From b5ff9cd0a133c346dff9a9497022c3f3848c0e66 Mon Sep 17 00:00:00 2001
From: Gab <24553253+gabrix73@users.noreply.github.com>
Date: Tue, 11 Feb 2025 16:00:59 +0100
Subject: Add files via upload
This secure messaging application enables encrypted communication through mainstream messaging platforms without requiring extensions. The session-based encryption ensures your messages remain secure while active, and once ended, the encryption keys are securely wiped from memory using Memguard protection.
---
go.mod | 38 ++++
go.sum | 94 ++++++++
index.html | 723 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
keyboard.js | 135 ++++++++++++
nofuture.go | 347 +++++++++++++++++++++++++++++
5 files changed, 1337 insertions(+)
create mode 100644 go.mod
create mode 100644 go.sum
create mode 100644 index.html
create mode 100644 keyboard.js
create mode 100644 nofuture.go
diff --git a/go.mod b/go.mod
new file mode 100644
index 0000000..98148b8
--- /dev/null
+++ b/go.mod
@@ -0,0 +1,38 @@
+module nofuture
+
+go 1.23.4
+
+require (
+ github.com/awnumar/memguard v0.22.3
+ github.com/gin-gonic/gin v1.10.0
+ golang.org/x/crypto v0.33.0
+)
+
+require (
+ github.com/awnumar/memcall v0.2.0 // indirect
+ github.com/bytedance/sonic v1.11.6 // indirect
+ github.com/bytedance/sonic/loader v0.1.1 // indirect
+ github.com/cloudwego/base64x v0.1.4 // indirect
+ github.com/cloudwego/iasm v0.2.0 // indirect
+ github.com/gabriel-vasile/mimetype v1.4.3 // indirect
+ github.com/gin-contrib/sse v0.1.0 // indirect
+ github.com/go-playground/locales v0.14.1 // indirect
+ github.com/go-playground/universal-translator v0.18.1 // indirect
+ github.com/go-playground/validator/v10 v10.20.0 // indirect
+ github.com/goccy/go-json v0.10.2 // indirect
+ github.com/json-iterator/go v1.1.12 // indirect
+ github.com/klauspost/cpuid/v2 v2.2.7 // indirect
+ github.com/leodido/go-urn v1.4.0 // indirect
+ github.com/mattn/go-isatty v0.0.20 // indirect
+ github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
+ github.com/modern-go/reflect2 v1.0.2 // indirect
+ github.com/pelletier/go-toml/v2 v2.2.2 // indirect
+ github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
+ github.com/ugorji/go/codec v1.2.12 // indirect
+ golang.org/x/arch v0.8.0 // indirect
+ golang.org/x/net v0.25.0 // indirect
+ golang.org/x/sys v0.30.0 // indirect
+ golang.org/x/text v0.22.0 // indirect
+ google.golang.org/protobuf v1.34.1 // indirect
+ gopkg.in/yaml.v3 v3.0.1 // indirect
+)
diff --git a/go.sum b/go.sum
new file mode 100644
index 0000000..5cab9c9
--- /dev/null
+++ b/go.sum
@@ -0,0 +1,94 @@
+github.com/awnumar/memcall v0.2.0 h1:sRaogqExTOOkkNwO9pzJsL8jrOV29UuUW7teRMfbqtI=
+github.com/awnumar/memcall v0.2.0/go.mod h1:S911igBPR9CThzd/hYQQmTc9SWNu3ZHIlCGaWsWsoJo=
+github.com/awnumar/memguard v0.22.3 h1:b4sgUXtbUjhrGELPbuC62wU+BsPQy+8lkWed9Z+pj0Y=
+github.com/awnumar/memguard v0.22.3/go.mod h1:mmGunnffnLHlxE5rRgQc3j+uwPZ27eYb61ccr8Clz2Y=
+github.com/bytedance/sonic v1.11.6 h1:oUp34TzMlL+OY1OUWxHqsdkgC/Zfc85zGqw9siXjrc0=
+github.com/bytedance/sonic v1.11.6/go.mod h1:LysEHSvpvDySVdC2f87zGWf6CIKJcAvqab1ZaiQtds4=
+github.com/bytedance/sonic/loader v0.1.1 h1:c+e5Pt1k/cy5wMveRDyk2X4B9hF4g7an8N3zCYjJFNM=
+github.com/bytedance/sonic/loader v0.1.1/go.mod h1:ncP89zfokxS5LZrJxl5z0UJcsk4M4yY2JpfqGeCtNLU=
+github.com/cloudwego/base64x v0.1.4 h1:jwCgWpFanWmN8xoIUHa2rtzmkd5J2plF/dnLS6Xd/0Y=
+github.com/cloudwego/base64x v0.1.4/go.mod h1:0zlkT4Wn5C6NdauXdJRhSKRlJvmclQ1hhJgA0rcu/8w=
+github.com/cloudwego/iasm v0.2.0 h1:1KNIy1I1H9hNNFEEH3DVnI4UujN+1zjpuk6gwHLTssg=
+github.com/cloudwego/iasm v0.2.0/go.mod h1:8rXZaNYT2n95jn+zTI1sDr+IgcD2GVs0nlbbQPiEFhY=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/gabriel-vasile/mimetype v1.4.3 h1:in2uUcidCuFcDKtdcBxlR0rJ1+fsokWf+uqxgUFjbI0=
+github.com/gabriel-vasile/mimetype v1.4.3/go.mod h1:d8uq/6HKRL6CGdk+aubisF/M5GcPfT7nKyLpA0lbSSk=
+github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE=
+github.com/gin-contrib/sse v0.1.0/go.mod h1:RHrZQHXnP2xjPF+u1gW/2HnVO7nvIa9PG3Gm+fLHvGI=
+github.com/gin-gonic/gin v1.10.0 h1:nTuyha1TYqgedzytsKYqna+DfLos46nTv2ygFy86HFU=
+github.com/gin-gonic/gin v1.10.0/go.mod h1:4PMNQiOhvDRa013RKVbsiNwoyezlm2rm0uX/T7kzp5Y=
+github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
+github.com/go-playground/assert/v2 v2.2.0/go.mod h1:VDjEfimB/XKnb+ZQfWdccd7VUvScMdVu0Titje2rxJ4=
+github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/oXslEjJA=
+github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
+github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
+github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
+github.com/go-playground/validator/v10 v10.20.0 h1:K9ISHbSaI0lyB2eWMPJo+kOS/FBExVwjEviJTixqxL8=
+github.com/go-playground/validator/v10 v10.20.0/go.mod h1:dbuPbCMFw/DrkbEynArYaCwl3amGuJotoKCe95atGMM=
+github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
+github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
+github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
+github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
+github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
+github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
+github.com/klauspost/cpuid/v2 v2.2.7 h1:ZWSB3igEs+d0qvnxR/ZBzXVmxkgt8DdzP6m9pfuVLDM=
+github.com/klauspost/cpuid/v2 v2.2.7/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws=
+github.com/knz/go-libedit v1.10.1/go.mod h1:MZTVkCWyz0oBc7JOWP3wNAzd002ZbM/5hgShxwh4x8M=
+github.com/leodido/go-urn v1.4.0 h1:WT9HwE9SGECu3lg4d/dIA+jxlljEa1/ffXKmRjqdmIQ=
+github.com/leodido/go-urn v1.4.0/go.mod h1:bvxc+MVxLKB4z00jd1z+Dvzr47oO32F/QSNjSBOlFxI=
+github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
+github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
+github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
+github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
+github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
+github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
+github.com/pelletier/go-toml/v2 v2.2.2 h1:aYUidT7k73Pcl9nb2gScu7NSrKCSHIDE89b3+6Wq+LM=
+github.com/pelletier/go-toml/v2 v2.2.2/go.mod h1:1t835xjRzz80PqgE6HHgN2JOsmgYu/h4qDAS4n929Rs=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
+github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
+github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
+github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
+github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/twitchyliquid64/golang-asm v0.15.1 h1:SU5vSMR7hnwNxj24w34ZyCi/FmDZTkS4MhqMhdFk5YI=
+github.com/twitchyliquid64/golang-asm v0.15.1/go.mod h1:a1lVb/DtPvCB8fslRZhAngC2+aY1QWCk3Cedj/Gdt08=
+github.com/ugorji/go/codec v1.2.12 h1:9LC83zGrHhuUA9l16C9AHXAqEV/2wBQ4nkvumAE65EE=
+github.com/ugorji/go/codec v1.2.12/go.mod h1:UNopzCgEMSXjBc6AOMqYvWC1ktqTAfzJZUZgYf6w6lg=
+golang.org/x/arch v0.0.0-20210923205945-b76863e36670/go.mod h1:5om86z9Hs0C8fWVUuoMHwpExlXzs5Tkyp9hOrfG7pp8=
+golang.org/x/arch v0.8.0 h1:3wRIsP3pM4yUptoR96otTUOXI367OS0+c9eeRi9doIc=
+golang.org/x/arch v0.8.0/go.mod h1:FEVrYAQjsQXMVJ1nsMoVVXPZg6p2JE2mx8psSWTDQys=
+golang.org/x/crypto v0.33.0 h1:IOBPskki6Lysi0lo9qQvbxiQ+FvsCC/YWOecCHAixus=
+golang.org/x/crypto v0.33.0/go.mod h1:bVdXmD7IV/4GdElGPozy6U7lWdRXA4qyRVGJV57uQ5M=
+golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
+golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
+golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.30.0 h1:QjkSwP/36a20jFYWkSue1YwXzLmsV5Gfq7Eiy72C1uc=
+golang.org/x/sys v0.30.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.22.0 h1:bofq7m3/HAFvbF51jz3Q9wLg3jkvSPuiZu/pD1XwgtM=
+golang.org/x/text v0.22.0/go.mod h1:YRoo4H8PVmsu+E3Ou7cqLVH8oXWIHVoX0jqUWALQhfY=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/protobuf v1.34.1 h1:9ddQBjfCyZPOHPUiPxpYESBLc+T8P3E+Vo4IbKZgFWg=
+google.golang.org/protobuf v1.34.1/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+nullprogram.com/x/optparse v1.0.0/go.mod h1:KdyPE+Igbe0jQUrVfMqDMeJQIJZEuyV7pjYmp6pbG50=
+rsc.io/pdf v0.1.1/go.mod h1:n8OzWcQ6Sp37PL01nO98y4iUCRdTGarVfzxY20ICaU4=
diff --git a/index.html b/index.html
new file mode 100644
index 0000000..b13beb4
--- /dev/null
+++ b/index.html
@@ -0,0 +1,723 @@
+
+
+
+
+
+ Nofuture Buddy Web Interface (Memguard GO Powered)
+
+
+
+
+
+ Day
+
+
+ Nofuture Buddy Web Interface - Memguard GO Powered
+
+
+
+
+
+
+ This secure messaging application enables encrypted communication through mainstream messaging platforms without requiring extensions.
+ The session-based encryption ensures your messages remain secure while active, and once ended, the encryption keys are securely wiped from memory using Memguard protection.
+
+
+ Security Features:
+
+ Memguard memory protection ensures encryption keys and sensitive data are protected against memory dumps and cold boot attacks
+ All cryptographic operations are performed in secure memory regions
+ Session keys are automatically wiped when the session ends
+
+
+
+ Virtual Keyboard Security:
+ We strongly recommend using our built-in Virtual Keyboard to protect against:
+
+ Hardware and software keyloggers
+ Keyboard input monitoring malware
+ Screen recording spyware (keyboard layout randomly changes each time)
+
+ Right-click on keys to access secondary characters (uppercase/symbols).
+
+
+
+ Your Session ID:
+
+ Copy ID
+
+
+
+ Start Session
+ End Session
+
+
+
+ Buddy's Session ID:
+
+
+
+
+ Pair Sessions
+
+
+
+ Message:
+
+
+
+
+ Encrypt
+ Decrypt
+
+
+
+
+
+
+
+
+
+
diff --git a/keyboard.js b/keyboard.js
new file mode 100644
index 0000000..d173ddf
--- /dev/null
+++ b/keyboard.js
@@ -0,0 +1,135 @@
+/*******************************************************
+ * keyboard.js (VERSIONE SENZA encryptInBackground)
+ *
+ * - Mostra/Nasconde la tastiera virtuale
+ * - Inserisce caratteri in chiaro dentro #textInput
+ * - Nessuna logica di cifratura/offuscamento
+ ******************************************************/
+
+document.addEventListener("DOMContentLoaded", () => {
+ const showKeyboardButton = document.getElementById("showKeyboardButton");
+ const keyboardTooltip = document.getElementById("keyboardTooltip");
+ const keyboardContainer = document.getElementById("keyboardContainer");
+ const closeKeyboardButton = document.getElementById("closeKeyboardButton");
+ const virtualKeyboard = document.getElementById("virtualKeyboard");
+ const keyboardHeader = document.getElementById("keyboardHeader");
+
+ // Campo di testo dove inserire i caratteri
+ const textInput = document.getElementById("textInput");
+
+ // Layout fisso per la tastiera (nessun random, nessuna cifratura)
+ const layout = [
+ "q","w","e","r","t","y","u","i","o","p",
+ "a","s","d","f","g","h","j","k","l","_",
+ "z","x","c","v","b","n","m","0","1","2",
+ "3","4","5","6","7","8","9",".","-","@"
+ ];
+
+ /*******************************************************
+ * Tooltip su pulsante “Virtual Keyboard”
+ *******************************************************/
+ showKeyboardButton.addEventListener("mouseenter", () => {
+ keyboardTooltip.style.display = "block";
+ const btnRect = showKeyboardButton.getBoundingClientRect();
+ // Posiziona tooltip SOPRA il pulsante
+ keyboardTooltip.style.left = btnRect.left + "px";
+ keyboardTooltip.style.top = (btnRect.top - keyboardTooltip.offsetHeight - 8) + "px";
+ });
+ showKeyboardButton.addEventListener("mouseleave", () => {
+ keyboardTooltip.style.display = "none";
+ });
+
+ /*******************************************************
+ * Mostra/Nasconde #keyboardContainer
+ *******************************************************/
+ showKeyboardButton.addEventListener("click", () => {
+ keyboardContainer.style.display = "block"; // Mostra la tastiera
+ generateKeyboard(); // Crea i tasti
+ });
+
+ closeKeyboardButton.addEventListener("click", () => {
+ keyboardContainer.style.display = "none"; // Nasconde la tastiera
+ });
+
+ /*******************************************************
+ * Genera i tasti della tastiera virtuale
+ *******************************************************/
+ function generateKeyboard() {
+ virtualKeyboard.innerHTML = ""; // Pulisce il contenuto precedente
+
+ // Crea i tasti per ogni carattere del layout
+ layout.forEach(char => {
+ const keyElem = document.createElement("div");
+ keyElem.classList.add("key");
+ keyElem.textContent = char;
+ // Al click sul tasto, aggiunge il char al textInput in chiaro
+ keyElem.addEventListener("click", () => {
+ if (textInput) {
+ textInput.value += char;
+ }
+ });
+ virtualKeyboard.appendChild(keyElem);
+ });
+
+ // Aggiunge tasti speciali (Space, Backspace, Clear)
+ addSpecialKeys();
+ }
+
+ function addSpecialKeys() {
+ // [space]
+ const spaceKey = document.createElement("div");
+ spaceKey.classList.add("key");
+ spaceKey.textContent = "[space]";
+ spaceKey.addEventListener("click", () => {
+ if (textInput) {
+ textInput.value += " ";
+ }
+ });
+ virtualKeyboard.appendChild(spaceKey);
+
+ // Backspace
+ const backspaceKey = document.createElement("div");
+ backspaceKey.classList.add("key");
+ backspaceKey.textContent = "Backspace";
+ backspaceKey.addEventListener("click", () => {
+ if (textInput && textInput.value.length > 0) {
+ textInput.value = textInput.value.slice(0, -1);
+ }
+ });
+ virtualKeyboard.appendChild(backspaceKey);
+
+ // Clear
+ const clearKey = document.createElement("div");
+ clearKey.classList.add("key");
+ clearKey.textContent = "Clear";
+ clearKey.addEventListener("click", () => {
+ if (textInput) {
+ textInput.value = "";
+ }
+ });
+ virtualKeyboard.appendChild(clearKey);
+ }
+
+ /*******************************************************
+ * Drag & Drop della tastiera
+ *******************************************************/
+ let isDragging = false;
+ let offsetX = 0, offsetY = 0;
+
+ keyboardHeader.addEventListener("mousedown", (e) => {
+ isDragging = true;
+ offsetX = e.clientX - keyboardContainer.offsetLeft;
+ offsetY = e.clientY - keyboardContainer.offsetTop;
+ });
+
+ document.addEventListener("mousemove", (e) => {
+ if (isDragging) {
+ keyboardContainer.style.left = (e.clientX - offsetX) + "px";
+ keyboardContainer.style.top = (e.clientY - offsetY) + "px";
+ }
+ });
+
+ document.addEventListener("mouseup", () => {
+ isDragging = false;
+ });
+});
diff --git a/nofuture.go b/nofuture.go
new file mode 100644
index 0000000..44c02d9
--- /dev/null
+++ b/nofuture.go
@@ -0,0 +1,347 @@
+package main
+
+import (
+ "crypto/rand"
+ "encoding/base64"
+ "fmt"
+ "log"
+ "net/http"
+ "runtime"
+ "strings"
+ "sync"
+
+ "github.com/awnumar/memguard"
+ "github.com/gin-gonic/gin"
+ "golang.org/x/crypto/curve25519"
+ "golang.org/x/crypto/nacl/box"
+)
+
+type Session struct {
+ PrivateKey *memguard.LockedBuffer
+ PublicKey *memguard.LockedBuffer
+ BuddyPublicKey *memguard.LockedBuffer
+}
+
+var (
+ sessions sync.Map
+)
+
+const (
+ nonceLength = 24
+ keyLength = 32
+)
+
+func init() {
+ memguard.CatchInterrupt()
+ runtime.GC()
+}
+
+func generateKeyPair() (*memguard.LockedBuffer, *memguard.LockedBuffer, error) {
+ privateKeyBuf := memguard.NewBuffer(keyLength)
+ defer privateKeyBuf.Destroy()
+
+ if _, err := rand.Read(privateKeyBuf.Bytes()); err != nil {
+ return nil, nil, fmt.Errorf("key generation failed: %w", err)
+ }
+
+ publicKeyBuf := memguard.NewBuffer(keyLength)
+ defer publicKeyBuf.Destroy()
+
+ publicKey, err := curve25519.X25519(privateKeyBuf.Bytes(), curve25519.Basepoint)
+ if err != nil {
+ return nil, nil, fmt.Errorf("public key derivation failed: %w", err)
+ }
+
+ privateKeyLocked := memguard.NewBuffer(keyLength)
+ publicKeyLocked := memguard.NewBuffer(keyLength)
+
+ copy(privateKeyLocked.Bytes(), privateKeyBuf.Bytes())
+ copy(publicKeyLocked.Bytes(), publicKey)
+
+ return privateKeyLocked, publicKeyLocked, nil
+}
+
+func startSession(c *gin.Context) {
+ c.Header("Content-Type", "application/json")
+ log.Printf("Starting new secure session...")
+
+ privateKey, publicKey, err := generateKeyPair()
+ if err != nil {
+ log.Printf("Error generating key pair: %v", err)
+ c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
+ return
+ }
+
+ sessionIDBuf := memguard.NewBuffer(12)
+ if _, err := rand.Read(sessionIDBuf.Bytes()); err != nil {
+ log.Printf("Error generating session ID: %v", err)
+ c.JSON(http.StatusInternalServerError, gin.H{"error": "failed to generate session ID"})
+ return
+ }
+ defer sessionIDBuf.Destroy()
+
+ sessionID := base64.RawURLEncoding.EncodeToString(sessionIDBuf.Bytes())
+
+ sessions.Store(sessionID, &Session{
+ PrivateKey: privateKey,
+ PublicKey: publicKey,
+ BuddyPublicKey: nil,
+ })
+
+ log.Printf("Session created successfully: %s", sessionID)
+
+ c.JSON(http.StatusOK, gin.H{
+ "session_id": sessionID,
+ "public_key": base64.StdEncoding.EncodeToString(publicKey.Bytes()),
+ })
+
+ runtime.GC()
+}
+
+func endSession(c *gin.Context) {
+ c.Header("Content-Type", "application/json")
+ var req struct {
+ SessionID string `json:"session_id" binding:"required"`
+ }
+
+ if err := c.BindJSON(&req); err != nil {
+ c.JSON(http.StatusBadRequest, gin.H{"error": "invalid request"})
+ return
+ }
+
+ if sess, loaded := sessions.LoadAndDelete(req.SessionID); loaded {
+ session := sess.(*Session)
+ if session.PrivateKey != nil {
+ session.PrivateKey.Destroy()
+ }
+ if session.PublicKey != nil {
+ session.PublicKey.Destroy()
+ }
+ if session.BuddyPublicKey != nil {
+ session.BuddyPublicKey.Destroy()
+ }
+ }
+
+ log.Printf("Session ended and cleaned up: %s", req.SessionID)
+ c.JSON(http.StatusOK, gin.H{"status": "session_ended"})
+
+ runtime.GC()
+}
+
+func pairSessions(c *gin.Context) {
+ c.Header("Content-Type", "application/json")
+ var req struct {
+ SessionIDA string `json:"session_id_A" binding:"required"`
+ SessionIDB string `json:"session_id_B" binding:"required"`
+ }
+
+ if err := c.BindJSON(&req); err != nil {
+ c.JSON(http.StatusBadRequest, gin.H{"error": "invalid request"})
+ return
+ }
+
+ sessionA, ok := sessions.Load(req.SessionIDA)
+ if !ok {
+ c.JSON(http.StatusNotFound, gin.H{"error": "session A not found"})
+ return
+ }
+
+ sessionB, ok := sessions.Load(req.SessionIDB)
+ if !ok {
+ c.JSON(http.StatusNotFound, gin.H{"error": "session B not found"})
+ return
+ }
+
+ sessA := sessionA.(*Session)
+ sessB := sessionB.(*Session)
+
+ sessA.BuddyPublicKey = memguard.NewBuffer(keyLength)
+ sessB.BuddyPublicKey = memguard.NewBuffer(keyLength)
+
+ copy(sessA.BuddyPublicKey.Bytes(), sessB.PublicKey.Bytes())
+ copy(sessB.BuddyPublicKey.Bytes(), sessA.PublicKey.Bytes())
+
+ log.Printf("Sessions paired: %s with %s", req.SessionIDA, req.SessionIDB)
+ c.JSON(http.StatusOK, gin.H{
+ "status": "paired",
+ "session_id_A": req.SessionIDA,
+ "session_id_B": req.SessionIDB,
+ })
+
+ runtime.GC()
+}
+
+func buddyEncrypt(c *gin.Context) {
+ c.Header("Content-Type", "application/json")
+ var req struct {
+ SessionID string `json:"session_id" binding:"required"`
+ Plaintext string `json:"plaintext" binding:"required"`
+ }
+
+ if err := c.BindJSON(&req); err != nil {
+ c.JSON(http.StatusBadRequest, gin.H{"error": "invalid request"})
+ return
+ }
+
+ session, ok := sessions.Load(req.SessionID)
+ if !ok {
+ c.JSON(http.StatusNotFound, gin.H{"error": "session not found"})
+ return
+ }
+
+ sess := session.(*Session)
+ if sess.BuddyPublicKey == nil {
+ c.JSON(http.StatusBadRequest, gin.H{"error": "session not paired"})
+ return
+ }
+
+ privateKeyArray := memguard.NewBuffer(keyLength)
+ buddyPubArray := memguard.NewBuffer(keyLength)
+ defer privateKeyArray.Destroy()
+ defer buddyPubArray.Destroy()
+
+ copy(privateKeyArray.Bytes(), sess.PrivateKey.Bytes())
+ copy(buddyPubArray.Bytes(), sess.BuddyPublicKey.Bytes())
+
+ nonceBuf := memguard.NewBuffer(nonceLength)
+ defer nonceBuf.Destroy()
+
+ if _, err := rand.Read(nonceBuf.Bytes()); err != nil {
+ c.JSON(http.StatusInternalServerError, gin.H{"error": "nonce generation failed"})
+ return
+ }
+
+ var nonce [nonceLength]byte
+ copy(nonce[:], nonceBuf.Bytes())
+
+ var privateKeyArr, buddyPubArr [keyLength]byte
+ copy(privateKeyArr[:], privateKeyArray.Bytes())
+ copy(buddyPubArr[:], buddyPubArray.Bytes())
+
+ plaintextBuf := memguard.NewBufferFromBytes([]byte(req.Plaintext))
+ defer plaintextBuf.Destroy()
+
+ encrypted := box.Seal(nonce[:], plaintextBuf.Bytes(), &nonce, &buddyPubArr, &privateKeyArr)
+
+ c.JSON(http.StatusOK, gin.H{
+ "encrypted_b64": base64.StdEncoding.EncodeToString(encrypted),
+ })
+
+ runtime.GC()
+}
+
+func buddyDecrypt(c *gin.Context) {
+ c.Header("Content-Type", "application/json")
+ var req struct {
+ SessionID string `json:"session_id" binding:"required"`
+ EncryptedB64 string `json:"encrypted_b64" binding:"required"`
+ }
+
+ if err := c.BindJSON(&req); err != nil {
+ c.JSON(http.StatusBadRequest, gin.H{"error": "invalid request"})
+ return
+ }
+
+ session, ok := sessions.Load(req.SessionID)
+ if !ok {
+ c.JSON(http.StatusNotFound, gin.H{"error": "session not found"})
+ return
+ }
+
+ sess := session.(*Session)
+ if sess.BuddyPublicKey == nil {
+ c.JSON(http.StatusBadRequest, gin.H{"error": "session not paired"})
+ return
+ }
+
+ encrypted, err := base64.StdEncoding.DecodeString(req.EncryptedB64)
+ if err != nil {
+ c.JSON(http.StatusBadRequest, gin.H{"error": "invalid base64 encoding"})
+ return
+ }
+
+ if len(encrypted) < nonceLength {
+ c.JSON(http.StatusBadRequest, gin.H{"error": "invalid ciphertext length"})
+ return
+ }
+
+ privateKeyArray := memguard.NewBuffer(keyLength)
+ buddyPubArray := memguard.NewBuffer(keyLength)
+ defer privateKeyArray.Destroy()
+ defer buddyPubArray.Destroy()
+
+ copy(privateKeyArray.Bytes(), sess.PrivateKey.Bytes())
+ copy(buddyPubArray.Bytes(), sess.BuddyPublicKey.Bytes())
+
+ var privateKeyArr, buddyPubArr [keyLength]byte
+ var nonce [nonceLength]byte
+ copy(privateKeyArr[:], privateKeyArray.Bytes())
+ copy(buddyPubArr[:], buddyPubArray.Bytes())
+ copy(nonce[:], encrypted[:nonceLength])
+
+ decrypted, ok := box.Open(nil, encrypted[nonceLength:], &nonce, &buddyPubArr, &privateKeyArr)
+ if !ok {
+ c.JSON(http.StatusBadRequest, gin.H{"error": "decryption failed"})
+ return
+ }
+
+ c.JSON(http.StatusOK, gin.H{"plaintext": string(decrypted)})
+ runtime.GC()
+}
+
+func randomBytes(n int) []byte {
+ b := make([]byte, n)
+ if _, err := rand.Read(b); err != nil {
+ panic(err)
+ }
+ return b
+}
+
+func main() {
+ memguard.CatchInterrupt()
+ defer memguard.Purge()
+
+ log.Printf("Starting Nofuture server with enhanced memory protection...")
+
+ gin.SetMode(gin.ReleaseMode)
+ r := gin.New()
+ r.Use(gin.Recovery())
+
+ // CORS middleware only for API routes
+ r.Use(func(c *gin.Context) {
+ if strings.HasPrefix(c.Request.URL.Path, "/api/") {
+ c.Header("Access-Control-Allow-Origin", "*")
+ c.Header("Access-Control-Allow-Methods", "POST, OPTIONS")
+ c.Header("Access-Control-Allow-Headers", "Content-Type")
+ c.Header("Content-Type", "application/json")
+
+ if c.Request.Method == "OPTIONS" {
+ c.AbortWithStatus(204)
+ return
+ }
+ }
+ c.Next()
+ })
+
+ // Create API group with its own middleware
+ api := r.Group("/api")
+ {
+ api.POST("/start_session", startSession)
+ api.POST("/end_session", endSession)
+ api.POST("/pair_sessions", pairSessions)
+ api.POST("/buddy_encrypt", buddyEncrypt)
+ api.POST("/buddy_decrypt", buddyDecrypt)
+ }
+
+ // Serve static files
+ r.StaticFile("/", "./index.html")
+ r.Static("/js", "./js")
+ r.Static("/static", "./static")
+
+ serverAddr := "127.0.0.1:3000"
+ log.Printf("Server starting on %s", serverAddr)
+
+ if err := r.Run(serverAddr); err != nil {
+ log.Fatalf("Server startup failed: %v", err)
+ }
+}
--
cgit v1.2.3