github.com/jlmucb/cloudproxy@v0.0.0-20170830161738-b5aa0b619bc4/src/apps/go_child.cc (about) 1 // Copyright (c) 2014, Google Inc. All rights reserved. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 #include <string> 14 15 #include <gflags/gflags.h> 16 #include <glog/logging.h> 17 18 #include "tao/fd_message_channel.h" 19 #include "tao/tao_rpc.h" 20 #include "tao/util.h" 21 22 using std::string; 23 using std::unique_ptr; 24 25 using tao::Base64WDecode; 26 using tao::Base64WEncode; 27 using tao::FDMessageChannel; 28 using tao::InitializeApp; 29 using tao::MarshalSpeaksfor; 30 using tao::Tao; 31 using tao::TaoRPC; 32 33 int main(int argc, char **argv) { 34 InitializeApp(&argc, &argv, false); 35 36 // This code expects fd 3 and 4 to be the pipes from and to the Tao, so it 37 // doesn't need to take any parameters. It will establish a Tao Child Channel 38 // directly with these fds. 39 unique_ptr<FDMessageChannel> msg(new FDMessageChannel(3, 4)); 40 unique_ptr<Tao> tao(new TaoRPC(msg.release())); 41 string bytes; 42 if (!tao->GetRandomBytes(10, &bytes)) { 43 LOG(FATAL) << "Couldn't get 10 bytes from the Tao RPC channel"; 44 } 45 46 if (bytes.size() == 10) { 47 LOG(INFO) << "Got 10 bytes from the Tao RPC channel"; 48 } else { 49 LOG(FATAL) << "Got " << bytes.size() << " bytes from the channel, but " 50 "expected 10"; 51 } 52 53 string encodedBytes; 54 if (!Base64WEncode(bytes, &encodedBytes)) { 55 LOG(FATAL) << "Couldn't encode 10 bytes in Base64W"; 56 } 57 LOG(INFO) << "Encoded bytes: " << encodedBytes; 58 59 string sealed; 60 if (!tao->Seal(bytes, Tao::SealPolicyDefault, &sealed)) { 61 LOG(FATAL) << "Couldn't seal bytes across the channel"; 62 } 63 64 string encodedSealed; 65 if (!Base64WEncode(sealed, &encodedSealed)) { 66 LOG(FATAL) << "Couldn't encode the sealed bytes"; 67 } 68 LOG(INFO) << "Encoded sealed bytes: " << encodedSealed; 69 70 string unsealed; 71 string policy; 72 if (!tao->Unseal(sealed, &unsealed, &policy)) { 73 LOG(FATAL) << "Couldn't unseal the tao-sealed data"; 74 } 75 LOG(INFO) << "Got a seal policy '" << policy << "'"; 76 77 if (policy.compare(Tao::SealPolicyDefault) != 0) { 78 LOG(FATAL) << "The policy returned by Unseal didn't match the Seal policy"; 79 } 80 81 if (unsealed.compare(bytes) != 0) { 82 LOG(FATAL) << "The unsealed data didn't match the sealed data"; 83 } 84 85 string encodedUnsealed; 86 if (!Base64WEncode(unsealed, &encodedUnsealed)) { 87 LOG(FATAL) << "Couldn't encoded the unsealed bytes"; 88 } 89 90 LOG(INFO) << "Encoded unsealed bytes: " << encodedUnsealed; 91 92 // Set up a fake attestation using a fake key. 93 string taoName; 94 if (!tao->GetTaoName(&taoName)) { 95 LOG(FATAL) << "Couldn't get the name of the Tao"; 96 } 97 98 string fakeKey("This is a fake key"); 99 string msf; 100 if (!MarshalSpeaksfor(fakeKey, taoName, &msf)) { 101 LOG(FATAL) << "Couldn't marshal a speaksfor statement"; 102 } 103 104 string attest; 105 if (!tao->Attest(msf, &attest)) { 106 LOG(FATAL) << "Couldn't attest to a fake key delegation"; 107 } 108 109 string encodedAttest; 110 if (!Base64WEncode(attest, &encodedAttest)) { 111 LOG(FATAL) << "Couldn't encode the attestation"; 112 } 113 114 LOG(INFO) << "Got attestation " << encodedAttest; 115 116 LOG(INFO) << "All Go Tao tests pass"; 117 return 0; 118 }