github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/tpm2/tpm2_apps/QuoteServer/QuoteServer.go (about)

     1  // Copyright (c) 2016, Google Inc. All rights reserved.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //     http://www.apache.org/licenses/LICENSE-2.0
     7  // Unless required by applicable law or agreed to in writing, software
     8  // distributed under the License is distributed on an "AS IS" BASIS,
     9  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    10  // See the License for the specific language governing permissions and
    11  // limitations under the License.
    12  
    13  package main
    14  
    15  import (
    16  	"crypto/ecdsa"
    17  	"flag"
    18  	"fmt"
    19  	"log"
    20  	"net"
    21  
    22  	"github.com/jlmucb/cloudproxy/go/tao"
    23  	"github.com/jlmucb/cloudproxy/go/tpm2"
    24  	"github.com/jlmucb/cloudproxy/go/util"
    25  )
    26  
    27  var (
    28  	network = flag.String("network", "tcp", "The network to use for connections")
    29  	addr    = flag.String("addr", "localhost:8121", "The address to listen on")
    30  	pass    = flag.String("pass", "xxx", "The password protecting the policy key")
    31  	path    = flag.String("path", "./keys/", "The path to the keys")
    32  
    33  	us      = "US"
    34  	org     = "Google"
    35  	details = tao.X509Details{
    36  		Country:            &us,
    37  		Organization:       &org,
    38  		OrganizationalUnit: &org,
    39  		CommonName:         &org,
    40  	}
    41  )
    42  
    43  // TODO: probably receive a kill channel to kill this function..
    44  func HandleQuote(network, addr, pass, path string, details tao.X509Details) error {
    45  	ln, err := net.Listen(network, addr)
    46  	if err != nil {
    47  		log.Fatalln("Quote server: could not listen at port:", err)
    48  	}
    49  
    50  	// Generate/Load policy key
    51  	policyKey, err := tao.NewOnDiskPBEKeys(tao.Signing, []byte(pass), path,
    52  		tao.NewX509Name(&details))
    53  	if err != nil {
    54  		return fmt.Errorf("Error loading policy key: %s", err)
    55  	}
    56  	if policyKey.Cert == nil || policyKey.Cert.Raw == nil {
    57  		log.Fatalln("Quote server: cert missing in policy key.")
    58  	}
    59  	for {
    60  		conn, err := ln.Accept()
    61  		if err != nil {
    62  			return fmt.Errorf("Quote server: could not accept connection: %s", err)
    63  		}
    64  		ms := util.NewMessageStream(conn)
    65  		var request tpm2.AttestCertRequest
    66  		if err := ms.ReadMessage(&request); err != nil {
    67  			log.Printf("Quote server: Couldn't read request from channel: %s\n", err)
    68  			continue
    69  		}
    70  		// FIX
    71  		response, err := tpm2.ProcessQuoteDomainRequest(request,
    72  			(policyKey.SigningKey.PrivKey).(*ecdsa.PrivateKey), policyKey.Cert.Raw)
    73  		if err != nil {
    74  			sendError(err, ms)
    75  			continue
    76  		}
    77  		if _, err := ms.WriteMessage(response); err != nil {
    78  			log.Printf("Quote server: Error sending response on the channel: %s\n ", err)
    79  		}
    80  	}
    81  	return nil
    82  }
    83  
    84  func sendError(err error, ms *util.MessageStream) {
    85  	errCode := int32(1)
    86  	resp := &tpm2.AttestCertResponse{Error: &errCode}
    87  	if _, err := ms.WriteMessage(resp); err != nil {
    88  		log.Printf("Quote server: Error sending resp on the channel: %s\n ", err)
    89  	}
    90  }
    91  
    92  func main() {
    93  	flag.Parse()
    94  	err := HandleQuote(*network, *addr, *pass, *path, details)
    95  	if err != nil {
    96  		log.Fatal(err)
    97  	}
    98  }