github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/apps/tcca/tcca.go

github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/apps/tcca/tcca.go (about)

     1  // Copyright (c) 2014, Google Inc. All rights reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package main
    16  
    17  import (
    18  	"crypto/x509/pkix"
    19  	"flag"
    20  	"fmt"
    21  	"net"
    22  
    23  	"github.com/golang/glog"
    24  	"github.com/jlmucb/cloudproxy/go/tao"
    25  )
    26  
    27  var network = flag.String("network", "tcp", "The network to use for connections")
    28  var addr = flag.String("addr", "localhost:8124", "The address to listen on")
    29  var domainPass = flag.String("password", "BogusPass", "The domain password for the policy key")
    30  var configPath = flag.String("config", "tao.config", "The Tao domain config")
    31  
    32  func main() {
    33  	flag.Parse()
    34  	domain, err := tao.LoadDomain(*configPath, []byte(*domainPass))
    35  	if err != nil {
    36  		glog.Exitf("Couldn't load the config path %s: %s\n", *configPath, err)
    37  		return
    38  	}
    39  
    40  	// Set up temporary keys for the connection, since the only thing that
    41  	// matters to the remote client is that they receive a correctly-signed new
    42  	// attestation from the policy key.
    43  	keys, err := tao.NewTemporaryKeys(tao.Signing)
    44  	if err != nil {
    45  		glog.Exit("Couldn't set up temporary keys for the connection:", err)
    46  		return
    47  	}
    48  	keyType := tao.SignerTypeFromSuiteName(tao.TaoCryptoSuite)
    49  	if keyType == nil {
    50  		glog.Exit("Couldn't key algs")
    51  		return
    52  	}
    53  	pkAlg := tao.PublicKeyAlgFromSignerAlg(*keyType)
    54  	sigAlg := tao.SignatureAlgFromSignerAlg(*keyType)
    55  	if pkAlg < 0 || sigAlg < 0 {
    56  		glog.Exit("Couldn't key algs")
    57  		return
    58  	}
    59  	keys.Cert, err = keys.SigningKey.CreateSelfSignedX509(pkAlg, sigAlg, int64(1), &pkix.Name{
    60  		Organization: []string{"Google Tao Demo"}})
    61  	if err != nil {
    62  		glog.Exit("Couldn't set up a self-signed cert:", err)
    63  		return
    64  	}
    65  
    66  	sock, err := net.Listen(*network, *addr)
    67  	if err != nil {
    68  		glog.Exit("Couldn't bind socket to address:", err)
    69  		return
    70  	}
    71  
    72  	fmt.Println("tcca: accepting connections")
    73  	for {
    74  		conn, err := sock.Accept()
    75  		if err != nil {
    76  			glog.Exitf("Couldn't accept a connection on %s: %s", *addr, err)
    77  			return
    78  		}
    79  
    80  		go tao.HandleCARequest(conn, domain.Keys.SigningKey, domain.Guard)
    81  	}
    82  }