github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/apps/simpleexample/SimpleDomain/domain_template.simpleexampletpm1

github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/apps/simpleexample/SimpleDomain/domain_template.simpleexampletpm1 (about)

     1  config: {
     2    domain_info: {
     3      name: "SimpleExample"
     4      policy_keys_path: "policy_keys"
     5      guard_type: "AllowAll"
     6    }
     7  
     8    x509_info: {
     9      common_name: "SimpleExampleTest"
    10      country: "US"
    11      state: "WA"
    12      organization: "CloudProxy"
    13    }
    14  
    15    acl_guard_info: {
    16      signed_acls_path: "acls"
    17    }
    18  
    19    datalog_guard_info: {
    20      signed_rules_path: "rules"
    21    }
    22  
    23    tpm_info: {
    24      tpm_path: "/dev/tpm0"
    25      aik_path: "aikblob"
    26      aik_cert_path: "aik_cert"
    27      pcrs: "17,18"
    28    }
    29  }
    30  
    31  datalog_rules: "(forall P: forall Host: forall Hash: TrustedHost(Host) and TrustedProgramHash(Hash) and Subprin(P, Host, Hash) implies MemberProgram(P))"
    32  datalog_rules: "(forall P: forall Host: forall Hash: TrustedHost(Host) and TrustedContainerHash(Hash) and Subprin(P, Host, Hash) implies MemberProgram(P))"
    33  
    34  datalog_rules: "(forall P: forall VM: forall Guard: TrustedHost(VM) and TrustedGuard(Guard) and Subprin(P, VM, Guard) implies TrustedHost(P))"
    35  
    36  datalog_rules: "(forall P: forall VM: forall Host: TrustedHost(Host) and TrustedVMImage(VM) and Subprin(P, Host, VM) implies TrustedVM(P))"
    37  datalog_rules: "(forall P: forall VM: forall Hash: TrustedVM(VM) and TrustedHost(Hash) and Subprin(P, VM, Hash) implies TrustedHost(P))"
    38  
    39  datalog_rules: "(forall T: forall PCRs: forall P: TrustedTPM(T) and TrustedOS(PCRs) and Subprin(P, T, PCRs) implies TrustedHost(P))"
    40  
    41  datalog_rules: "(forall P: TrustedHost(P) implies Authorized(P, \"Execute\"))"
    42  datalog_rules: "(forall P: MemberProgram(P) implies Authorized(P, \"Execute\"))"
    43  
    44  host_predicate_name: "TrustedHost"
    45  
    46  program_paths: "/Domains/simpledomainservice"
    47  program_paths: "/Domains/simpleclient"
    48  program_paths: "/Domains/simpleserver"
    49  program_paths: "/Domains/simpleclient_cc.exe"
    50  program_paths: "/Domains/go-child"
    51  program_paths: "mixnet_router"
    52  program_predicate_name: "TrustedProgramHash"
    53  
    54  container_paths: "demo_server.img.tgz"
    55  container_paths: "demo_client.img.tgz"
    56  container_predicate_name: "TrustedContainerHash"
    57  
    58  vm_paths: "coreos_production_qemu_image.img"
    59  vm_predicate_name: "TrustedVMImage"
    60  
    61  linux_host_paths: "linux_host.img.tgz"
    62  linux_host_predicate_name: "TrustedHost"
    63  
    64  guard_predicate_name: "TrustedGuard"
    65  tpm_predicate_name: "TrustedTPM"
    66  os_predicate_name: "TrustedOS"