github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/go/tpm2/tpm2_apps/QuoteServer/QuoteServer.go (about) 1 // Copyright (c) 2016, Google Inc. All rights reserved. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // http://www.apache.org/licenses/LICENSE-2.0 7 // Unless required by applicable law or agreed to in writing, software 8 // distributed under the License is distributed on an "AS IS" BASIS, 9 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 10 // See the License for the specific language governing permissions and 11 // limitations under the License. 12 13 package main 14 15 import ( 16 "crypto/ecdsa" 17 "flag" 18 "fmt" 19 "log" 20 "net" 21 22 "github.com/jlmucb/cloudproxy/go/tao" 23 "github.com/jlmucb/cloudproxy/go/tpm2" 24 "github.com/jlmucb/cloudproxy/go/util" 25 ) 26 27 var ( 28 network = flag.String("network", "tcp", "The network to use for connections") 29 addr = flag.String("addr", "localhost:8121", "The address to listen on") 30 pass = flag.String("pass", "xxx", "The password protecting the policy key") 31 path = flag.String("path", "./keys/", "The path to the keys") 32 33 us = "US" 34 org = "Google" 35 details = tao.X509Details{ 36 Country: &us, 37 Organization: &org, 38 OrganizationalUnit: &org, 39 CommonName: &org, 40 } 41 ) 42 43 // TODO: probably receive a kill channel to kill this function.. 44 func HandleQuote(network, addr, pass, path string, details tao.X509Details) error { 45 ln, err := net.Listen(network, addr) 46 if err != nil { 47 log.Fatalln("Quote server: could not listen at port:", err) 48 } 49 50 // Generate/Load policy key 51 policyKey, err := tao.NewOnDiskPBEKeys(tao.Signing, []byte(pass), path, 52 tao.NewX509Name(&details)) 53 if err != nil { 54 return fmt.Errorf("Error loading policy key: %s", err) 55 } 56 if policyKey.Cert == nil || policyKey.Cert.Raw == nil { 57 log.Fatalln("Quote server: cert missing in policy key.") 58 } 59 for { 60 conn, err := ln.Accept() 61 if err != nil { 62 return fmt.Errorf("Quote server: could not accept connection: %s", err) 63 } 64 ms := util.NewMessageStream(conn) 65 var request tpm2.AttestCertRequest 66 if err := ms.ReadMessage(&request); err != nil { 67 log.Printf("Quote server: Couldn't read request from channel: %s\n", err) 68 continue 69 } 70 // FIX 71 response, err := tpm2.ProcessQuoteDomainRequest(request, 72 (policyKey.SigningKey.PrivKey).(*ecdsa.PrivateKey), policyKey.Cert.Raw) 73 if err != nil { 74 sendError(err, ms) 75 continue 76 } 77 if _, err := ms.WriteMessage(response); err != nil { 78 log.Printf("Quote server: Error sending response on the channel: %s\n ", err) 79 } 80 } 81 return nil 82 } 83 84 func sendError(err error, ms *util.MessageStream) { 85 errCode := int32(1) 86 resp := &tpm2.AttestCertResponse{Error: &errCode} 87 if _, err := ms.WriteMessage(resp); err != nil { 88 log.Printf("Quote server: Error sending resp on the channel: %s\n ", err) 89 } 90 } 91 92 func main() { 93 flag.Parse() 94 err := HandleQuote(*network, *addr, *pass, *path, details) 95 if err != nil { 96 log.Fatal(err) 97 } 98 }