github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/apps/simple_http_server/README.md (about)

     1  Simple HTTP Server
     2  ==================
     3  
     4  This is a simple HTTP server that runs on top of linux_host and
     5  SoftTao, meaning that the root of trust is a piece of software rather
     6  than a hardware TPM. This is meant to demonstrate how one can start a
     7  CloudProxy protected server.
     8  
     9  This application manages a value (byte slice called "Secret" in the
    10  program), and services the value to the clients. The first time the
    11  server runs, it generates 64 random bytes, and uses CloudProxy's
    12  protection mechanism ("seal") to store it in the hard drive. This
    13  sealed data is then only accessible by the server. Any subsequent
    14  times the server starts, it reads the sealed data (via "unseal"),
    15  and services that to any clients.
    16  
    17  This application does not really have any meaningful security as the
    18  connection is on plaintext HTTP and provides no authentication (i.e.,
    19  no TLS); it is meant as a simplest demonstration of getting a server
    20  running on top of CloudProxy and linux_host in particular. Running
    21  with TLS will be shown in another example.
    22  
    23  
    24  Dependencies
    25  ------------
    26  
    27  This server tries to minimize dependencies. Apart from the standard Go
    28  libraries, it depends on
    29  
    30  1. `github.com/jlmucb/cloudproxy/go/tao`: Implementation of Tao.
    31  
    32  2. `github.com/jlmucb/cloudproxy/go/apps/host` and
    33  `github.com/jlmucb/cloudproxy/go/apps/linux_host`: Implementation of
    34  the linux_host. In a real deployment, `linux_host` will serve as
    35  the root of trust for applications running on top of linux.
    36  
    37  
    38  Files
    39  -----
    40  
    41  
    42  - `allowall.cfg`: Sample configuration file for Tao. This is an
    43  "allow all" policy, meaning it will let any application run on top
    44  of this Tao.
    45  
    46  - `README.md`: This README.
    47  
    48  - `run.sh`: Script to compile and run the application.
    49  
    50  - `server.go`: Code for a simple HTTP server using Tao.
    51  
    52  
    53  Running the example
    54  -------------------
    55  
    56  To run this application, run
    57  
    58      ./run.sh
    59  
    60  This sets up all the necessary files, and runs the server. This
    61  requires sudo access since the linux hosts run with root privilege. It
    62  will also prompt the user for the password used for SoftTao, which is
    63  currently set to `httptest`. Once the server is running, you can open
    64  a browser and visit `localhost:8123` to see the secret the server is
    65  storing. `run.sh` describes what each command does in more detail.