nathanmcrae/numbers-station
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Compare commits

base: nathanmcrae:ca502fd4112e0e69bc8d65644377b032c5b1b4a6
Branches Tags
nathanmcrae:master
nathanmcrae:2025-07-05
..
compare: nathanmcrae:master
Branches Tags
nathanmcrae:master
nathanmcrae:2025-07-05

3 Commits
ca502fd411 ... master

Author SHA1 Message Date
Nathan McRae
a5fd5444da Fix a typo 2025-07-07 19:22:10 +00:00
Nathan Christopher McRae
b4df31a31a Add linux packaging instructions 2025-07-06 20:47:47 -07:00
Nathan McRae
4881a135f2 Update readme 2025-07-06 16:02:41 -07:00
1 changed files with 139 additions and 144 deletions
Expand all files Collapse all files

283
readme.txt → readme.md
View File

@ -1,144 +1,139 @@
For sending secret messages and dummy messages regularly. It is meant to be used in conjunction with one-time pads. One-time pads provide perfect security for the message itself (if they are handled properly), but adversaries can still tell that messages are being sent, and when they are being sent. To avoid this, dummy messages are uploaded to a website on a regular basis. The messages can also be hidden using steganography. For sending secret messages and dummy messages regularly. It is meant to be used in conjunction with one-time pads. One-time pads provide perfect security for the message itself (if they are handled properly), but adversaries can still tell that messages are being sent, and when they are being sent. To avoid this, dummy messages are uploaded to a website on a regular basis.
This application should not be considered secure, and no sensitive information should be entered into it. This application should not be considered secure, and no sensitive information should be entered into it.
Baseline is that the number station will generate a dummy random message, optionally obscure it via steganography, then upload it to an (s)ftp/scp server. # Building
The random message generation actually happens last, so that, next time it is run, the existing message will be uploaded. This way a real message can be generated in the meantime and the next upload time the real message will be uploaded. Because the real message looks random to anyone without the corresponding one-time pad, it cannot be distinguished from the dummy messages. Building requires JDK 23.0.1 and javafx SDK 23.0.1, and Maven (I used version 3.9.9)
# Number Station Listener The JAVA_HOME environment variable must be set to the JDK installation directory e.g. `C:\Program Files\Java\jdk-23.0.1\bin\java.exe`. `$JAVA_HOME/bin` must be included in you PATH variable. PATH_TO_FX must be set to the JavaFX lib directory e.g. `$HOME/openjfx-23.0.1_windows-x64_bin-sdk/javafx-sdk-23.0.1/lib`.
This application periodically checks a site for numbers and stores them so the user can check whether the message matches any pads. To build, run `mvn package`, the output .jar should be in ./target
# Notes To run without installing: `java -jar target/numbersstation-1.0-SNAPSHOT-shaded.jar`
Should have sane defaults, but be built to be part of a more extensible system. Should be able to run other commands for message generation / upload. # Packaging
Need to be able to support multiple profiles for each. Packaging is done via jpackage, which is included with the JDK version used to build.
## Tech jpackage seems to pull in the entire working directory unnecessarily. To avoid bloat, packaging should be done in a clean subdirectory.
- Installers: JPackage ## Windows
- Notifications: https://github.com/sshtools/two-slices/blob/master/README.md
- Post to wordpress: https://github.com/ashri/java-wordpress-api/tree/master ``` sh
> mkdir packaging
## Security considerations > cp target/numbersstation-1.0-SNAPSHOT-shaded.jar packaging
> cd packaging
If someone were to take any part of the number station (this software, the server, or intercepting on the way to the recipient), then they could make sure no messages get through (though they couldn't spoof messages without access to the one-time pads). > jpackage --input . --name "Numbers Station" --main-jar numbersstation-1.0-SNAPSHOT-shaded.jar --main-class name.nathanmcrae.numbersstation.MainRun --type exe --win-menu --win-per-user-install --win-shortcut --win-shortcut-prompt --win-upgrade-uuid 956c711b-01f1-46a2-9355-4a6b63ec1ec9 --icon "../icon.ico" --description "Tool to periodically upload encrypted messages to a website/blog"
```
This weakness is true of nearly all communication methods though. The only way to be certain a message was received is to receive an acknowledgement back.
## Linux
# Settings/State Format
``` sh
$XDG_CONFIG_HOME/numbers-station/main-settings.xml > mkdir packaging
$XDG_CONFIG_HOME/numbers-station/listener-settings.xml > cp target/numbersstation-1.0-SNAPSHOT.jar packaging
$XDG_STATE_HOME/numbers-station/main.log > cd packaging
$XDG_STATE_HOME/numbers-station/listener.log > jpackage --input . --name numbers-station --main-jar numbersstation-1.0-SNAPSHOT.jar --main-class name.nathanmcrae.numbersstation.MainRun --type deb --icon ../icon.ico --description "Tool to periodically upload encrypted messages to a website/blog"
$XDG_STATE_HOME/numbers-station/<station-id>-main/next-message.txt ```
$XDG_STATE_HOME/numbers-station/<station-id>-main/20250114T091633.txt
$XDG_STATE_HOME/numbers-station/<station-id>-listener/20250114T091735.txt # TODO
$XDG_STATE_HOME/numbers-station/<station-id>-listener/20250114T091748-read.txt
- [ ] Undo/Redo in message editing
XDG dirs: - [ ] Disable/commandeer right-click menu items for message text (otherwise you can wreck the formatting).
https://superuser.com/a/1767882 - [ ] Make sure numpad works in message editing
And in prefix editing
On Windows: - [x] Catch and log all exceptions
https://stackoverflow.com/questions/43853548/xdg-basedir-directories-for-windows - [ ] Add a check that the way we set up the scheduler to run the application will actually work. (need a flag argument that will output something particular we can look for).
- [x] Be able to narrow message area so that columns can match whatever message format you're using (minimum window width would keep you from doing that).
Library to use: - [x] When station is removed/renamed, need to also remove/rename the scheduled task and the corresponding state directory.
https://github.com/dirs-dev/directories-jvm - [x] Check for duplicate station names when creating or renaming
- [ ] Test task scheduler task creation for a windows user not on a domain (author needs to include domain when on domain e.g. EI\nathanm)
# TODO - [x] Station names with quotes shouldn't be allowed (or we'll need to do escaping for the launch command)
- [ ] Need to be able to handle case where application is open and the scheduled task runs. There's at least contention for the log file (maybe? doesn't seem to mind if multiple instances of the application are running)
- [ ] Undo/Redo in message editing - [ ] In all controllers, error handling should be 1. log error 2. Pop up dialog to warn user
- [ ] Disable/commandeer right-click menu items for message text (otherwise you can wreck the formatting). - [x] Settings external schedule management should remove the scheduled task
- [ ] Make sure numpad works in message editing - [ ] Add tests for generateMessage()
And in prefix editing - [x] Load message from next-message
- [x] Catch and log all exceptions - [x] When making changes to the message, show the changes as unsaved until saved.
- [ ] Add a check that the way we set up the scheduler to run the application will actually work. (need a flag argument that will output something particular we can look for). - [x] Ensure all GUI elements have accessibility text
- [x] Be able to narrow message area so that columns can match whatever message format you're using (minimum window width would keep you from doing that). - [x] Embed versioning info
- [x] When station is removed/renamed, need to also remove/rename the scheduled task and the corresponding state directory. - [ ] Factor out scheduling into a wrapper class that handles all the os-specific stuff internally.
- [x] Check for duplicate station names when creating or renaming - [ ] If a station name is run which doesn't exist in settings, but has associated files, then prompt the user to delete the files.
- [ ] Test task scheduler task creation for a windows user not on a domain (author needs to include domain when on domain e.g. EI\nathanm) - [ ] Fix behavior when settings file is empty
- [x] Station names with quotes shouldn't be allowed (or we'll need to do escaping for the launch command) - [x] Store schedule time with time zone
- [ ] Need to be able to handle case where application is open and the scheduled task runs. There's at least contention for the log file (maybe? doesn't seem to mind if multiple instances of the application are running) - [ ] Add tests for StationSettings.nextSendTime()
- [ ] In all controllers, error handling should be 1. log error 2. Pop up dialog to warn user - [ ] When changing number of digits for a station, we may want to regenerate a new message of the specified length. We'll need to prompt the user to overwrite the existing message (in case it's a real message).
- [x] Settings external schedule management should remove the scheduled task - [ ] Add a button to post message manually (With dialog warning)
- [ ] Add tests for generateMessage() - Add description in help quickstart for how to use this
- [x] Load message from next-message - [ ] 'Next message will be sent' should reflect when external schedule management is turned on
- [x] When making changes to the message, show the changes as unsaved until saved. - [x] Have a way to show executable location (since you need to know that to manage schedule externally)
- [ ] Ensure all GUI elements have accessibility text - [ ] When launching help, re-navigate to help page
- [ ] Embed versioning info - [x] When can't load settings, give option to re-initialize (with confirmation)
- [ ] Factor out scheduling into a wrapper class that handles all the os-specific stuff internally.
- [ ] If a station name is run which doesn't exist in settings, but has associated files, then prompt the user to delete the files. # Devlog
- [ ] Fix behavior when settings file is empty
- [ ] Store schedule time with time zone # 2025-01-27 JAR packaging
- [ ] Add tests for StationSettings.nextSendTime()
```
Note on jars and javafx: https://stackoverflow.com/a/23121897 $modulePath = "$Env:PATH_TO_FX;P:\personal_root\projects\number-station\lib"
$modules = $(
# 2025-01-27 JAR packaging "com.fasterxml.jackson.annotation",
"com.fasterxml.jackson.core",
``` "com.fasterxml.jackson.dataformat.xml",
$modulePath = "$Env:PATH_TO_FX;P:\personal_root\projects\number-station\lib" "com.fasterxml.jackson.datatype.jsr310",
$modules = $( "result",
"com.fasterxml.jackson.annotation", "javafx.controls",
"com.fasterxml.jackson.core", "javafx.fxml",
"com.fasterxml.jackson.dataformat.xml", "org.apache.commons.cli"
"com.fasterxml.jackson.datatype.jsr310", )
"result", $addModules = $modules -join ","
"javafx.controls", java/>jar --create --file numbers-station.jar --manifest .\manifest.txt -C out .
"javafx.fxml", java/>java --module-path $modulePath --add-modules $addModules -jar .\numbers-station.jar
"org.apache.commons.cli" ```
)
$addModules = $modules -join "," TODO: package lib jars with this jar
java/>jar --create --file numbers-station.jar --manifest .\manifest.txt -C out .
java/>java --module-path $modulePath --add-modules $addModules -jar .\numbers-station.jar also:
```
```
TODO: package lib jars with this jar jpackage --input . --name numbers-station --main-jar .\numbers-station.jar --main-class name.nathanmcrae.numbersstation.Main --module-path "$Env:PATH_TO_FX;P:\personal_root\projects\number-station\lib" --add-modules javafx.controls,javafx.fxml,com.fasterxml.jackson.annotation,com.fasterxml.jackson.core,com.fasterxml.jackson.dataformat.xml,com.fasterxml.jackson.datatype.jsr310 --type exe
```
also:
# 2025-02-16
```
jpackage --input . --name numbers-station --main-jar .\numbers-station.jar --main-class name.nathanmcrae.numbersstation.Main --module-path "$Env:PATH_TO_FX;P:\personal_root\projects\number-station\lib" --add-modules javafx.controls,javafx.fxml,com.fasterxml.jackson.annotation,com.fasterxml.jackson.core,com.fasterxml.jackson.dataformat.xml,com.fasterxml.jackson.datatype.jsr310 --type exe Tried to compile a jfx hello world using the openjdk and openjfx packaged in guix, but ran into issues. It looks like more up-to-date versions of openjfx are not available guix.
```
Might be the next best step is to depend on a binary release of openjfx and see if I can compile on linux like that. Could even have a custom guix package which depends on the openjfx binary release if needed.
# 2025-02-16
# 2025-03-03
Tried to compile a jfx hello world using the openjdk and openjfx packaged in guix, but ran into issues. It looks like more up-to-date versions of openjfx are not available guix.
Tried some more packaging, but was getting a lot of "Error: automatic module cannot be used with jlink" issues. Not sure if I just wasn't getting those before or what, but the jpackage command above doesn't work now.
Might be the next best step is to depend on a binary release of openjfx and see if I can compile on linux like that. Could even have a custom guix package which depends on the openjfx binary release if needed.
The issue seems to be with having non-modular dependencies. This page has some notes at the bottom about packaging non-modular applications: https://openjfx.io/openjfx-docs/#modular
# 2025-03-03
# 2025-03-09
Tried some more packaging, but was getting a lot of "Error: automatic module cannot be used with jlink" issues. Not sure if I just wasn't getting those before or what, but the jpackage command above doesn't work now.
mvn org.apache.maven.plugins:maven-install-plugin:2.5.2:install-file -Dfile=lib/wordpress-xmlrpc-client-1.1-SNAPSHOT.jar -DgroupId=com.tearsofaunicorn.wordpress -DartifactId=wordpress-xmlrpc-client -Dversion=1.1 -Dpackaging=jar -DlocalRepositoryPath=mvn-repo
The issue seems to be with having non-modular dependencies. This page has some notes at the bottom about packaging non-modular applications: https://openjfx.io/openjfx-docs/#modular
mvn org.apache.maven.plugins:maven-install-plugin:2.5.2:install-file -Dfile=lib/xmlrpc-client-3.1.3.jar -DgroupId=wordpress -DartifactId=xmlrpc-client -Dversion=3.1.3 -Dpackaging=jar -DlocalRepositoryPath=mvn-repo
# 2025-03-09
# 2025-03-17
mvn org.apache.maven.plugins:maven-install-plugin:2.5.2:install-file -Dfile=lib/wordpress-xmlrpc-client-1.1-SNAPSHOT.jar -DgroupId=com.tearsofaunicorn.wordpress -DartifactId=wordpress-xmlrpc-client -Dversion=1.1 -Dpackaging=jar -DlocalRepositoryPath=mvn-repo
Appears to work. Launch is extremely slow
mvn org.apache.maven.plugins:maven-install-plugin:2.5.2:install-file -Dfile=lib/xmlrpc-client-3.1.3.jar -DgroupId=wordpress -DartifactId=xmlrpc-client -Dversion=3.1.3 -Dpackaging=jar -DlocalRepositoryPath=mvn-repo
jpackage --input . --name numbers-station --main-jar .\target\numbersstation-1.0-SNAPSHOT.jar --main-class name.nathanmcrae.numbersstation.MainRun --type app-image --dest $HOME/temp/20250316T153044
# 2025-03-17
Failed to generate msi this time :(
Appears to work. Launch is extremely slow
numbers-station/>jpackage --input . --name numbers-station --main-jar .\target\numbersstation-1.0-SNAPSHOT.jar --main-class name.nathanmcrae.numbersstation.MainRun --type exe --dest $HOME/temp/20250317T200941
jpackage --input . --name numbers-station --main-jar .\target\numbersstation-1.0-SNAPSHOT.jar --main-class name.nathanmcrae.numbersstation.MainRun --type app-image --dest $HOME/temp/20250316T153044 java.io.IOException: Command [C:\Program Files (x86)\WiX Toolset v3.11\bin\candle.exe, -nologo, C:\Users\nathanm\AppData\Local\Temp\jdk.jpackage911481192111528806\config\bundle.wxf, -ext, WixUtilExtension, -arch, x64, -out, C:\Users\nathanm\AppData\Local\Temp\jdk.jpackage911481192111528806\wixobj\bundle.wixobj] in C:\Users\nathanm\AppData\Local\Temp\jdk.jpackage911481192111528806\images\win-msi.image\numbers-station exited with 1 code
Failed to generate msi this time :( # 2025-03-22
numbers-station/>jpackage --input . --name numbers-station --main-jar .\target\numbersstation-1.0-SNAPSHOT.jar --main-class name.nathanmcrae.numbersstation.MainRun --type exe --dest $HOME/temp/20250317T200941 Did a clean clone and build and it worked.
java.io.IOException: Command [C:\Program Files (x86)\WiX Toolset v3.11\bin\candle.exe, -nologo, C:\Users\nathanm\AppData\Local\Temp\jdk.jpackage911481192111528806\config\bundle.wxf, -ext, WixUtilExtension, -arch, x64, -out, C:\Users\nathanm\AppData\Local\Temp\jdk.jpackage911481192111528806\wixobj\bundle.wixobj] in C:\Users\nathanm\AppData\Local\Temp\jdk.jpackage911481192111528806\images\win-msi.image\numbers-station exited with 1 code
jpackage --input . --name "Numbers Station" --main-jar .\target\numbersstation-1.0-SNAPSHOT.jar --main-class name.nathanmcrae.numbersstation.MainRun --type exe --win-menu --win-per-user-install --win-shortcut --win-shortcut-prompt --win-upgrade-uuid 956c711b-01f1-46a2-9355-4a6b63ec1ec9 --icon "P:\personal_root\projects\numbers-station\icon.ico" --description "Tool to periodically upload encrypted messages to a website/blog"
# 2025-03-22
---
Did a clean clone and build and it worked.
2025-03-22T20:50:38.212-07:00 INFO name.nathanmcrae.numbersstation.Main main Executable Path: C:\Users\nathanm\AppData\Local\numbers-station\numbers-station.exe
jpackage --input . --name numbers-station --main-jar .\target\numbersstation-1.0-SNAPSHOT.jar --main-class name.nathanmcrae.numbersstation.MainRun --type exe --win-menu --win-per-user-install --win-shortcut --win-shortcut-prompt --win-upgrade-uuid 956c711b-01f1-46a2-9355-4a6b63ec1ec9 --icon "P:\personal_root\projects\numbers-station\icon.ico" --description "Tool to periodically upload encrypted messages to a website/blog"
---
2025-03-22T20:50:38.212-07:00 INFO name.nathanmcrae.numbersstation.Main main Executable Path: C:\Users\nathanm\AppData\Local\numbers-station\numbers-station.exe