Commit 667c5827 authored by Bas Westerbaan's avatar Bas Westerbaan

Fix bug in parsing of config.yaml. Add config.yaml.example

parent 5a79a34b
......@@ -3,4 +3,32 @@ atumd
Post-quantum trusted time-stamping service.
**Work in progress!**
Install using
```
go get github.com/bwesterb/atumd
```
Create a `config.yaml`:
```yaml
bindAddr: :8080
canonicalUrl: http://localhost:8080
```
and run
```
atumd
````
You probably want to configure a proper webserver like `nginx` to act
as proxy and set a corresponding sane `canonicalUrl` with HTTPS.
For more configuration options, see [config.yaml.example](config.yaml.example)
Clients
-------
- [go-atumd](https://github.com/bwesterb/go-atum),
Go client and Cli tool
# You probably want to configure these
canonicalUrl: https://path.to/rproxy
bindAddr: localhost:8080
# Maximum size of nonce to sign. Best to keep above 64.
maxNonceSize: 128
# Will still sign a timestamp if its this far of our current local time
# in seconds.
acceptableLag: 60
# The default signature algorithm. Either ed25519 or xmssmt.
defaultSigAlg: xmssmt
# Path to store private keys. Will be generated if not present.
xmssmtKeyPath: xmssmt.key
ed25519KeyPath: ed25519.key
# XMSS(MT) instance to use.
xmssmtAlg: XMSSMT-SHAKE_40/4_512
# Require a proof-of-work of the given difficulty for the favious
# signature algorithms. If null, no proof of work is required.
xmssmtPowDifficulty: 16
ed25519PowDifficulty: null
# Generate proof-of-work nonces from the given key. Useful if running
# several Atum servers between the same URL.
powKey: null
# How often to rotate the proof-of-work nonce.
powWindow: 24h0m0s
# List of other trusted public keys.
# Each entry should be of the form: alg-base64encodedPk
otherTrustedPublicKeys:
- ed25519-/jm13Cfq5Gr+iMqQweoRvJv+HbU7+JNFJIHq1WTm+ww=
- xmssmt-6gdaBKiEUa2MnwoMp0y1vBSx86YkyG6QOWEB9F0/7tPladMNZPE5+s6FUE4yqPB105RPd6kKnc7qT47Srt8CwZ2zKovNmcRg1jB315ZECK3JDpeLLglG38D6kYmJw2kPdhmdrsleMIUEqBwYwGWekjJ7L8IiwSf2tleI5B6ZZkklJJUq
# How often should clients check in about the validity of public keys?
publicKeyCacheDuration: 720h0m0s
# Enable Prometheus metrics?
# NOTE these are hosted publicly at /metrics.
enableMetrics: false
# vim: ft=yaml
......@@ -23,6 +23,7 @@ import (
"net/http"
"os"
"os/signal"
"strings"
"sync"
"time"
)
......@@ -80,8 +81,22 @@ type Conf struct {
}
type AlgPkPair struct {
Alg atum.SignatureAlgorithm `yaml:"alg"`
PublicKey []byte `yaml:"publicKey"`
Alg atum.SignatureAlgorithm
PublicKey []byte
}
func (pair *AlgPkPair) UnmarshalText(buf []byte) error {
var err error
bits := strings.SplitN(string(buf), "-", 2)
if len(bits) != 2 {
return fmt.Errorf("Should have one a dash between alg type and pk")
}
pair.Alg = atum.SignatureAlgorithm(bits[0])
pair.PublicKey, err = base64.StdEncoding.DecodeString(bits[1])
if err != nil {
return err
}
return nil
}
func (pair AlgPkPair) String() string {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment