Description
The Harpy plugin for Eagle provides public key infrastructure-based software license enforcement. It supports the creation, verification, and renewal of license and script certificates. It also supports signed script verification and evaluation, via the aforementioned script certificates.
The Badge plugin is used with Harpy and provides the signed script certificates for the Eagle script library and test suite infrastructure.
These plugins are commercial products of Eyrie Solutions .
Licensing
As of Eagle beta 41 (coming soon), Eagle will ship with the Harpy and Badge plugins included by default, along with a means of dynamically requesting a demo license certificate allowing their use. The following script fragment should be used to make use of this functionality:
# # NOTE: After running this command, the Harpy and Badge plugins # may be loaded successfully using either [package require] # or [source enableSecurity]. # set env(Master_Certificate) [requestLicenseCertificate]; # NOTE: Requests a demo license.
Secure Script Evaluation
Harpy contains a security policy engine that is capable of monitoring the evaluation of (script) files and streams.
When a security policy is set to "signed only", a script must be signed by a trusted key pair in order for it to be successfully evaluated.
The key pair must be valid for signing scripts, must not be expired, and must chain back up to the trusted root key pair.
All script files shipped with Eagle are signed and their signatures are checked when appropriate; the Badge plugin provides the script certificates associated with these script files.
It is also possible to setup a "safe" interpreter in such a way that it will evaluate signed scripts with elevated privileges.
Secure Script Creation
The Harpy plugin also provides a complete set of commands for managing license certificates, script certificates, and key pairs, and key rings. The following example shows how to sign a script file:
# # NOTE: You can use SNK files, PVK files, or generate a new key pair. # set privateKey [keypair open -public -private C:/path/to/private.snk] # # NOTE: Either you can create a Certificate object from scratch -OR- # you can load an XML file as a template and modify the properties # you need to change. # set certificate [certificate import -validate C:/path/to/some/template.xml] # # NOTE: This performs the actual RSA signing of the certificate. # certificate sign -setid -settimestamp -setkey $certificate $privateKey # # NOTE: This exports the signed certificate to a file. # certificate export -validate $certificate C:/path/to/new/certificate.xml
Example Usage
There are several ways to enable secure script evaluation; however, the simplest way is:
source enableSecurity; # note the lack of a file extension here
The above command does several things:
#
# NOTE: The associated script certificate
# ("C:/path/to/some/file.eagle.harpy")
# will be checked before evaluation.
#
source C:/path/to/some/file.eagleBefore the above source command is allowed to execute, Harpy attempts to locate and verify the associated script certificate. In the event of a failure of any kind, including the script file having been modified after being signed, the script file will not be evaluated. It should be noted that both local file names and URIs may be used to the as the argument to source and both are handled by Harpy. It will always look for a file named exactly the same as the target file, with the literal string ".harpy" appended to it. For remote URIs, this will cause an additional request to the target server. It is possible to avoid this by using what is known as an "embedded script certificate", in which the entire script certificate specially formatted and appended to the end of the script file itself.
Here is an example:
proc helloWorld {} {
puts stdout [appendArgs "Hello World - " [info script]]
}
helloWorld
# <<CERTIFICATE-1.0>>
# <?xml version="1.0" encoding="utf-8"?>
# <!--
# Eagle Enterprise Edition Script Certificate
#
# The format of this file is proprietary and may not be reverse
# engineered.
#
# This certificate file is subject to the terms of the license agreement
# located at:
#
# https://eagle.to/enterprise/license.html
#
# By using this file and/or the associated software, you agree to abide
# by the terms of the license agreement.
#
# PLEASE DO NOT EDIT THIS FILE.
# THE ASSOCIATED SOFTWARE MAY NOT WORK PROPERLY IF THIS FILE IS ALTERED.
# -->
# <Certificate xmlns="https://eagle.to/2011/harpy"
# xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
# xmlns:xsd="http://www.w3.org/2001/XMLSchema">
# <Protocol>None</Protocol>
# <Vendor>Mistachkin Systems</Vendor>
# <Id>f6377aa9-70f4-4740-919e-47d5b271a039</Id>
# <HashAlgorithm>SHA512</HashAlgorithm>
# <EntityType>Script</EntityType>
# <TimeStamp>2016-09-29T03:47:15.5664062Z</TimeStamp>
# <Duration>-1.00:00:00</Duration>
# <Key>0x107cdfbbd26112c9</Key>
# <Signature>
# IpGUBFvchP6NAJ/hSuXldCZjFhonAUJ3B0HU7vqyNQi4XxjaqUvoMC1NdmZewwc/dje8hw6hQmi+
# AZUkOhhjkt091PU4m4IoVxMj3iIQxLVVuPkYXTwtq1HNbYwvQBIqG5gbM3TCHDkaF9hB3dt2iyzq
# SWDIyiSQWN0yaAz/sGtayU5ik5O1SOkgeenOcbwy70yBQd8lseHY/M8vD4zs2TNvhBTMmurW56iR
# DtgsCmUR0PyOHNKkyXM/fawzt4s5sBcofMmakNy8OfDmt7lGs6Y9/+HFEwWPRE00S22AHbix9VLh
# 0SsoLbCWiNoUVA2mKimV7DaqmcR5y23lgY4j6Q==
# </Signature>
# </Certificate>
# <</CERTIFICATE-1.0>>