } + textInput.focus(); + }; + keyboard.appendChild(backspaceKey); + + // Add space key + const spaceKey = document.createElement('div'); + spaceKey.className = 'key key-space'; + spaceKey.innerHTML = '<span class="primary">Space</span>'; + spaceKey.onclick = () => insertCharacter(' '); + keyboard.appendChild(spaceKey); + + // Create keys for remaining symbols + shuffledSymbols.slice(10).forEach(symbol => { + const key = document.createElement('div'); + key.className = 'key key-symbol'; + key.innerHTML = ` + <span class="primary">${symbol}</span> + `; + key.onclick = () => insertCharacter(symbol); + keyboard.appendChild(key); + }); + } + + function insertCharacter(char) { + const textInput = document.getElementById('textInput'); + const startPos = textInput.selectionStart; + const endPos = textInput.selectionEnd; + const text = textInput.value; + + textInput.value = text.substring(0, startPos) + char + text.substring(endPos); + textInput.setSelectionRange(startPos + 1, startPos + 1); + textInput.focus(); + } + + // Show/hide keyboard + document.getElementById('showKeyboardButton').addEventListener('click', () => { + const keyboard = document.getElementById('keyboardContainer'); + keyboard.style.display = 'block'; + createKeyboard(); // Create new random layout each time + }); + + document.getElementById('closeKeyboardButton').addEventListener('click', () => { + document.getElementById('keyboardContainer').style.display = 'none'; + }); + + // Enable keyboard dragging + const keyboardHeader = document.getElementById('keyboardHeader'); + const keyboardContainer = document.getElementById('keyboardContainer'); + let isDragging = false; + let currentX; + let currentY; + let initialX; + let initialY; + let xOffset = 0; + let yOffset = 0; + + keyboardHeader.addEventListener('mousedown', dragStart); + document.addEventListener('mousemove', drag); + document.addEventListener('mouseup', dragEnd); + document.addEventListener('mouseleave', dragEnd); + + function dragStart(e) { + if (e.target === keyboardHeader || e.target.parentElement === keyboardHeader) { + initialX = e.clientX - xOffset; + initialY = e.clientY - yOffset; + isDragging = true; + keyboardHeader.style.cursor = 'grabbing'; + } + } + + function drag(e) { + if (isDragging) { + e.preventDefault(); + currentX = e.clientX - initialX; + currentY = e.clientY - initialY; + xOffset = currentX; + yOffset = currentY; + setTranslate(currentX, currentY, keyboardContainer); + } + } + + function dragEnd(e) { + if (isDragging) { + initialX = currentX; + initialY = currentY; + isDragging = false; + keyboardHeader.style.cursor = 'move'; + } + } + + function setTranslate(xPos, yPos, el) { + el.style.transform = `translate(${xPos}px, ${yPos}px)`; + } + </script> +</body> +</html> diff --git a/keyboard.js b/keyboard.js new file mode 100644 index 0000000..d173ddf --- /dev/null +++ b/keyboard.js @@ -0,0 +1,135 @@ +/******************************************************* + * keyboard.js (VERSIONE SENZA encryptInBackground) + * + * - Mostra/Nasconde la tastiera virtuale + * - Inserisce caratteri in chiaro dentro #textInput + * - Nessuna logica di cifratura/offuscamento + ******************************************************/ + +document.addEventListener("DOMContentLoaded", () => { + const showKeyboardButton = document.getElementById("showKeyboardButton"); + const keyboardTooltip = document.getElementById("keyboardTooltip"); + const keyboardContainer = document.getElementById("keyboardContainer"); + const closeKeyboardButton = document.getElementById("closeKeyboardButton"); + const virtualKeyboard = document.getElementById("virtualKeyboard"); + const keyboardHeader = document.getElementById("keyboardHeader"); + + // Campo di testo dove inserire i caratteri + const textInput = document.getElementById("textInput"); + + // Layout fisso per la tastiera (nessun random, nessuna cifratura) + const layout = [ + "q","w","e","r","t","y","u","i","o","p", + "a","s","d","f","g","h","j","k","l","_", + "z","x","c","v","b","n","m","0","1","2", + "3","4","5","6","7","8","9",".","-","@" + ]; + + /******************************************************* + * Tooltip su pulsante “Virtual Keyboard” + *******************************************************/ + showKeyboardButton.addEventListener("mouseenter", () => { + keyboardTooltip.style.display = "block"; + const btnRect = showKeyboardButton.getBoundingClientRect(); + // Posiziona tooltip SOPRA il pulsante + keyboardTooltip.style.left = btnRect.left + "px"; + keyboardTooltip.style.top = (btnRect.top - keyboardTooltip.offsetHeight - 8) + "px"; + }); + showKeyboardButton.addEventListener("mouseleave", () => { + keyboardTooltip.style.display = "none"; + }); + + /******************************************************* + * Mostra/Nasconde #keyboardContainer + *******************************************************/ + showKeyboardButton.addEventListener("click", () => { + keyboardContainer.style.display = "block"; // Mostra la tastiera + generateKeyboard(); // Crea i tasti + }); + + closeKeyboardButton.addEventListener("click", () => { + keyboardContainer.style.display = "none"; // Nasconde la tastiera + }); + + /******************************************************* + * Genera i tasti della tastiera virtuale + *******************************************************/ + function generateKeyboard() { + virtualKeyboard.innerHTML = ""; // Pulisce il contenuto precedente + + // Crea i tasti per ogni carattere del layout + layout.forEach(char => { + const keyElem = document.createElement("div"); + keyElem.classList.add("key"); + keyElem.textContent = char; + // Al click sul tasto, aggiunge il char al textInput in chiaro + keyElem.addEventListener("click", () => { + if (textInput) { + textInput.value += char; + } + }); + virtualKeyboard.appendChild(keyElem); + }); + + // Aggiunge tasti speciali (Space, Backspace, Clear) + addSpecialKeys(); + } + + function addSpecialKeys() { + // [space] + const spaceKey = document.createElement("div"); + spaceKey.classList.add("key"); + spaceKey.textContent = "[space]"; + spaceKey.addEventListener("click", () => { + if (textInput) { + textInput.value += " "; + } + }); + virtualKeyboard.appendChild(spaceKey); + + // Backspace + const backspaceKey = document.createElement("div"); + backspaceKey.classList.add("key"); + backspaceKey.textContent = "Backspace"; + backspaceKey.addEventListener("click", () => { + if (textInput && textInput.value.length > 0) { + textInput.value = textInput.value.slice(0, -1); + } + }); + virtualKeyboard.appendChild(backspaceKey); + + // Clear + const clearKey = document.createElement("div"); + clearKey.classList.add("key"); + clearKey.textContent = "Clear"; + clearKey.addEventListener("click", () => { + if (textInput) { + textInput.value = ""; + } + }); + virtualKeyboard.appendChild(clearKey); + } + + /******************************************************* + * Drag & Drop della tastiera + *******************************************************/ + let isDragging = false; + let offsetX = 0, offsetY = 0; + + keyboardHeader.addEventListener("mousedown", (e) => { + isDragging = true; + offsetX = e.clientX - keyboardContainer.offsetLeft; + offsetY = e.clientY - keyboardContainer.offsetTop; + }); + + document.addEventListener("mousemove", (e) => { + if (isDragging) { + keyboardContainer.style.left = (e.clientX - offsetX) + "px"; + keyboardContainer.style.top = (e.clientY - offsetY) + "px"; + } + }); + + document.addEventListener("mouseup", () => { + isDragging = false; + }); +}); diff --git a/nofuture.go b/nofuture.go new file mode 100644 index 0000000..44c02d9 --- /dev/null +++ b/nofuture.go @@ -0,0 +1,347 @@ +package main + +import ( + "crypto/rand" + "encoding/base64" + "fmt" + "log" + "net/http" + "runtime" + "strings" + "sync" + + "github.com/awnumar/memguard" + "github.com/gin-gonic/gin" + "golang.org/x/crypto/curve25519" + "golang.org/x/crypto/nacl/box" +) + +type Session struct { + PrivateKey *memguard.LockedBuffer + PublicKey *memguard.LockedBuffer + BuddyPublicKey *memguard.LockedBuffer +} + +var ( + sessions sync.Map +) + +const ( + nonceLength = 24 + keyLength = 32 +) + +func init() { + memguard.CatchInterrupt() + runtime.GC() +} + +func generateKeyPair() (*memguard.LockedBuffer, *memguard.LockedBuffer, error) { + privateKeyBuf := memguard.NewBuffer(keyLength) + defer privateKeyBuf.Destroy() + + if _, err := rand.Read(privateKeyBuf.Bytes()); err != nil { + return nil, nil, fmt.Errorf("key generation failed: %w", err) + } + + publicKeyBuf := memguard.NewBuffer(keyLength) + defer publicKeyBuf.Destroy() + + publicKey, err := curve25519.X25519(privateKeyBuf.Bytes(), curve25519.Basepoint) + if err != nil { + return nil, nil, fmt.Errorf("public key derivation failed: %w", err) + } + + privateKeyLocked := memguard.NewBuffer(keyLength) + publicKeyLocked := memguard.NewBuffer(keyLength) + + copy(privateKeyLocked.Bytes(), privateKeyBuf.Bytes()) + copy(publicKeyLocked.Bytes(), publicKey) + + return privateKeyLocked, publicKeyLocked, nil +} + +func startSession(c *gin.Context) { + c.Header("Content-Type", "application/json") + log.Printf("Starting new secure session...") + + privateKey, publicKey, err := generateKeyPair() + if err != nil { + log.Printf("Error generating key pair: %v", err) + c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()}) + return + } + + sessionIDBuf := memguard.NewBuffer(12) + if _, err := rand.Read(sessionIDBuf.Bytes()); err != nil { + log.Printf("Error generating session ID: %v", err) + c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to generate session ID"}) + return + } + defer sessionIDBuf.Destroy() + + sessionID := base64.RawURLEncoding.EncodeToString(sessionIDBuf.Bytes()) + + sessions.Store(sessionID, &Session{ + PrivateKey: privateKey, + PublicKey: publicKey, + BuddyPublicKey: nil, + }) + + log.Printf("Session created successfully: %s", sessionID) + + c.JSON(http.StatusOK, gin.H{ + "session_id": sessionID, + "public_key": base64.StdEncoding.EncodeToString(publicKey.Bytes()), + }) + + runtime.GC() +} + +func endSession(c *gin.Context) { + c.Header("Content-Type", "application/json") + var req struct { + SessionID string `json:"session_id" binding:"required"` + } + + if err := c.BindJSON(&req); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"error": "invalid request"}) + return + } + + if sess, loaded := sessions.LoadAndDelete(req.SessionID); loaded { + session := sess.(*Session) + if session.PrivateKey != nil { + session.PrivateKey.Destroy() + } + if session.PublicKey != nil { + session.PublicKey.Destroy() + } + if session.BuddyPublicKey != nil { + session.BuddyPublicKey.Destroy() + } + } + + log.Printf("Session ended and cleaned up: %s", req.SessionID) + c.JSON(http.StatusOK, gin.H{"status": "session_ended"}) + + runtime.GC() +} + +func pairSessions(c *gin.Context) { + c.Header("Content-Type", "application/json") + var req struct { + SessionIDA string `json:"session_id_A" binding:"required"` + SessionIDB string `json:"session_id_B" binding:"required"` + } + + if err := c.BindJSON(&req); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"error": "invalid request"}) + return + } + + sessionA, ok := sessions.Load(req.SessionIDA) + if !ok { + c.JSON(http.StatusNotFound, gin.H{"error": "session A not found"}) + return + } + + sessionB, ok := sessions.Load(req.SessionIDB) + if !ok { + c.JSON(http.StatusNotFound, gin.H{"error": "session B not found"}) + return + } + + sessA := sessionA.(*Session) + sessB := sessionB.(*Session) + + sessA.BuddyPublicKey = memguard.NewBuffer(keyLength) + sessB.BuddyPublicKey = memguard.NewBuffer(keyLength) + + copy(sessA.BuddyPublicKey.Bytes(), sessB.PublicKey.Bytes()) + copy(sessB.BuddyPublicKey.Bytes(), sessA.PublicKey.Bytes()) + + log.Printf("Sessions paired: %s with %s", req.SessionIDA, req.SessionIDB) + c.JSON(http.StatusOK, gin.H{ + "status": "paired", + "session_id_A": req.SessionIDA, + "session_id_B": req.SessionIDB, + }) + + runtime.GC() +} + +func buddyEncrypt(c *gin.Context) { + c.Header("Content-Type", "application/json") + var req struct { + SessionID string `json:"session_id" binding:"required"` + Plaintext string `json:"plaintext" binding:"required"` + } + + if err := c.BindJSON(&req); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"error": "invalid request"}) + return + } + + session, ok := sessions.Load(req.SessionID) + if !ok { + c.JSON(http.StatusNotFound, gin.H{"error": "session not found"}) + return + } + + sess := session.(*Session) + if sess.BuddyPublicKey == nil { + c.JSON(http.StatusBadRequest, gin.H{"error": "session not paired"}) + return + } + + privateKeyArray := memguard.NewBuffer(keyLength) + buddyPubArray := memguard.NewBuffer(keyLength) + defer privateKeyArray.Destroy() + defer buddyPubArray.Destroy() + + copy(privateKeyArray.Bytes(), sess.PrivateKey.Bytes()) + copy(buddyPubArray.Bytes(), sess.BuddyPublicKey.Bytes()) + + nonceBuf := memguard.NewBuffer(nonceLength) + defer nonceBuf.Destroy() + + if _, err := rand.Read(nonceBuf.Bytes()); err != nil { + c.JSON(http.StatusInternalServerError, gin.H{"error": "nonce generation failed"}) + return + } + + var nonce [nonceLength]byte + copy(nonce[:], nonceBuf.Bytes()) + + var privateKeyArr, buddyPubArr [keyLength]byte + copy(privateKeyArr[:], privateKeyArray.Bytes()) + copy(buddyPubArr[:], buddyPubArray.Bytes()) + + plaintextBuf := memguard.NewBufferFromBytes([]byte(req.Plaintext)) + defer plaintextBuf.Destroy() + + encrypted := box.Seal(nonce[:], plaintextBuf.Bytes(), &nonce, &buddyPubArr, &privateKeyArr) + + c.JSON(http.StatusOK, gin.H{ + "encrypted_b64": base64.StdEncoding.EncodeToString(encrypted), + }) + + runtime.GC() +} + +func buddyDecrypt(c *gin.Context) { + c.Header("Content-Type", "application/json") + var req struct { + SessionID string `json:"session_id" binding:"required"` + EncryptedB64 string `json:"encrypted_b64" binding:"required"` + } + + if err := c.BindJSON(&req); err != nil { + c.JSON(http.StatusBadRequest, gin.H{"error": "invalid request"}) + return + } + + session, ok := sessions.Load(req.SessionID) + if !ok { + c.JSON(http.StatusNotFound, gin.H{"error": "session not found"}) + return + } + + sess := session.(*Session) + if sess.BuddyPublicKey == nil { + c.JSON(http.StatusBadRequest, gin.H{"error": "session not paired"}) + return + } + + encrypted, err := base64.StdEncoding.DecodeString(req.EncryptedB64) + if err != nil { + c.JSON(http.StatusBadRequest, gin.H{"error": "invalid base64 encoding"}) + return + } + + if len(encrypted) < nonceLength { + c.JSON(http.StatusBadRequest, gin.H{"error": "invalid ciphertext length"}) + return + } + + privateKeyArray := memguard.NewBuffer(keyLength) + buddyPubArray := memguard.NewBuffer(keyLength) + defer privateKeyArray.Destroy() + defer buddyPubArray.Destroy() + + copy(privateKeyArray.Bytes(), sess.PrivateKey.Bytes()) + copy(buddyPubArray.Bytes(), sess.BuddyPublicKey.Bytes()) + + var privateKeyArr, buddyPubArr [keyLength]byte + var nonce [nonceLength]byte + copy(privateKeyArr[:], privateKeyArray.Bytes()) + copy(buddyPubArr[:], buddyPubArray.Bytes()) + copy(nonce[:], encrypted[:nonceLength]) + + decrypted, ok := box.Open(nil, encrypted[nonceLength:], &nonce, &buddyPubArr, &privateKeyArr) + if !ok { + c.JSON(http.StatusBadRequest, gin.H{"error": "decryption failed"}) + return + } + + c.JSON(http.StatusOK, gin.H{"plaintext": string(decrypted)}) + runtime.GC() +} + +func randomBytes(n int) []byte { + b := make([]byte, n) + if _, err := rand.Read(b); err != nil { + panic(err) + } + return b +} + +func main() { + memguard.CatchInterrupt() + defer memguard.Purge() + + log.Printf("Starting Nofuture server with enhanced memory protection...") + + gin.SetMode(gin.ReleaseMode) + r := gin.New() + r.Use(gin.Recovery()) + + // CORS middleware only for API routes + r.Use(func(c *gin.Context) { + if strings.HasPrefix(c.Request.URL.Path, "/api/") { + c.Header("Access-Control-Allow-Origin", "*") + c.Header("Access-Control-Allow-Methods", "POST, OPTIONS") + c.Header("Access-Control-Allow-Headers", "Content-Type") + c.Header("Content-Type", "application/json") + + if c.Request.Method == "OPTIONS" { + c.AbortWithStatus(204) + return + } + } + c.Next() + }) + + // Create API group with its own middleware + api := r.Group("/api") + { + api.POST("/start_session", startSession) + api.POST("/end_session", endSession) + api.POST("/pair_sessions", pairSessions) + api.POST("/buddy_encrypt", buddyEncrypt) + api.POST("/buddy_decrypt", buddyDecrypt) + } + + // Serve static files + r.StaticFile("/", "./index.html") + r.Static("/js", "./js") + r.Static("/static", "./static") + + serverAddr := "127.0.0.1:3000" + log.Printf("Server starting on %s", serverAddr) + + if err := r.Run(serverAddr); err != nil { + log.Fatalf("Server startup failed: %v", err) + } +} |
