github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/tpm2/apps/QuoteServer/server.go

github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/tpm2/apps/QuoteServer/server.go (about)

     1  // Copyright (c) 2016, Google Inc. All rights reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //     http://www.apache.org/licenses/LICENSE-2.0
     7  // Unless required by applicable law or agreed to in writing, software
     8  // distributed under the License is distributed on an "AS IS" BASIS,
     9  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    10  // See the License for the specific language governing permissions and
    11  // limitations under the License.
    12  
    13  package main
    14  
    15  import (
    16  	"crypto/ecdsa"
    17  	"flag"
    18  	"log"
    19  	"net"
    20  
    21  	"github.com/jlmucb/cloudproxy/go/tao"
    22  	"github.com/jlmucb/cloudproxy/go/tpm2"
    23  	"github.com/jlmucb/cloudproxy/go/util"
    24  )
    25  
    26  var network = flag.String("network", "tcp", "The network to use for connections")
    27  var addr = flag.String("addr", "localhost:8121", "The address to listen on")
    28  var pass = flag.String("pass", "xxx", "The password protecting the policy key")
    29  var path = flag.String("path", "./keys/", "The path to the keys")
    30  
    31  func main() {
    32  	flag.Parse()
    33  	ln, err := net.Listen(*network, *addr)
    34  	if err != nil {
    35  		log.Fatalln("Quote server: could not listen at port:", err)
    36  	}
    37  	// Generate/Load policy key
    38  	us := "US"
    39  	org := "Google"
    40  	details := tao.X509Details{
    41  		Country:            &us,
    42  		Organization:       &org,
    43  		OrganizationalUnit: &org,
    44  		CommonName:         &org,
    45  	}
    46  	policyKey, err := tao.NewOnDiskPBEKeys(tao.Signing, []byte(*pass), *path,
    47  		tao.NewX509Name(&details))
    48  	if err != nil {
    49  		log.Fatalln("Error loading policy key: ", err)
    50  	}
    51  	if policyKey.Cert == nil || policyKey.Cert.Raw == nil {
    52  		log.Fatalln("Quote server: cert missing in policy key.")
    53  	}
    54  	for {
    55  		conn, err := ln.Accept()
    56  		if err != nil {
    57  			log.Fatalln("Quote server: could not accept connection:", err)
    58  		}
    59  		ms := util.NewMessageStream(conn)
    60  		var request tpm2.AttestCertRequest
    61  		if err := ms.ReadMessage(&request); err != nil {
    62  			log.Printf("Quote server: Couldn't read request from channel: %s\n", err)
    63  			continue
    64  		}
    65  		response, err := tpm2.ProcessQuoteDomainRequest(request,
    66  			(policyKey.SigningKey.PrivKey).(*ecdsa.PrivateKey), policyKey.Cert.Raw)
    67  		if err != nil {
    68  			sendError(err, ms)
    69  			continue
    70  		}
    71  		if _, err := ms.WriteMessage(response); err != nil {
    72  			log.Printf("Quote server: Error sending response on the channel: %s\n ", err)
    73  		}
    74  	}
    75  }
    76  
    77  func sendError(err error, ms *util.MessageStream) {
    78  	errCode := int32(1)
    79  	resp := &tpm2.AttestCertResponse{Error: &errCode}
    80  	if _, err := ms.WriteMessage(resp); err != nil {
    81  		log.Printf("Quote server: Error sending resp on the channel: %s\n ", err)
    82  	}
    83  }