github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/apps/simpleexample/SimpleClientCpp/simpleclient_cc.cc (about)

     1  //  Copyright (c) 2014, Google Inc.  All rights reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  #include <string>
    14  
    15  #include <gflags/gflags.h>
    16  #include <glog/logging.h>
    17  
    18  #include "tao/fd_message_channel.h"
    19  #include "tao/tao_rpc.h"
    20  #include "tao/util.h"
    21  
    22  #include "ssl_helpers.h"
    23  #include "agile_crypto_support.h"
    24  #include "taosupport.h"
    25  
    26  using std::string;
    27  using std::unique_ptr;
    28  
    29  using tao::Base64WDecode;
    30  using tao::Base64WEncode;
    31  using tao::FDMessageChannel;
    32  using tao::InitializeApp;
    33  using tao::MarshalSpeaksfor;
    34  using tao::Tao;
    35  using tao::TaoRPC;
    36  
    37  // localhost is 127.0.0.1
    38  DEFINE_string(policy_key_path, "/Domains/domain.simpleexample/policy_keys",
    39                "path to tao configuration");
    40  DEFINE_string(host_key_path, "/Domains/domain.simpleexample/linux_tao_host",
    41                "path to tao configuration");
    42  DEFINE_string(client_path, "/Domains/domain.simpleexample/SimpleClientCpp",
    43                "path to SimpleClient files");
    44  DEFINE_string(server_host, "localhost", "address for client/server");
    45  DEFINE_string(server_port, "8123", "port for client/server");
    46  DEFINE_string(domain_server_host, "localhost", "address for domain service");
    47  DEFINE_string(domain_server_port, "8124", "port for domain service");
    48  DEFINE_bool(test_rollback, false, "Test rollback protection");
    49  
    50  
    51  int main(int argc, char **argv) {
    52  
    53    // Parse flags, signal handlers, openssl init.
    54    InitializeApp(&argc, &argv, false);
    55  
    56    // This code expects fd 3 and 4 to be the pipes from and to the Tao, so it
    57    // doesn't need to take any parameters. It will establish a Tao Child Channel
    58    // directly with these fds.
    59    unique_ptr<FDMessageChannel> msg(new FDMessageChannel(3, 4));
    60    unique_ptr<Tao> tao(new TaoRPC(msg.release()));
    61  
    62    TaoProgramData client_program_data;
    63    TaoChannel client_channel;
    64  
    65    string tcp("tcp");
    66    string cipher_suite("sign:ecdsap256,crypt:aes128-ctr-hmacsha256,derive:hdkf-sha256");
    67    if (!client_program_data.InitTao(cipher_suite, msg.get(), tao.get(), FLAGS_policy_key_path,
    68              FLAGS_host_key_path, FLAGS_client_path, tcp, FLAGS_domain_server_host,
    69              FLAGS_domain_server_port, true)) {
    70      printf("client_program_data.InitTao failed\n");
    71      return 1;
    72    }
    73  
    74    string my_tao_name;
    75    if (!client_program_data.GetTaoName(&my_tao_name)) {
    76      printf("client_program_data.GetTaoName failed\n");
    77      return 1;
    78    }
    79    printf("simpleclientcpp: Simple client name: %s\n",
    80           my_tao_name.c_str());
    81  
    82    // Open the Tao Channel using the Program key.  This program does all the
    83    // standard channel negotiation and presents the secure server name after
    84    // negotiation is complete.
    85    if (!client_channel.OpenTaoChannel(client_program_data, FLAGS_server_host,
    86           FLAGS_server_port)) {
    87      printf("client_channel.OpenTaoChannel failed\n");
    88      return 1;
    89    }
    90    printf("simpleclient: established Tao Channel with %s\n",
    91           client_channel.peer_name_.c_str()) ;
    92  
    93    // Send a simple request and get response.
    94    tao_support::SimpleMessage req_message;
    95    tao_support::SimpleMessage resp_message;
    96    req_message.set_message_type(1); // REQUEST
    97    req_message.set_request_type("SecretRequest");
    98    string req_string;
    99    if(!req_message.SerializeToString(&req_string)) {
   100      printf("simpleclient: Can't serialize request message\n");
   101    }
   102    if (!client_channel.SendRequest(req_string.size(), (byte*)req_string.data())) {
   103      printf("simpleclient: Error in response to SendRequest\n");
   104    }
   105    printf("Sent request\n");
   106    int size = 8192;
   107    byte buf[8192];
   108    string resp_string;
   109    if (!client_channel.GetRequest(&size, buf)) {
   110      printf("\nsimpleclient: Error in response to GetRequest\n");
   111    } else {
   112      printf("Got response %d\n", size);
   113      resp_string.assign((const char*)buf, (size_t)size);
   114      if (!resp_message.ParseFromString(resp_string)) {
   115        printf("simpleclient: Error in parsing request from GetRequest\n");
   116      }
   117      printf("about to set secret %d\n", resp_message.data_size());
   118      if (resp_message.data_size() > 0) {
   119        const char* secret = (const char*) resp_message.data(0).data();
   120        printf("\nsimpleclient: secret is %s, done\n", secret);
   121      } else {
   122        printf("\nsimpleclient: no secret\n");
   123      }
   124    }
   125  
   126    if (FLAGS_test_rollback) {
   127      // Put Rollback protection tests here
   128      byte data[] = { 
   129        0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5,
   130        0,1,2,3,4,5,6,7,8,9,0,1,2,3,4,5
   131      };
   132      string label("label");
   133      string data_to_seal;
   134      string sealed_data;
   135      string recovered_data;
   136      string policy;
   137      int64_t counter = 0LL;
   138      int64_t initial_counter = 0LL;
   139      data_to_seal.assign((const char *)data, sizeof(data));
   140  
   141      if (client_program_data.InitCounter(label, initial_counter)) {
   142        printf("InitCounter succeeded 0\n");
   143      } else {
   144        printf("InitCounter failed 0\n");
   145      }
   146      if (client_program_data.GetCounter(label, &counter)) {
   147        printf("GetCounter (1) succeeded %lld\n", counter);
   148      } else {
   149        printf("GetCounter (1) failed\n");
   150      }
   151      if (client_program_data.RollbackProtectedSeal(label, data_to_seal, &sealed_data)) {
   152        printf("RollbackProtectedSeal succeeded\n");
   153        printf("data to seal: "); PrintBytes(data_to_seal.size(), (byte*)data_to_seal.data()); printf("\n");
   154      } else {
   155        printf("RollbackProtectedSeal failed\n");
   156      }
   157      if (client_program_data.GetCounter(label, &counter)) {
   158        printf("GetCounter (1) succeeded %lld\n", counter);
   159      } else {
   160        printf("GetCounter (1) failed\n");
   161      }
   162      if (client_program_data.RollbackProtectedUnseal(sealed_data, &recovered_data, &policy)) {
   163        printf("RollbackProtectedUnseal succeeded\n");
   164        printf("unsealed data: "); PrintBytes(recovered_data.size(),
   165               (byte*)recovered_data.data()); printf("\n");
   166      } else {
   167        printf("RollbackProtectedUnseal failed\n");
   168      }
   169      if (client_program_data.GetCounter(label, &counter)) {
   170        printf("GetCounter (2) succeeded %lld\n", counter);
   171      } else {
   172        printf("GetCounter (2) failed\n");
   173      }
   174    }
   175    return 0;
   176  }