commit | 00bab31ddc451d253ff042c15e2aebdd7b540039 | [log] [tgz] |
---|---|---|
author | howardkitto <kitto.howard@gmail.com> | Wed Aug 28 11:39:49 2019 +0100 |
committer | howardkitto <kitto.howard@gmail.com> | Wed Aug 28 11:39:49 2019 +0100 |
tree | 520fbda5c0f589addec7370e423f4e305d84eb89 | |
parent | f4bfc8d4374e6f0b8b2047c22ecf83f09dd13582 [diff] |
merged install instructions
Milagro Custody DTA creates an ecosystem in which service providers can issue and protect secrets. When a node is connected to the network it is able to discover service providers who are able to offer secure long term storage of highly sensitive digital assets. It is written in Go and uses REST services based on the GoKit microservices framework: https://gokit.io/
Milagro D-TA is a colaborative key management server
Milagro D-TA facilitates secure and auditable communication between people who to use key pairs (Principal) and service providers who can keep the secret keys safe (Master Fiduciary). It is written in Go and uses REST services based on the GoKit microservices framework, it uses IPFS to create a shared immutable log of transactions and relies on Milagro-Crypto-C for it's crypto.
Milagro D-TA provides a basic set of services for creating identities for actors in the system, and passing encrypted communication between them but it assumes that different service providers will have their own “special sauce” for securely storing secret keys, so the vanilla services can be extended using a plugin framework. Two basic plugins are included in this release to give you an idea of how this can be done.
To see Milagro D-TA in action clone this repo and run the build script. This has currently been tested on Ubuntu 18.04
git clone https://github.com/apache/incubator-milagro-dta.git cd incubator-milagro-dta ./build_static.sh
Alternatively you can run Milagro D-TA in a docker container
git clone https://github.com/apache/incubator-milagro-dta.git cd incubator-milagro-dta docker build -t mydta .
To correctly build the software on Ubuntu 18.04 you need to install the following packages;
sudo apt-get update sudo apt-get install -y --no-install-recommends \ ca-certificates \ cmake \ g++ \ gcc \ git \ make \ libtool \ automake \ libssl-dev sudo apt-get clean
liboqs is a C library for quantum-resistant cryptographic algorithms. It is a API level on top of the NIST round two submissions.
git clone https://github.com/open-quantum-safe/liboqs.git cd liboq git checkout 7cb03c3ce9182790c77e69cd21a6901e270781d6 autoreconf -i ./configure --disable-shared --disable-aes-ni --disable-kem-bike --disable-kem-frodokem --disable-kem-newhope --disable-kem-kyber --disable-sig-qtesla make clean make -j sudo make install
AMCL is required
Build and install the AMCL library
git clone https://github.com/apache/incubator-milagro-crypto-c.git cd incubator-milagro-crypto-c mkdir build cd build cmake -D CMAKE_BUILD_TYPE=Release -D BUILD_SHARED_LIBS=OFF -D AMCL_CHUNK=64 -D AMCL_CURVE="BLS381,SECP256K1" -D AMCL_RSA="" -D BUILD_PYTHON=OFF -D BUILD_BLS=ON -D BUILD_WCC=OFF -D BUILD_MPIN=OFF -D BUILD_X509=OFF -D CMAKE_INSTALL_PREFIX=/usr/local .. make make test sudo make install
cd incubator-milagro-dta/libs/crypto/libpqnist mkdir build cd build cmake -D CMAKE_INSTALL_PREFIX=/usr/local .. make make test sudo make install
The code is written in golang primarily with a wrapper around some C code.
wget https://dl.google.com/go/go1.12.linux-amd64.tar.gz tar -xzf go1.12.linux-amd64.tar.gz sudo cp -r go /usr/local echo 'export PATH=$PATH:/usr/local/go/bin' >> ${HOME}/.bashrc
mkdir -p ${HOME}/go/bin mkdir -p ${HGME}/go/pkg mkdir -p ${HOME}/go/src echo 'export GOPATH=${HOME}/go' >> ${HOME}/.bashrc echo 'export PATH=$GOPATH/bin:$PATH' >> ${HOME}/.bashrc
This package is needed for testing.
go get github.com/stretchr/testify/assert
This script will build the service
./build.sh
To run the service
./target/service
You can find documentation for Milagro D-TA in the main Milagro docs site
Which includes a quick start guide that will show you how to get Milagro D-TA to “do stuff”
Key pairs are becoming central to our online lives, and keeping secret keys safe is a growing industry, we hope to create an ecosystem of custodial service providers who colabroate to make the Internet a safer place for everyone. We are keen to get contributions and feedback from anyone in this space. This is a brand new project so our development processes are still being figured out, but if you have suggestions, questions or wish to make contributions please go ahead raise an issue and someone on the team will get right on it.
This distribution includes cryptographic software. The country in which you currently reside may have restrictions on the import, possession, use, and/or re-export to another country, of encryption software. BEFORE using any encryption software, please check your country's laws, regulations and policies concerning the import, possession, or use, and re-export of encryption software, to see if this is permitted. See http://www.wassenaar.org/ for more information.
The Apache Software Foundation has classified this software as Export Commodity Control Number (ECCN) 5D002, which includes information security software using or performing cryptographic functions with asymmetric algorithms. The form and manner of this Apache Software Foundation distribution makes it eligible for export under the “publicly available” Section 742.15(b) exemption (see the BIS Export Administration Regulations, Section 742.15(b)) for both object code and source code.
Apache Milagro is an effort undergoing incubation at The Apache Software Foundation (ASF), sponsored by the Apache Incubator. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF.