-
Notifications
You must be signed in to change notification settings - Fork 0
Demo 1 Blog
Pertinent source files and compiled binaries for the concurrent version of Demo 1 can be found here.
My version may be a little "thread happy", but the goal is to begin to separate the Appraisal, Attestation, and communication processes.
Both Appraiser.hs and Attestation.hs rely on the Demo1V1.hs library, which is where all of our protocol functions live. Appraiser.hs and Attestation.hs have similar main threads of control: they both spawn a VChan thread, then spawn their own protocol thread(spawnAppraisal and spawnAttestation, respectively). In both Appraiser.hs and Attestation.hs, the VChan thread and the protocol thread communicate using a shared variable(Concurrent Haskell¹s TMVar).
Here is a high level description of the interactions that take place:
The spawnAppraisal thread is responsible for creating the Request and putting it in the Appraiser¹s shared variable. The appraiser¹s VChan thread watches that variable, and sends the Request(via VChan, to Attestation) once it is there. Meanwhile, the attestation¹s VChan thread is waiting for the Request. When it arrives, it puts the Request into the shared variable so that the spawnAttestation thread can process the Request(produce a quote). The VChan thread waits for a Quote to appear in the shared variable, then sends it to the Appraiser. The appraiser¹s VChan thread receives the Quote and puts it into its shared variable so that the spawnAppraisal thread can perform evaluation. Finally, the result of this evaluation is placed in the shared variable, which the Appraiser¹s main thread of control recognizes and outputs(Appraisal Succeeded or Appraisal Failed).
Actually, in our current implementation the result of evaluation will never be False since we instead throw exceptions(in the evaluation function) if any of the three evaluation conditions fail( 1-correct nonce, 2-expected PCR values, 3-valid signature). It is difficult to induce failure of the first two conditions in our current implementation(since the Appraiser and Attester see the same PCR values and nonce), but it could be done with a few modifications(we¹ll probably leave this for a future demo). We can fail the signature validity condition easily by providing mismatched keys to each party in their key.txt files.
If you want to run this version, I have two VMs running on compute5 that have the binaries, and are equipped to be run. They have domainIDs 13 and 19.