Skip to content

A server which will verify the signature of a bash script in order to decide if the script will be executed or not

Notifications You must be signed in to change notification settings

MichaelThamm/x509-validation-server

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

x509-validation-server

A server which will verify the signature of a bash script in order to decide if the script will be executed or not

server-functionality-diagram

Requirements

  • Golang - go1.18.1 linux/amd64
    • go get github.com/gin-gonic/gin
  • Ubuntu - 22.04.1 LTS
    • openssl - 3.0.2

Repository Explanation

  • The utility-scripts directory contains the bash scripts which do the following:

    1. create-certs.sh -> Create the private and x509 certificate using the openssl library
    2. sign-scripts.sh -> Sign the scripts in the usigned-scripts directory using the SHA-256 hash function and the private key
      • They are then placed in the test-scripts directory
    3. build-server-binary.sh -> Build the binary
    4. run-tests.sh -> Execute the test suite
  • However, for convenience the bash script run.sh in the project root does all of this for you

  • To build the server binary:

    • In the project root directory, execute:
    ./build-server-binary.sh
    
  • Using the binary file:

    • In the project root directory, execute:
    ./x509-validation-server
    
    • Within another shell, execute:
    curl -X POST --data-binary @<bash_script_path> http://localhost:8080/execute
    

Test Case Inspection

Script Status Purpose/Reason
1 Pass Basic script
2 Pass RSA functions
3 Pass New lines
4 Pass Special characters
5 Fail 500 status code - Error executing script
6 Fail RSA verification error
7 Fail RSA verification error
8 Fail RSA verification error
9 Fail RSA verification error
10 Fail 500 status code - Illegal signature format

Stretch Goals

  1. Check the certificate extension for code signing
  2. Accept concurrent requests
  3. Verify signature from a set of certificates
  • Assuming you have ran the run.sh script (this sets up certificates, test scripts, and builds the binary), execute:
    •   ./utility-scripts/check-stretch-goals.sh
      
    • This will test the functionality of the stretch goals

About

A server which will verify the signature of a bash script in order to decide if the script will be executed or not

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published