func main() { options.Parse() if *options.String["config"] != "" && !*options.Bool["init"] { err := options.Load(*options.String["config"]) options.FailIf(err, "Can't load configuration") } fmt.Println("Cloudproxy HTTPS Server") if tao.Parent() == nil { options.Fail(nil, "can't continue: no host Tao available") } self, err := tao.Parent().GetTaoName() options.FailIf(err, "Can't get Tao name") // TODO(kwalsh) extend tao name with operating mode and policy addr := net.JoinHostPort(*options.String["host"], *options.String["port"]) cpath := *options.String["config"] kdir := *options.String["keys"] if kdir == "" && cpath != "" { kdir = path.Dir(cpath) } else if kdir == "" { options.Fail(nil, "Option -keys or -config is required") } docs := *options.String["docs"] if docs == "" && cpath != "" { docs = path.Join(path.Dir(cpath), "docs") } else if docs == "" { options.Fail(nil, "Option -keys or -config is required") } var keys *tao.Keys if *options.Bool["init"] { keys = taoca.GenerateKeys(name, addr, kdir) } else { keys = taoca.LoadKeys(kdir) } fmt.Printf("Configuration file: %s\n", cpath) if *options.Bool["init"] && cpath != "" { err := options.Save(cpath, "HTTPS server configuration", "persistent") options.FailIf(err, "Can't save configuration") } http.Handle("/cert/", https.CertificateHandler{keys.CertificatePool}) http.Handle("/prin/", https.ManifestHandler{"/prin/", self.String()}) http.Handle("/", http.FileServer(https.LoggingFilesystem{http.Dir(docs)})) fmt.Printf("Listening at %s using HTTPS\n", addr) err = tao.ListenAndServeTLS(addr, keys) options.FailIf(err, "can't listen and serve") fmt.Println("Server Done") }
func InitializeSealedSymmetricKeys(filePath string, t tao.Tao, keysize int) ( []byte, error) { // Make up symmetric key and save sealed version. log.Printf("InitializeSealedSymmetricKeys\n") unsealed, err := tao.Parent().GetRandomBytes(keysize) if err != nil { return nil, errors.New("Can't get random bytes") } sealed, err := tao.Parent().Seal(unsealed, tao.SealPolicyDefault) if err != nil { return nil, errors.New("Can't seal random bytes") } ioutil.WriteFile(path.Join(filePath, "sealedsymmetricKey"), sealed, os.ModePerm) return unsealed, nil }
func doClient(domain *tao.Domain) { network := "tcp" keys, err := tao.NewTemporaryTaoDelegatedKeys(tao.Signing, nil, tao.Parent()) options.FailIf(err, "client: couldn't generate temporary Tao keys") g := domain.Guard if *ca != "" { na, err := tao.RequestTruncatedAttestation(network, *ca, keys, domain.Keys.VerifyingKey) options.FailIf(err, "client: couldn't get a truncated attestation from %s: %s\n", *ca) keys.Delegation = na // If we're using a CA, then use a custom guard that accepts only // programs that have talked to the CA. g, err = newTempCAGuard(domain.Keys.VerifyingKey) options.FailIf(err, "client: couldn't set up a new guard") } pingGood := 0 pingFail := 0 for i := 0; i < *pingCount || *pingCount < 0; i++ { // negative means forever if doRequest(g, domain, keys) { pingGood++ } else { pingFail++ } fmt.Printf("client: made %d connections, finished %d ok, %d bad pings\n", i+1, pingGood, pingFail) } }
// Obtain a signing private key (usually a Program Key) from a sealed blob. func SigningKeyFromBlob(t tao.Tao, sealedKeyBlob []byte, programCert []byte) (*tao.Keys, error) { // Recover public key from blob k := &tao.Keys{} cert, err := x509.ParseCertificate(programCert) if err != nil { return nil, err } /* k.Delegation = new(tao.Attestation) err = proto.Unmarshal(delegateBlob, k.Delegation) if err != nil { return nil, err } */ signingKeyBlob, policy, err := tao.Parent().Unseal(sealedKeyBlob) if err != nil { return nil, err } if policy != tao.SealPolicyDefault { return nil, err } k.SigningKey, err = tao.UnmarshalSignerDER(signingKeyBlob) k.Cert = cert k.Cert.Raw = programCert return k, err }
func main() { flag.Parse() timeout, err := time.ParseDuration(*timeoutDuration) if err != nil { glog.Fatalf("router: failed to parse timeout duration: %s", err) } hp, err := mixnet.NewRouterContext(*configPath, *routerNetwork, *routerAddr, *batchSize, timeout, &x509Identity, tao.Parent()) if err != nil { glog.Fatalf("failed to configure router: %s", err) } sigs := make(chan os.Signal, 1) signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM, syscall.SIGKILL) go func() { sig := <-sigs hp.Close() glog.Infof("router: closing on signal: %s", sig) signo := int(sig.(syscall.Signal)) os.Exit(0x80 + signo) }() if err := serveMixnetProxies(hp); err != nil { glog.Errorf("router: error while serving: %s", err) } glog.Flush() }
func main() { flag.Parse() // Check to see if we are running in Docker mode with linked containers. // If so, then there will be an environment variable SERVER_PORT that // will contain a value of the form tcp://<ip>:<port> serverEnvVar := os.Getenv("SERVER_PORT") if serverEnvVar == "" { serverAddr = net.JoinHostPort(*serverHost, *serverPort) } else { serverAddr = strings.TrimPrefix(serverEnvVar, "tcp://") if serverAddr == serverEnvVar { options.Usage("client: invalid SERVER_PORT environment variable value '%s'\n", serverEnvVar) } } switch *demoAuth { case "tcp", "tls", "tao": default: options.Usage("unrecognized authentication mode: %s\n", *demoAuth) } fmt.Println("Go Tao Demo Client") if tao.Parent() == nil { options.Fail(nil, "can't continue: No host Tao available") } domain, err := tao.LoadDomain(configPath(), nil) options.FailIf(err, "error: couldn't load the tao domain from %s\n", configPath()) doClient(domain) fmt.Println("Client Done") }
// Connect opens a connection to the server, if not already connected. If keys // are provided, they will be used to connect. Otherwise, if running under a // Tao, new Tao-delegated keys will be created to authenticate to the rendezvous // server. func (s *Server) Connect(keys *tao.Keys) error { if s.conn != nil { return nil } var err error if keys == nil && tao.Parent() != nil { keys, err = tao.NewTemporaryTaoDelegatedKeys(tao.Signing, nil, tao.Parent()) if err != nil { return err } } addr := net.JoinHostPort(s.Host, s.Port) conn, err := tao.Dial("tcp", addr, nil /* guard */, nil /* verifier */, keys, nil) if err != nil { return err } s.conn = conn return nil }
// LoadKeys loads and https key and cert from a directory. This is meant to be // called from user-facing apps. func LoadKeys(kdir string) *tao.Keys { // TODO(kwalsh) merge x509 load/save code into keys.go keys, err := tao.LoadOnDiskTaoSealedKeys(tao.Signing, tao.Parent(), kdir, tao.SealPolicyDefault) options.FailIf(err, "can't load tao-sealed HTTPS/TLS keys") chain := keys.CertChain("default") verbose.Printf("Using existing certfificate chain of length %d:\n", len(chain)) for i, cert := range chain { verbose.Printf(" Cert[%d] Subject: %s\n", i, x509txt.RDNString(cert.Subject)) } return keys }
func main() { options.Parse() if *options.String["config"] != "" && !*options.Bool["init"] { err := options.Load(*options.String["config"]) options.FailIf(err, "Can't load configuration") } fmt.Println("Cloudproxy HTTPS Netlog Viewer") if tao.Parent() == nil { options.Fail(nil, "can't continue: no host Tao available") } // TODO(kwalsh) extend tao name with operating mode and policy addr := net.JoinHostPort(*options.String["host"], *options.String["port"]) cpath := *options.String["config"] kdir := *options.String["keys"] if kdir == "" && cpath != "" { kdir = path.Dir(cpath) } else if kdir == "" { options.Fail(nil, "Option -keys or -config is required") } var keys *tao.Keys if *options.Bool["init"] { keys = taoca.GenerateKeys(name, addr, kdir) } else { keys = taoca.LoadKeys(kdir) } fmt.Printf("Configuration file: %s\n", cpath) if *options.Bool["init"] && cpath != "" { err := options.Save(cpath, "Cloudproxy HTTPS netlog viewer configuration", "persistent") options.FailIf(err, "Can't save configuration") } http.Handle("/cert/", https.CertificateHandler{keys.CertificatePool}) http.Handle("/index.html", http.RedirectHandler("/", 301)) http.HandleFunc("/", netlog_show) fmt.Printf("Listening at %s using HTTPS\n", addr) err := tao.ListenAndServeTLS(addr, keys) options.FailIf(err, "can't listen and serve") fmt.Println("Server Done") }
func main() { options.Parse() fmt.Println("Cloudproxy Networked Logging Service") if tao.Parent() == nil { options.Fail(nil, "can't continue: No host Tao available") } addr := *options.String["addr"] // TODO(kwalsh) perhaps extend our tao name with current config options err := tao.NewOpenServer(tao.ConnHandlerFunc(doResponse)).ListenAndServe(addr) options.FailIf(err, "netlog: server died") }
// Connect establishes a connection to a netlog server, if necessary. This will // be called automatically by Log() and Entries(). func (srv *Server) Connect() error { if srv.Conn != nil { return nil } keys, err := tao.NewTemporaryTaoDelegatedKeys(tao.Signing, nil, tao.Parent()) if err != nil { return err } conn, err := tao.Dial("tcp", srv.Addr, srv.Guard, srv.DomainKey, keys, nil) if err != nil { return err } srv.Conn = conn return nil }
func main() { verbose.Set(true) options.Parse() if *options.String["config"] != "" && !*options.Bool["init"] { err := options.Load(*options.String["config"]) options.FailIf(err, "Can't load configuration") } if *options.Bool["init"] { cpath := *options.String["config"] if cpath == "" { options.Fail(nil, "Option -init requires option -config") } fmt.Println("Initializing configuration file: " + cpath) err := options.Save(cpath, "Tao rendezvous configuration", "persistent") options.FailIf(err, "Can't save configuration") } fmt.Println("Cloudproxy Rendezvous Service") if tao.Parent() == nil { options.Fail(nil, "can't continue: no host Tao available") } allowAnon = *options.Bool["anon"] manualMode = *options.Bool["manual"] fcfsMode = *options.Bool["fcfs"] addr := *options.String["addr"] netlog.Log("rendezvous: init") netlog.Log("rendezvous: allow anon? %v", allowAnon) netlog.Log("rendezvous: manual? %v", manualMode) netlog.Log("rendezvous: fcfs? %v", fcfsMode) netlog.Log("rendezvous: addr = %v", addr) // TODO(kwalsh) extend tao name with operating mode and policy err := tao.NewOpenServer(tao.ConnHandlerFunc(doResponses)).ListenAndServe(addr) options.FailIf(err, "server died") netlog.Log("rendezvous: done") }
func main() { flag.Parse() serverAddr = net.JoinHostPort(*serverHost, *serverPort) switch *demoAuth { case "tcp", "tls", "tao": default: options.Usage("unrecognized authentication mode: %s\n", *demoAuth) return } fmt.Println("Go Tao Demo Server") if tao.Parent() == nil { options.Fail(nil, "can't continue: No host Tao available") } doServer() fmt.Println("Server Done") }
// GenerateKeys initializes a new tls key, confirms certificate details with the // user, obtains a signed certificate from the default ca, and stores the // resulting keys and certificates in kdir. This is meant to be called from // user-facing apps. func GenerateKeys(name *pkix.Name, addr, kdir string) *tao.Keys { host, _, err := net.SplitHostPort(addr) options.FailIf(err, "bad address: %s", addr) name.CommonName = host if ConfirmNames { fmt.Printf(""+ "Initializing fresh HTTP/TLS server key. Provide the following information,\n"+ "to be include in a CA-signed x509 certificate. Leave the response blank to\n"+ "accept the default value.\n\n"+ "The key and certificates will be stored in:\n %s\n\n", kdir) name = ConfirmName(name) } keys, err := tao.InitOnDiskTaoSealedKeys(tao.Signing, name, tao.Parent(), kdir, tao.SealPolicyDefault) options.FailIf(err, "can't create tao-sealed HTTPS/TLS keys") csr := NewCertificateSigningRequest(keys.VerifyingKey, name) SubmitAndInstall(keys, csr) return keys }
func doClient(domain *tao.Domain) { network := "tcp" keys, err := tao.NewTemporaryTaoDelegatedKeys(tao.Signing, tao.Parent()) options.FailIf(err, "client: couldn't generate temporary Tao keys") // TODO(tmroeder): fix the name cert, err := keys.SigningKey.CreateSelfSignedX509(&pkix.Name{ Organization: []string{"Google Tao Demo"}}) options.FailIf(err, "client: couldn't create a self-signed X.509 cert") // TODO(kwalsh) keys should save cert on disk if keys are on disk keys.Cert = cert g := domain.Guard if *ca != "" { na, err := tao.RequestTruncatedAttestation(network, *ca, keys, domain.Keys.VerifyingKey) options.FailIf(err, "client: couldn't get a truncated attestation from %s: %s\n", *ca) keys.Delegation = na // If we're using a CA, then use a custom guard that accepts only // programs that have talked to the CA. g, err = newTempCAGuard(domain.Keys.VerifyingKey) options.FailIf(err, "client: couldn't set up a new guard") } pingGood := 0 pingFail := 0 for i := 0; i < *pingCount || *pingCount < 0; i++ { // negative means forever if doRequest(g, domain, keys) { pingGood++ } else { pingFail++ } fmt.Printf("client: made %d connections, finished %d ok, %d bad pings\n", i+1, pingGood, pingFail) } }
func main() { verbose.Set(true) options.Parse() profiling.ProfilePath = *options.String["profile"] if !verbose.Enabled { taoca.ConfirmNames = false } if *options.String["config"] != "" && !*options.Bool["init"] { err := options.Load(*options.String["config"]) options.FailIf(err, "Can't load configuration") } fmt.Println("https/tls Certificate Authority") manualMode = *options.Bool["manual"] learnMode = *options.Bool["learn"] if !manualMode && tao.Parent() == nil { options.Fail(nil, "can't continue: automatic mode, but no host Tao available") } if *options.Bool["root"] == (*options.String["subsidiary"] != "") { options.Usage("must supply exactly one of -root or -subsidiary options") } host := *options.String["host"] port := *options.String["port"] addr := net.JoinHostPort(host, port) // TODO(kwalsh) extend tao name with operating mode and policy cpath := *options.String["config"] kdir := *options.String["keys"] if kdir == "" && cpath != "" { kdir = path.Dir(cpath) } else if kdir == "" { options.Fail(nil, "Option -keys or -config is required") } ppath := path.Join(kdir, "policy") var err error if *options.Bool["init"] { if cpath != "" { err := options.Save(cpath, "HTTPS/TLS certificate authority configuration", "persistent") options.FailIf(err, "Can't save configuration") } fmt.Println("" + "Initializing fresh HTTP/TLS CA signing key. Provide the following information,\n" + "to be include in the CA's own x509 certificate. Leave the response blank to\n" + "accept the default value.\n" + "\n" + "Configuration file: " + cpath + "\n" + "Keys directory: " + kdir + "\n") var caName *pkix.Name if taoca.ConfirmNames { if *options.Bool["root"] { caName = taoca.ConfirmName(caRootName) } else { caName = taoca.ConfirmName(caSubsidiaryName) } } else { if *options.Bool["root"] { caName = caRootName } else { caName = caSubsidiaryName } } if manualMode { pwd := options.Password("Choose an HTTPS/TLS CA signing key password", "pass") caKeys, err = tao.InitOnDiskPBEKeys(tao.Signing, pwd, kdir, caName) tao.ZeroBytes(pwd) } else { caKeys, err = tao.InitOnDiskTaoSealedKeys(tao.Signing, caName, tao.Parent(), kdir, tao.SealPolicyDefault) } options.FailIf(err, "Can't initialize fresh HTTPS/TLS CA signing key") if *options.Bool["root"] { fmt.Printf(""+ "Note: To install this CA's key in the Chrome browser, go to\n"+ " 'Settings', 'Show advanced settings...', 'Manage Certificates...', 'Authorities'\n"+ " then import the following file:\n"+ " %s\n"+ " Select 'Trust this certificate for identifying websites' and/or other\n"+ " options, then click 'OK'\n", caKeys.X509Path("default")) } else { csr := taoca.NewCertificateSigningRequest(caKeys.VerifyingKey, caName) *csr.IsCa = true srv := *options.String["subsidiary"] taoca.DefaultServerName = srv taoca.SubmitAndInstall(caKeys, csr) } if !manualMode { f, err := os.Open(ppath) if err == nil { f.Close() fmt.Printf("Using existing certificate-granting policy: %s\n", ppath) } else { fmt.Printf("Creating default certificate-granting policy: %s\n", ppath) fmt.Printf("Edit that file to define the certificate-granting policy.\n") err := util.WritePath(ppath, []byte(policy.Default), 0755, 0755) options.FailIf(err, "Can't save policy rules") } } } else { if manualMode { pwd := options.Password("HTTPS/TLS CA signing key password", "pass") caKeys, err = tao.LoadOnDiskPBEKeys(tao.Signing, pwd, kdir) tao.ZeroBytes(pwd) } else { caKeys, err = tao.LoadOnDiskTaoSealedKeys(tao.Signing, tao.Parent(), kdir, tao.SealPolicyDefault) } options.FailIf(err, "Can't load HTTP/TLS CA signing key") } netlog.Log("https_ca: start") netlog.Log("https_ca: manual? %v", manualMode) if !manualMode { guard, err = policy.Load(ppath) options.FailIf(err, "Can't load certificate-granting policy") } var prin auth.Prin if tao.Parent() != nil { prin, err = tao.Parent().GetTaoName() options.FailIf(err, "Can't get tao name") } else { rendezvous.DefaultServer.Connect(caKeys) prin = caKeys.SigningKey.ToPrincipal() } name := *options.String["name"] if name != "" { err = rendezvous.Register(rendezvous.Binding{ Name: proto.String(name), Host: proto.String(host), Port: proto.String(port), Protocol: proto.String("protoc/rpc/https_ca"), Principal: proto.String(prin.String()), }) options.FailIf(err, "Can't register with rendezvous service") } statsdelay := *options.String["stats"] var srv *tao.Server if statsdelay != "" { go profiling.ShowStats(&stats, statsdelay, "sign certificates") srv = tao.NewOpenServer(tao.ConnHandlerFunc(doResponseWithStats)) } else { srv = tao.NewOpenServer(tao.ConnHandlerFunc(doResponseWithoutStats)) } srv.Keys = caKeys fmt.Printf("Listening at %s using Tao-authenticated channels\n", addr) err = srv.ListenAndServe(addr) options.FailIf(err, "server died") fmt.Println("Server Done") netlog.Log("https_ca: done") }
func main() { caAddr := flag.String("caAddr", "localhost:8124", "The address of the CA for setting up a certificate signed by the policy key") hostcfg := flag.String("hostconfig", "tao.config", "path to host tao configuration") serverHost := flag.String("host", "localhost", "address for client/server") serverPort := flag.String("port", "8129", "port for client/server") rollbackServerPath := flag.String("rollbackserver_files", "rollbackserver_files", "rollbackserver directory") country := flag.String("country", "US", "The country for the fileclient certificate") org := flag.String("organization", "Google", "The organization for the fileclient certificate") flag.Parse() serverAddr := net.JoinHostPort(*serverHost, *serverPort) hostDomain, err := tao.LoadDomain(*hostcfg, nil) if err != nil { log.Fatalln("rollbackserver: can't load domain:", err) } var policyCert []byte if hostDomain.Keys.Cert != nil { policyCert = hostDomain.Keys.Cert.Raw } if policyCert == nil { log.Fatalln("rollbackserver: can't retrieve policy cert") } parentTao := tao.Parent() if err := hostDomain.ExtendTaoName(parentTao); err != nil { log.Fatalln("fileserver: can't extend the Tao with the policy key") } e := auth.PrinExt{Name: "rollbackserver_version_1"} if err = parentTao.ExtendTaoName(auth.SubPrin{e}); err != nil { log.Fatalln("rollbackserver: can't extend name") } taoName, err := parentTao.GetTaoName() if err != nil { return } // Create or read the keys for rollbackserver. rbKeys, err := tao.NewOnDiskTaoSealedKeys(tao.Signing|tao.Crypting, parentTao, *rollbackServerPath, tao.SealPolicyDefault) if err != nil { log.Fatalln("rollbackserver: couldn't set up the Tao-sealed keys:", err) } // Set up a temporary cert for communication with keyNegoServer. rbKeys.Cert, err = rbKeys.SigningKey.CreateSelfSignedX509(tao.NewX509Name(&tao.X509Details{ Country: proto.String(*country), Organization: proto.String(*org), CommonName: proto.String(taoName.String()), })) if err != nil { log.Fatalln("rollbackserver: couldn't create a self-signed cert for rollbackserver keys:", err) } // Contact keyNegoServer for the certificate. if err := fileproxy.EstablishCert("tcp", *caAddr, rbKeys, hostDomain.Keys.VerifyingKey); err != nil { log.Fatalf("rollbackserver: couldn't establish a cert signed by the policy key: %s", err) } // The symmetric keys aren't used by the rollback server. progPolicy := fileproxy.NewProgramPolicy(policyCert, taoName.String(), rbKeys, nil, rbKeys.Cert.Raw) m := fileproxy.NewRollbackMaster(taoName.String()) if err := serve(serverAddr, taoName.String(), policyCert, rbKeys, progPolicy, m); err != nil { log.Fatalf("rollbackserver: server error: %s\n", err) } log.Println("rollbackserver: done") }
func main() { caAddr := flag.String("caAddr", "localhost:8124", "The address of the CA for setting up a certificate signed by the policy key") hostcfg := flag.String("hostconfig", "tao.config", "path to host tao configuration") serverHost := flag.String("host", "localhost", "address for client/server") serverPort := flag.String("port", "8123", "port for client/server") fileServerPath := flag.String("fileserver_files", "fileserver_files/", "fileserver directory") fileServerFilePath := flag.String("stored_files", "fileserver_files/stored_files/", "fileserver directory") country := flag.String("country", "US", "The country for the fileclient certificate") org := flag.String("organization", "Google", "The organization for the fileclient certificate") flag.Parse() serverAddr := net.JoinHostPort(*serverHost, *serverPort) hostDomain, err := tao.LoadDomain(*hostcfg, nil) if err != nil { log.Fatalln("fileserver: can't LoadDomain") } var policyCert []byte if hostDomain.Keys.Cert != nil { policyCert = hostDomain.Keys.Cert.Raw } if policyCert == nil { log.Fatalln("fileserver: can't retrieve policy cert") } parentTao := tao.Parent() if err := hostDomain.ExtendTaoName(parentTao); err != nil { log.Fatalln("fileserver: can't extend the Tao with the policy key") } e := auth.PrinExt{Name: "fileserver_version_1"} if err = parentTao.ExtendTaoName(auth.SubPrin{e}); err != nil { log.Fatalln("fileserver: couldn't extend the Tao name") } taoName, err := parentTao.GetTaoName() if err != nil { log.Fatalln("fileserver: couldn't get tao name") } // Create or read the keys for fileclient. fsKeys, err := tao.NewOnDiskTaoSealedKeys(tao.Signing|tao.Crypting, parentTao, *fileServerPath, tao.SealPolicyDefault) if err != nil { log.Fatalln("fileserver: couldn't set up the Tao-sealed keys:", err) } // Set up a temporary cert for communication with keyNegoServer. fsKeys.Cert, err = fsKeys.SigningKey.CreateSelfSignedX509(tao.NewX509Name(&tao.X509Details{ Country: proto.String(*country), Organization: proto.String(*org), CommonName: proto.String(taoName.String()), })) if err != nil { log.Fatalln("fileserver: couldn't create a self-signed cert for fileclient keys:", err) } // Contact keyNegoServer for the certificate. if err := fileproxy.EstablishCert("tcp", *caAddr, fsKeys, hostDomain.Keys.VerifyingKey); err != nil { log.Fatalf("fileserver: couldn't establish a cert signed by the policy key: %s", err) } symKeysPath := path.Join(*fileServerPath, "sealedEncKeys") symKeys, err := fsKeys.NewSecret(symKeysPath, fileproxy.SymmetricKeySize) if err != nil { log.Fatalln("fileserver: couldn't get the file encryption keys") } tao.ZeroBytes(symKeys) progPolicy := fileproxy.NewProgramPolicy(policyCert, taoName.String(), fsKeys, symKeys, fsKeys.Cert.Raw) // Set up the file storage path if it doesn't exist. if _, err := os.Stat(*fileServerFilePath); err != nil { if err := os.MkdirAll(*fileServerFilePath, 0700); err != nil { log.Fatalln("fileserver: couldn't create a file storage directory:", err) } } if err := serve(serverAddr, *fileServerFilePath, policyCert, fsKeys, progPolicy); err != nil { log.Fatalln("fileserver: couldn't serve connections:", err) } log.Printf("fileserver: done\n") }
func main() { caAddr := flag.String("caAddr", "localhost:8124", "The address of the CA for setting up a certificate signed by the policy key") hostcfg := flag.String("hostconfig", "tao.config", "path to host tao configuration") serverHost := flag.String("host", "localhost", "address for client/server") serverPort := flag.String("port", "8123", "port for client/server") rollbackServerHost := flag.String("rollbackhost", "localhost", "address for rollback client/server") rollbackServerPort := flag.String("rollbackport", "8129", "port for client/server") fileClientPassword := flag.String("password", "BogusPass", "A password for unlocking the user certificates") fileClientPath := flag.String("fileclient_files", "fileclient_files", "fileclient directory") fileClientFilePath := flag.String("stored_files", "fileclient_files/stored_files", "fileclient file directory") testFile := flag.String("test_file", "originalTestFile", "test file") fileClientKeyPath := flag.String("usercreds", "usercreds", "user keys and certs") country := flag.String("country", "US", "The country for the fileclient certificate") org := flag.String("organization", "Google", "The organization for the fileclient certificate") flag.Parse() serverAddr := net.JoinHostPort(*serverHost, *serverPort) hostDomain, err := tao.LoadDomain(*hostcfg, nil) if err != nil { log.Fatalln("fileclient: Can't load domain") } var derPolicyCert []byte if hostDomain.Keys.Cert["default"] != nil { derPolicyCert = hostDomain.Keys.Cert["default"].Raw } if derPolicyCert == nil { log.Fatalln("fileclient: Can't retrieve policy cert") } parentTao := tao.Parent() if err := hostDomain.ExtendTaoName(parentTao); err != nil { log.Fatalln("fileclient: can't extend the Tao with the policy key") } e := auth.PrinExt{Name: "fileclient_version_1"} if err = parentTao.ExtendTaoName(auth.SubPrin{e}); err != nil { log.Fatalln("fileclient: couldn't extend the tao name with the policy key") } taoName, err := parentTao.GetTaoName() if err != nil { log.Fatalln("fileclient: Can't get tao name") } // Create or read the keys for fileclient. // Set up a temporary cert for communication with keyNegoServer. // TODO(kwalsh) This may no longer be needed. Is there a significance to // this cert? name := tao.NewX509Name(&tao.X509Details{ Country: proto.String(*country), Organization: proto.String(*org), CommonName: proto.String(taoName.String()), }) fcKeys, err := tao.NewOnDiskTaoSealedKeys(tao.Signing|tao.Crypting, name, parentTao, *fileClientPath, tao.SealPolicyDefault) if err != nil { log.Fatalln("fileclient: couldn't set up the Tao-sealed keys:", err) } if err != nil { log.Fatalln("fileclient: couldn't create a self-signed cert for fileclient keys:", err) } // Contact keyNegoServer for the certificate. if err := fileproxy.EstablishCert("tcp", *caAddr, fcKeys, hostDomain.Keys.VerifyingKey); err != nil { log.Fatalf("fileclient: couldn't establish a cert signed by the policy key: %s", err) } // Get the policy cert and set up TLS. conf, err := fcKeys.TLSClientConfig(hostDomain.Keys.Cert["default"]) if err != nil { log.Fatalln("fileclient, encode error: ", err) } conn, err := tls.Dial("tcp", serverAddr, conf) if err != nil { log.Fatalln("fileclient: can't establish channel: ", err) } ms := util.NewMessageStream(conn) // Before doing any tests, create a simple file to send to the server. testContents := ` This is a simple file to test It has some new lines And it doesn't have very much content. ` if _, err := os.Stat(*fileClientFilePath); err != nil { if err := os.MkdirAll(*fileClientFilePath, 0700); err != nil { log.Fatalf("fileclient: couldn't create the file storage path %s: %s", *fileClientFilePath, err) } } sentFileName := *testFile sentFilePath := path.Join(*fileClientFilePath, sentFileName) if err := ioutil.WriteFile(sentFilePath, []byte(testContents), 0600); err != nil { log.Fatalf("fileclient: couldn't create a test file at %s: %s", sentFilePath, err) } // Authenticate user principal(s). if _, err := os.Stat(*fileClientKeyPath); err != nil { log.Fatalf("fileclient: couldn't get user credentials from %s: %s\n", *fileClientKeyPath, err) } // This method won't generate the right certificate in general for // signing, which is why we check first to make sure the right directory // already exists. But it will successfully read the signer and the // certificate. userKeys, err := tao.NewOnDiskPBEKeys(tao.Signing, []byte(*fileClientPassword), *fileClientKeyPath, nil) if err != nil { log.Fatalf("Couldn't read the keys from %s: %s\n", *fileClientKeyPath, err) } userCert := userKeys.Cert["default"].Raw // Authenticate a key to use for requests to the server. if err = fileproxy.AuthenticatePrincipal(ms, userKeys, userCert); err != nil { log.Fatalf("fileclient: can't authenticate principal: %s", err) } // Create a file. if err = fileproxy.CreateFile(ms, userCert, sentFileName); err != nil { log.Fatalln("fileclient: can't create file:", err) } // Send File. if err = fileproxy.WriteFile(ms, userCert, *fileClientFilePath, sentFileName); err != nil { log.Fatalf("fileclient: couldn't write the file %s to the server: %s", sentFileName, err) } // Get file. outputFileName := sentFileName + ".out" if err = fileproxy.ReadFile(ms, userCert, *fileClientFilePath, sentFileName, outputFileName); err != nil { log.Fatalf("fileclient: couldn't get file %s to output file %s: %s", sentFileName, outputFileName, err) } // TODO(tmroeder): compare the received file against the sent file. // Set up a TLS connection to the rollback server, just like the one to // the file server. rollbackServerAddr := net.JoinHostPort(*rollbackServerHost, *rollbackServerPort) rbconn, err := tls.Dial("tcp", rollbackServerAddr, conf) if err != nil { log.Fatalf("fileclient: can't establish rollback channel: %s", err) } newms := util.NewMessageStream(rbconn) // Create a fake hash value, and set this value for an item. hashLen := 32 hash := make([]byte, hashLen) if _, err := rand.Read(hash); err != nil { log.Fatalf("fileclient: failed to read a random value for the hash") } progName := taoName.String() resName := "test_resource" if err := fileproxy.SetHash(newms, resName, hash); err != nil { log.Fatalf("Couldn't set the hash for program '%s', resource '%s', hash % x on the remote server: %s", progName, resName, hash, err) } // Set the counter to 10 and check that we get the same value back. if err := fileproxy.SetCounter(newms, uint64(10)); err != nil { log.Fatalf("fileclient: couldn't set the counter in the file client") } c, err := fileproxy.GetCounter(newms) if err != nil { log.Fatalf("fileclient: couldn't get the value of the counter from the rollback server") } // Get the hash verification value. newHash, err := fileproxy.GetHashedVerifier(newms, resName) if err != nil { log.Fatalf("fileclient: couldn't get the hashed verifier from the rollback server") } // Try to recompute the hashed verifier directly to see if it matches. sh := sha256.New() vi := fileproxy.EncodeCounter(c) sh.Write(vi) sh.Write(hash) sh.Write(vi) computed := sh.Sum(nil) if subtle.ConstantTimeCompare(newHash, computed) != 1 { log.Fatalf("fileclient: the hashed verifier % x returned by the server didn't match the value % x computed locally", newHash, computed) } log.Println("All fileclient tests pass") }
// Load domain info for the domain and establish Clouproxy keys and properties. // This handles reading in existing (sealed) Cloudproxy keys and properties, or, // if this is the first call (or a call after state has been erased), this also // handles initialization of keys and certificates including interaction with the // domain signing service and storage of new sealed keys and certificates. // If TaoParadigm completes without error, programObject contains all the // Cloudproxy information needed throughout the calling program execution // ensures that this information is sealed and stored for subsequent invocations. func TaoParadigm(cfg *string, filePath *string, programObject *TaoProgramData) error { // Load domain info for this domain. simpleDomain, err := tao.LoadDomain(*cfg, nil) if err != nil { return errors.New("TaoParadigm: Can't load domain") } // Get policy cert. if simpleDomain.Keys.Cert == nil { return errors.New("TaoParadigm: Can't retrieve policy cert") } derPolicyCert := simpleDomain.Keys.Cert.Raw if derPolicyCert == nil { return errors.New("TaoParadigm: Can't retrieve der encoded policy cert") } // Extend tao name with policy key simpleDomain.ExtendTaoName(tao.Parent()) // Retrieve extended name. taoName, err := tao.Parent().GetTaoName() if err != nil { return errors.New("TaoParadigm: Can't extend Tao Principal name") } log.Printf("TaoParadigm: my name is %s\n", taoName) // Get my keys and certificates. sealedSymmetricKey, sealedProgramKey, programCert, certChain, err := LoadProgramKeys(*filePath) if err != nil { return errors.New("TaoParadigm: Can't retrieve existing key material") } // Unseal my symmetric keys, or initialize them. var symKeys []byte var policy string if sealedSymmetricKey != nil { symKeys, policy, err = tao.Parent().Unseal(sealedSymmetricKey) if err != nil || policy != tao.SealPolicyDefault { return errors.New("TaoParadigm: can't unseal symmetric keys") } } else { symKeys, err = InitializeSealedSymmetricKeys(*filePath, tao.Parent(), SizeofSymmetricKeys) if err != nil { return errors.New("TaoParadigm: InitializeSealedSymmetricKeys error") } } log.Printf("Unsealed symmetric keys\n") // Get my Program private key if present or initialize it. var programKey *tao.Keys if sealedProgramKey != nil { programKey, err = SigningKeyFromBlob(tao.Parent(), sealedProgramKey, programCert) if err != nil { return errors.New("TaoParadigm: SigningKeyFromBlob error") } } else { // Get Program key. programKey, programCert, certChain, err = InitializeSealedProgramKey( *filePath, tao.Parent(), *simpleDomain) if err != nil || programKey == nil { return errors.New("TaoParadigm: InitializeSealedSigningKey error") } } log.Printf("TaoParadigm: Retrieved Signing key\n") // Initialize Program policy object. ok := programObject.FillTaoProgramData(derPolicyCert, taoName.String(), *programKey, symKeys, programCert, certChain, filePath) if !ok { return errors.New("TaoParadigm: Can't initialize TaoProgramData") } return nil }
func doServer() { var sock net.Listener var err error var keys *tao.Keys network := "tcp" domain, err := tao.LoadDomain(configPath(), nil) options.FailIf(err, "error: couldn't load the tao domain from %s\n", configPath()) switch *demoAuth { case "tcp": sock, err = net.Listen(network, serverAddr) options.FailIf(err, "server: couldn't listen to the network") case "tls", "tao": // Generate a private/public key for this hosted program (hp) and // request attestation from the host of the statement "hp speaksFor // host". The resulting certificate, keys.Delegation, is a chain of // "says" statements extending to the policy key. The policy is // checked by the host before this program is executed. keys, err = tao.NewTemporaryTaoDelegatedKeys(tao.Signing, tao.Parent()) options.FailIf(err, "server: failed to generate delegated keys") // Create a certificate for the hp. keys.Cert, err = keys.SigningKey.CreateSelfSignedX509(&pkix.Name{ Organization: []string{"Google Tao Demo"}}) options.FailIf(err, "server: couldn't create certificate") g := domain.Guard if *ca != "" { // Replace keys.Delegation with a "says" statement directly from // the policy key. na, err := tao.RequestTruncatedAttestation(network, *ca, keys, domain.Keys.VerifyingKey) options.FailIf(err, "server: truncated attestation request failed") keys.Delegation = na g, err = newTempCAGuard(domain.Keys.VerifyingKey) options.FailIf(err, "server: couldn't set up a new guard") } tlsc, err := tao.EncodeTLSCert(keys) options.FailIf(err, "server: couldn't encode TLS certificate") conf := &tls.Config{ RootCAs: x509.NewCertPool(), Certificates: []tls.Certificate{*tlsc}, InsecureSkipVerify: true, ClientAuth: tls.RequireAnyClientCert, } if *demoAuth == "tao" { sock, err = tao.Listen(network, serverAddr, conf, g, domain.Keys.VerifyingKey, keys.Delegation) options.FailIf(err, "sever: couldn't create a taonet listener") } else { sock, err = tls.Listen(network, serverAddr, conf) options.FailIf(err, "server: couldn't create a tls listener") } } fmt.Printf("server: listening at %s using %s authentication.\n", serverAddr, *demoAuth) defer sock.Close() pings := make(chan bool, 5) connCount := 0 go func() { for connCount = 0; connCount < *pingCount || *pingCount < 0; connCount++ { // negative means forever conn, err := sock.Accept() options.FailIf(err, "server: can't accept connection") go doResponse(conn, pings) } }() pingGood := 0 pingFail := 0 for { select { case ok := <-pings: if ok { pingGood++ } else { pingFail++ } } } }