github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/apps/mixnet/scripts/domain_template.mixnet

github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/apps/mixnet/scripts/domain_template.mixnet (about)

     1  config: {
     2    domain_info: {
     3      name: "Mixnet"
     4      policy_keys_path: "policy_keys"
     5      guard_type: "AllowAll"
     6    }
     7  
     8    x509_info: {
     9      common_name: "MixnetTest"
    10      country: "US"
    11      state: "CA"
    12      organization: "Google Inc."
    13    }
    14  
    15    acl_guard_info: {
    16      signed_acls_path: "acls"
    17    }
    18  
    19    datalog_guard_info: {
    20      signed_rules_path: "rules"
    21    }
    22  
    23    tpm_info: {
    24      tpm_path: "/dev/tpm0"
    25      aik_path: "aikblob"
    26      pcrs: "17,18"
    27    }
    28  }
    29  
    30  datalog_rules: "(forall P: forall Host: forall Hash: TrustedHost(Host) and TrustedProgramHash(Hash) and Subprin(P, Host, Hash) implies MemberProgram(P))"
    31  datalog_rules: "(forall P: forall Host: forall Hash: TrustedHost(Host) and TrustedContainerHash(Hash) and Subprin(P, Host, Hash) implies MemberProgram(P))"
    32  
    33  datalog_rules: "(forall P: forall VM: forall Guard: TrustedHost(VM) and TrustedGuard(Guard) and Subprin(P, VM, Guard) implies TrustedHost(P))"
    34  
    35  datalog_rules: "(forall P: forall VM: forall Host: TrustedHost(Host) and TrustedVMImage(VM) and Subprin(P, Host, VM) implies TrustedVM(P))"
    36  datalog_rules: "(forall P: forall VM: forall Hash: TrustedVM(VM) and TrustedHost(Hash) and Subprin(P, VM, Hash) implies TrustedHost(P))"
    37  
    38  datalog_rules: "(forall T: forall PCRs: forall P: TrustedTPM(T) and TrustedOS(PCRs) and Subprin(P, T, PCRs) implies TrustedHost(P))"
    39  
    40  datalog_rules: "(forall P: TrustedHost(P) implies Authorized(P, \"Execute\"))"
    41  datalog_rules: "(forall P: MemberProgram(P) implies Authorized(P, \"Execute\"))"
    42  
    43  host_predicate_name: "TrustedHost"
    44  
    45  program_paths: "/Domains/mixnet_directory"
    46  program_paths: "/Domains/mixnet_router"
    47  program_paths: "/Domains/mixnet_proxy"
    48  program_paths: "mixnet_router"
    49  program_predicate_name: "TrustedProgramHash"
    50  
    51  vm_paths: "coreos_production_qemu_image.img"
    52  vm_predicate_name: "TrustedVMImage"
    53  
    54  linux_host_paths: "linux_host.img.tgz"
    55  linux_host_predicate_name: "TrustedHost"
    56  
    57  guard_predicate_name: "TrustedGuard"
    58  tpm_predicate_name: "TrustedTPM"
    59  os_predicate_name: "TrustedOS"