func computeSignature(a mig.Action, ctx Context) (pgpsig string, err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("computeSignature() -> %v", e) } }() // do a round trip through the json marshaller, this is voodoo that // fixes signature verification issues down the road b, err := json.Marshal(a) if err != nil { panic(err) } err = json.Unmarshal(b, &a) if err != nil { panic(err) } secringFile, err := os.Open(ctx.GPG.Home + "/secring.gpg") if err != nil { panic(err) } defer secringFile.Close() // compute the signature str, err := a.String() if err != nil { panic(err) } pgpsig, err = sign.Sign(str, ctx.GPG.KeyID, secringFile) if err != nil { panic(err) } fmt.Println("Signature computed successfully") return }
func main() { var Usage = func() { fmt.Fprintf(os.Stderr, "Mozilla InvestiGator Action Generator\n"+ "usage: %s -k=<key id> (-i <input file)\n\n"+ "Command line to generate and sign MIG Actions.\n"+ "The resulting actions are display on stdout.\n\n"+ "Options:\n", os.Args[0]) flag.PrintDefaults() } // command line options var key = flag.String("k", "key identifier", "Key identifier used to sign the action (ex: B75C2346)") var pretty = flag.Bool("p", false, "Print signed action in pretty JSON format") var urlencode = flag.Bool("urlencode", false, "URL Encode marshalled JSON before output") var posturl = flag.String("posturl", "", "POST action to <url> (enforces urlencode)") var file = flag.String("i", "/path/to/file", "Load action from file") var validfrom = flag.String("validfrom", "now", "(optional) set an ISO8601 date the action will be valid from. If unset, use 'now'.") var expireafter = flag.String("expireafter", "30m", "(optional) set a validity duration for the action. If unset, use '30m'.") flag.Parse() // We need a key, if none is set on the command line, fail if *key == "key identifier" { Usage() os.Exit(-1) } var a mig.Action var err error // if a file is defined, load action from that if *file != "/path/to/file" { a, err = mig.ActionFromFile(*file) } else { // otherwise, use interactive mode a, err = getActionFromTerminal() } if err != nil { panic(err) } // set the dates if *validfrom == "now" { a.ValidFrom = time.Now().UTC() } else { a.ValidFrom, err = time.Parse("2014-01-01T00:00:00.0Z", *validfrom) if err != nil { panic(err) } } period, err := time.ParseDuration(*expireafter) if err != nil { log.Fatal(err) } a.ExpireAfter = a.ValidFrom.Add(period) // compute the signature str, err := a.String() if err != nil { panic(err) } a.PGPSignature, err = sign.Sign(str, *key) if err != nil { panic(err) } a.PGPSignatureDate = time.Now().UTC() var jsonAction []byte if *pretty { jsonAction, err = json.MarshalIndent(a, "", "\t") } else { jsonAction, err = json.Marshal(a) } if err != nil { panic(err) } // if asked, url encode the action before marshaling it actionstr := string(jsonAction) if *urlencode { strJsonAction := string(jsonAction) actionstr = url.QueryEscape(strJsonAction) } if *posturl != "" { resp, err := http.PostForm(*posturl, url.Values{"action": {actionstr}}) if err != nil { panic(err) } var buf [512]byte reader := resp.Body for { n, err := reader.Read(buf[0:]) if err != nil { os.Exit(0) } fmt.Print(string(buf[0:n])) } } // find keyring in default location u, err := user.Current() if err != nil { panic(err) } // load keyring var gnupghome string gnupghome = os.Getenv("GNUPGHOME") if gnupghome == "" { gnupghome = "/.gnupg" } keyring, err := os.Open(u.HomeDir + gnupghome + "/pubring.gpg") if err != nil { panic(err) } defer keyring.Close() // syntax checking err = a.Validate() if err != nil { panic(err) } // syntax checking err = a.VerifySignature(keyring) if err != nil { panic(err) } }
// processNewAction is called when a new action is available. It pulls // the action from the directory, parse it, retrieve a list of targets from // the backend database, and create individual command for each target. func processNewAction(actionPath string, ctx Context) (err error) { var action mig.Action defer func() { if e := recover(); e != nil { err = fmt.Errorf("processNewAction() -> %v", e) } ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: "leaving processNewAction()"}.Debug() }() // load the action file action, err = mig.ActionFromFile(actionPath) if err != nil { panic(err) } action.StartTime = time.Now() // generate an action id if action.ID < 1 { action.ID = mig.GenID() } desc := fmt.Sprintf("new action received: Name='%s' Target='%s' ValidFrom='%s' ExpireAfter='%s'", action.Name, action.Target, action.ValidFrom, action.ExpireAfter) ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: desc} // TODO: replace with action.Validate(), to include signature verification if time.Now().Before(action.ValidFrom) { // queue new action desc := fmt.Sprintf("action '%s' is not ready for scheduling", action.Name) ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: desc}.Debug() return } if time.Now().After(action.ExpireAfter) { ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: fmt.Sprintf("action '%s' is expired. invalidating.", action.Name)} err = invalidAction(ctx, action, actionPath) if err != nil { panic(err) } return } // find target agents for the action agents, err := ctx.DB.ActiveAgentsByTarget(action.Target) if err != nil { panic(err) } action.Counters.Sent = len(agents) if action.Counters.Sent == 0 { err = fmt.Errorf("No agents found for target '%s'. invalidating action.", action.Target) err = invalidAction(ctx, action, actionPath) if err != nil { panic(err) } } ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: fmt.Sprintf("Found %d target agents", action.Counters.Sent)} action.Status = "preparing" inserted, err := ctx.DB.InsertOrUpdateAction(action) if err != nil { panic(err) } if inserted { // action was inserted, and not updated, so we need to insert // the signatures as well astr, err := action.String() if err != nil { panic(err) } for _, sig := range action.PGPSignatures { pubring, err := getPubring(ctx) if err != nil { panic(err) } fp, err := pgp.GetFingerprintFromSignature(astr, sig, pubring) if err != nil { panic(err) } inv, err := ctx.DB.InvestigatorByFingerprint(fp) if err != nil { panic(err) } err = ctx.DB.InsertSignature(action.ID, inv.ID, sig) if err != nil { panic(err) } } } ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: "Action written to database"}.Debug() // create an array of empty results to serve as default for all commands emptyResults := make([]modules.Result, len(action.Operations)) created := 0 for _, agent := range agents { err := createCommand(ctx, action, agent, emptyResults) if err != nil { ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: "Failed to create commmand on agent" + agent.Name}.Err() continue } created++ } if created == 0 { // no command created found ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, ActionID: action.ID, Desc: "No command created. Invalidating action."}.Err() err = invalidAction(ctx, action, actionPath) if err != nil { panic(err) } return nil } // move action to flying state err = flyAction(ctx, action, actionPath) if err != nil { panic(err) } return }
// createAction receives a signed action in a POST request, validates it, // and write it into the scheduler spool func createAction(respWriter http.ResponseWriter, request *http.Request) { var ( err error action mig.Action ) opid := getOpID(request) loc := fmt.Sprintf("%s%s", ctx.Server.Host, request.URL.String()) resource := cljs.New(loc) defer func() { if e := recover(); e != nil { ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: fmt.Sprintf("%v", e)}.Err() resource.SetError(cljs.Error{Code: fmt.Sprintf("%.0f", opid), Message: fmt.Sprintf("%v", e)}) respond(500, resource, respWriter, request) } ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "leaving createAction()"}.Debug() }() // parse the POST body into a mig action err = request.ParseForm() if err != nil { panic(err) } postAction := request.FormValue("action") err = json.Unmarshal([]byte(postAction), &action) if err != nil { panic(err) } ctx.Channels.Log <- mig.Log{OpID: opid, Desc: fmt.Sprintf("Received action for creation '%s'", action)}.Debug() // Init action fields action.ID = mig.GenID() date0 := time.Date(0011, time.January, 11, 11, 11, 11, 11, time.UTC) date1 := time.Date(9998, time.January, 11, 11, 11, 11, 11, time.UTC) action.StartTime = date0 action.FinishTime = date1 action.LastUpdateTime = date0 action.Status = "pending" // load keyring and validate action keyring, err := getKeyring() if err != nil { panic(err) } err = action.Validate() if err != nil { panic(err) } err = action.VerifySignatures(keyring) if err != nil { panic(err) } ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Received new action with valid signature"} // write action to database err = ctx.DB.InsertAction(action) if err != nil { panic(err) } // write signatures to database astr, err := action.String() if err != nil { panic(err) } for _, sig := range action.PGPSignatures { k, err := getKeyring() if err != nil { panic(err) } fp, err := pgp.GetFingerprintFromSignature(astr, sig, k) if err != nil { panic(err) } inv, err := ctx.DB.InvestigatorByFingerprint(fp) if err != nil { panic(err) } err = ctx.DB.InsertSignature(action.ID, inv.ID, sig) if err != nil { panic(err) } } ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Action written to database"} err = resource.AddItem(cljs.Item{ Href: fmt.Sprintf("%s/action?actionid=%.0f", ctx.Server.BaseURL, action.ID), Data: []cljs.Data{{Name: "action ID " + fmt.Sprintf("%.0f", action.ID), Value: action}}, }) if err != nil { panic(err) } // return a 202 Accepted. the action will be processed asynchronously, and may fail later. respond(202, resource, respWriter, request) }
// destroyAgent issues an `agentdestroy` action targetted to a specific agent // and updates the status of the agent in the database func destroyAgent(agent mig.Agent, ctx Context) (err error) { defer func() { if e := recover(); e != nil { err = fmt.Errorf("destroyAgent() -> %v", e) } ctx.Channels.Log <- mig.Log{OpID: ctx.OpID, Desc: "leaving destroyAgent()"}.Debug() }() // generate an `agentdestroy` action for this agent killAction := mig.Action{ ID: mig.GenID(), Name: fmt.Sprintf("Destroy agent %s", agent.Name), Target: agent.QueueLoc, ValidFrom: time.Now().Add(-60 * time.Second).UTC(), ExpireAfter: time.Now().Add(30 * time.Minute).UTC(), SyntaxVersion: 1, } var opparams struct { PID int `json:"pid"` Version string `json:"version"` } opparams.PID = agent.PID opparams.Version = agent.Version killOperation := mig.Operation{ Module: "agentdestroy", Parameters: opparams, } killAction.Operations = append(killAction.Operations, killOperation) // sign the action with the scheduler PGP key str, err := killAction.String() if err != nil { panic(err) } secringFile, err := os.Open(ctx.PGP.Home + "/secring.gpg") defer secringFile.Close() pgpsig, err := sign.Sign(str, ctx.PGP.KeyID, secringFile) if err != nil { panic(err) } killAction.PGPSignatures = append(killAction.PGPSignatures, pgpsig) var jsonAction []byte jsonAction, err = json.Marshal(killAction) if err != nil { panic(err) } // write the action to the spool for scheduling dest := fmt.Sprintf("%s/%.0f.json", ctx.Directories.Action.New, killAction.ID) err = safeWrite(ctx, dest, jsonAction) if err != nil { panic(err) } // mark the agent as `destroyed` in the database err = ctx.DB.MarkAgentDestroyed(agent) if err != nil { panic(err) } ctx.Channels.Log <- mig.Log{Desc: fmt.Sprintf("Requested destruction of agent '%s' with PID '%d'", agent.Name, agent.PID)}.Info() return }
// createAction receives a signed action in a POST request, validates it, // and write it into the scheduler spool func createAction(respWriter http.ResponseWriter, request *http.Request) { var err error opid := mig.GenID() var action mig.Action loc := fmt.Sprintf("http://%s:%d%s", ctx.Server.IP, ctx.Server.Port, request.URL.String()) resource := cljs.New(loc) defer func() { if e := recover(); e != nil { ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: fmt.Sprintf("%v", e)}.Err() resource.SetError(cljs.Error{Code: fmt.Sprintf("%.0f", opid), Message: fmt.Sprintf("%v", e)}) respond(500, resource, respWriter, request, opid) } ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "leaving createAction()"}.Debug() }() // parse the POST body into a mig action request.ParseForm() postAction := request.FormValue("action") err = json.Unmarshal([]byte(postAction), &action) if err != nil { panic(err) } ctx.Channels.Log <- mig.Log{OpID: opid, Desc: fmt.Sprintf("Received action for creation '%s'", action)}.Debug() // Init action fields action.ID = mig.GenID() date0 := time.Date(9998, time.January, 11, 11, 11, 11, 11, time.UTC) action.StartTime = date0 action.FinishTime = date0 action.LastUpdateTime = date0 action.Status = "init" // load keyring and validate action keyring, err := os.Open(ctx.PGP.Home + "/pubring.gpg") if err != nil { panic(err) } defer keyring.Close() err = action.Validate() if err != nil { panic(err) } err = action.VerifySignatures(keyring) if err != nil { panic(err) } ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Received new action with valid signature"} // write action to database err = ctx.DB.InsertAction(action) if err != nil { panic(err) } // write signatures to database astr, err := action.String() if err != nil { panic(err) } for _, sig := range action.PGPSignatures { // TODO: opening the keyring in a loop is really ugly. rewind! k, err := os.Open(ctx.PGP.Home + "/pubring.gpg") if err != nil { panic(err) } defer k.Close() fp, err := pgp.GetFingerprintFromSignature(astr, sig, k) if err != nil { panic(err) } iid, err := ctx.DB.InvestigatorByFingerprint(fp) if err != nil { panic(err) } err = ctx.DB.InsertSignature(action.ID, iid, sig) if err != nil { panic(err) } } ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Action written to database"} // write action to disk destdir := fmt.Sprintf("%s/%.0f.json", ctx.Directories.Action.New, action.ID) newAction, err := json.Marshal(action) if err != nil { panic(err) } err = ioutil.WriteFile(destdir, newAction, 0640) if err != nil { panic(err) } ctx.Channels.Log <- mig.Log{OpID: opid, ActionID: action.ID, Desc: "Action committed to spool"} err = resource.AddItem(cljs.Item{ Href: fmt.Sprintf("%s/action?actionid=%.0f", ctx.Server.BaseURL, action.ID), Data: []cljs.Data{{Name: "action ID " + fmt.Sprintf("%.0f", action.ID), Value: action}}, }) if err != nil { panic(err) } respond(201, resource, respWriter, request, opid) }