HTTP transaction of a Beacon
This will be updated shortly to outline how we use per device TPM chips to generate public and private keys to ensure public key cryptography throughout the HTTP transaction.
Normal
| Step | ? |
|---|---|
0. | The Agent AES encrypts the message containing the agent's metadata/task results |
1. | The Agent sends a GET/POST request to the specified URI |
2. | The redirector receives the GET/POST request |
3. | If the URI matches the specified URI for check-in/posting results, the request is then routed to the Turul listener via Mesh VPN |
4. | The Turul listener decrypts the message, identifies the agent, and, if it's a check-in, generates a message containing the available jobs. |
6. | If it was an agent check-in, the Turul listener encrypts the message using AES and sends it back to the agent otherwise it responds with an appropriate status code |
Malleable
| Step | Description |
|---|---|
0. | The agent AES encrypts the message which contains the agent's metadata/task results |
1. | The Agent applies the options from a malleable profile |
2. | THe Agent sends a GET/POST request to the specified URI |
3. | The redirector receives the GET/POST request |
4. | If the URI matches the specified URI for check-in/posting results, the request is then routed to the Turul listener via Mesh VPN |
5. | The Turul listener identifies the agent and retrieves the encrypted and encoded message from the location specified in the malleable profile |
6. | The Turul listener decrypts and decodes the message, and, if it's a check-in, generates a message containing the available jobs. |
7. | The Turul listener applies the options from the malleable profile and then responds with an appropriate HTTP status code |
8. | If it was an agent check-in, the Turul listener encrypts the message containing the tasks using AES encryption and sends it back to the agent |
Last updated