Newer
Older
"crypto/tls"
"crypto/x509"
type LogFile struct {
Source string `json:"source"`
Body PushKSAKeyRequest `json:"body"`
}
type PushKSAKeyRequest struct {
RequestID string `json:"request_ID"`
ProcessID string `json:"process_ID"`
KSAKeys []KSAKey `json:"ksa_keys"`
}
type KSAKey struct {
KeyID string `json:"key_ID"`
Key string `json:"key"`
}
tlsCAFile := flag.String("ca", "", "Path to CA certificate file")
tlsCertFile := flag.String("cert", "", "Path to certificate file")
tlsKeyFile := flag.String("key", "", "Path to key file")
flag.Parse()
logrus.Info("Starting AKMS Simulator...")
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
router := http.NewServeMux()
router.HandleFunc("/api/v1/keys/push_ksa_key", handlePushKsaKey)
router.HandleFunc("/debug/get_log_file", getLogFile)
server := &http.Server{
Addr: ":4444",
Handler: router,
}
if *tlsCAFile != "" && *tlsCertFile != "" && *tlsKeyFile != "" {
logrus.Info("TLS enabled")
cp := x509.NewCertPool()
b, err := os.ReadFile(*tlsCAFile)
if err != nil {
logrus.Fatalf("Error reading CA file: %s", err)
}
if !cp.AppendCertsFromPEM(b) {
logrus.Fatalf("Error appending certs from PEM")
}
cert, err := tls.LoadX509KeyPair(*tlsCertFile, *tlsKeyFile)
if err != nil {
logrus.Fatalf("Error loading X509 key pair: %s", err)
}
tlsConfig := &tls.Config{
MinVersion: tls.VersionTLS13,
ClientCAs: cp,
Certificates: []tls.Certificate{cert},
ClientAuth: tls.RequireAndVerifyClientCert,
}
server.TLSConfig = tlsConfig
logrus.Fatal(server.ListenAndServeTLS("", ""))
} else {
logrus.Fatal(server.ListenAndServe())
}
func getLogFile(w http.ResponseWriter, r *http.Request) {
logrus.Info("Log file requested")
http.ServeFile(w, r, "akms-simulator.log")
}
func handlePushKsaKey(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodPost {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
logrus.Errorf("Method not allowed: %s", r.Method)
body, err := io.ReadAll(r.Body)
if err != nil {
http.Error(w, "Failed to read request body", http.StatusInternalServerError)
logrus.Errorf("Failed to read request body: %s", err)
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
logstring := "Request came from: " + ip + "; Body: " + string(body)
logrus.Info(logstring)
var bodyObject PushKSAKeyRequest
err = json.Unmarshal(body, &bodyObject)
if err != nil {
logrus.Errorf("Error parsing body into PushKSAKeyRequest: %s", err)
return
}
logFile := LogFile{Source: ip, Body: bodyObject}
jsonLogFile, err := json.Marshal(logFile)
if err != nil {
logrus.Errorf("Error marshaling logFile: %s", err)
w.WriteHeader(http.StatusInternalServerError)
return
}
// Append jsonLogFile to akms-logfile.log
f, err := os.OpenFile("akms-simulator.log", os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
if err != nil {
logrus.Errorf("Error opening log file: %s", err)
w.WriteHeader(http.StatusInternalServerError)
return
}
defer f.Close() //nolint:errcheck
if _, err := f.Write(jsonLogFile); err != nil {
logrus.Errorf("Error writing to log file: %s", err)
w.WriteHeader(http.StatusInternalServerError)
return
}