Examples with CryptographyException com.intel.mtwilson.crypto.CryptographyException used on opensource projects

Example 1 with CryptographyException

use of com.intel.mtwilson.crypto.CryptographyException in project OpenAttestation by OpenAttestation.

the class ReportsBO method getReportManifest.

public HostManifestReportType getReportManifest(Hostname hostName) {
    // datatype.Hostname
    HostManifestReportType hostManifestReportType = new HostManifestReportType();
    /*
         * if (hostName == null || hostName.isEmpty()) { throw new
         * ASException(ErrorCode.VALIDATION_ERROR, "Input Hostname " + hostName
         * + " is empty."); }
         *
         */
    TblHosts tblHosts = null;
    try {
        // datatype.Hostname
        tblHosts = getTblHostsJpaController().findByName(hostName.toString());
    } catch (CryptographyException e) {
        throw new ASException(e, ErrorCode.AS_ENCRYPTION_ERROR, e.getCause() == null ? e.getMessage() : e.getCause().getMessage());
    }
    if (tblHosts == null) {
        throw new ASException(ErrorCode.AS_HOST_NOT_FOUND, hostName.toString());
    }
    Date lastStatusTs = getTblTaLogJpaController().findLastStatusTs(tblHosts.getId());
    if (lastStatusTs != null) {
        List<TblTaLog> logs = getTblTaLogJpaController().findLogsByHostId(tblHosts.getId(), lastStatusTs);
        com.intel.mountwilson.as.hostmanifestreport.data.HostType hostType = new com.intel.mountwilson.as.hostmanifestreport.data.HostType();
        // datatype.Hostname
        hostType.setName(hostName.toString());
        if (logs != null) {
            for (TblTaLog log : logs) {
                ManifestType manifest = new ManifestType();
                manifest.setName(Integer.parseInt(log.getManifestName()));
                manifest.setValue(log.getManifestValue());
                manifest.setVerifiedOn(Util.getCalendar(log.getUpdatedOn()));
                manifest.setTrustStatus(getTrustStatus(log.getTrustStatus()));
                hostType.getManifest().add(manifest);
            }
        }
        hostManifestReportType.setHost(hostType);
    }
    return hostManifestReportType;
}

Example 2 with CryptographyException

use of com.intel.mtwilson.crypto.CryptographyException in project OpenAttestation by OpenAttestation.

the class ReportsBO method getHostAttestationReport.

// BUG #497 XXX TODO needs rewrite to use HostAgentFactory and HostAgent interfaces
public String getHostAttestationReport(Hostname hostName) {
    XMLOutputFactory xof = XMLOutputFactory.newInstance();
    XMLStreamWriter xtw;
    StringWriter sw = new StringWriter();
    IManifestStrategy manifestStrategy;
    IManifestStrategyFactory strategyFactory;
    HashMap<String, ? extends IManifest> pcrManifestMap = null;
    TblHosts tblHosts = null;
    String attestationReport = "";
    try {
        tblHosts = getTblHostsJpaController().findByName(hostName.toString());
        if (tblHosts == null) {
            throw new ASException(ErrorCode.AS_HOST_NOT_FOUND, hostName.toString());
        }
        manifestStrategy = getManifestStrategy(tblHosts);
        // BUG #497  this is now obtained by IntelHostAgent using TAHelper's getQuoteInformationForHost which is what was called by TrustAgentManifestStrategy.getManifest()
        pcrManifestMap = manifestStrategy.getManifest(tblHosts);
    } catch (ASException aex) {
        throw aex;
    } catch (CryptographyException e) {
        throw new ASException(e, ErrorCode.AS_ENCRYPTION_ERROR, e.getCause() == null ? e.getMessage() : e.getCause().getMessage());
    } catch (Exception ex) {
        throw new ASException(ex);
    }
    try {
        // XXX BUG #497 this entire section in try{}catch{} has  moved to TAHelper and used by IntelHostAgent
        // We need to check if the host supports TPM or not. Only way we can do it
        // using the host table contents is by looking at the AIK Certificate. Based
        // on this flag we generate the attestation report.
        boolean tpmSupport = true;
        String hostType = tblHosts.getVmmMleId().getName();
        if (tblHosts.getAIKCertificate() == null || tblHosts.getAIKCertificate().isEmpty()) {
            tpmSupport = false;
        }
        // xtw = xof.createXMLStreamWriter(new FileWriter("c:\\temp\\nb_xml.xml"));
        xtw = xof.createXMLStreamWriter(sw);
        xtw.writeStartDocument();
        xtw.writeStartElement("Host_Attestation_Report");
        xtw.writeAttribute("Host_Name", hostName.toString());
        xtw.writeAttribute("Host_VMM", hostType);
        xtw.writeAttribute("TXT_Support", String.valueOf(tpmSupport));
        if (tpmSupport == true) {
            ArrayList<IManifest> pcrMFList = new ArrayList<IManifest>();
            pcrMFList.addAll(pcrManifestMap.values());
            for (IManifest pcrInfo : pcrMFList) {
                PcrManifest pInfo = (PcrManifest) pcrInfo;
                xtw.writeStartElement("PCRInfo");
                xtw.writeAttribute("ComponentName", String.valueOf(pInfo.getPcrNumber()));
                xtw.writeAttribute("DigestValue", pInfo.getPcrValue().toUpperCase());
                xtw.writeEndElement();
            }
        } else {
            xtw.writeStartElement("PCRInfo");
            xtw.writeAttribute("Error", "Host does not support TPM.");
            xtw.writeEndElement();
        }
        xtw.writeEndElement();
        xtw.writeEndDocument();
        xtw.flush();
        xtw.close();
        attestationReport = sw.toString();
    } catch (Exception ex) {
        throw new ASException(ex);
    }
    return attestationReport;
}

Example 3 with CryptographyException

use of com.intel.mtwilson.crypto.CryptographyException in project OpenAttestation by OpenAttestation.

the class ReportsBO method getTrustReport.

public HostsTrustReportType getTrustReport(Collection<Hostname> hostNames) {
    // datatype.Hostname
    try {
        HostsTrustReportType hostsTrustReportType = new HostsTrustReportType();
        for (Hostname host : hostNames) {
            // datatype.Hostname
            TblHosts tblHosts = getTblHostsJpaController().findByName(host.toString());
            if (tblHosts == null) {
                throw new ASException(ErrorCode.AS_HOST_NOT_FOUND, host);
            }
            List<TblTaLog> logs = getTblTaLogJpaController().findTrustStatusByHostId(tblHosts.getId(), 5);
            if (logs != null) {
                for (TblTaLog log : logs) {
                    HostType hostType = new HostType();
                    // datatype.Hostname
                    hostType.setHostName(host.toString());
                    hostType.setMLEInfo(getMleInfo(tblHosts));
                    hostType.setTrustStatus(getTrustStatus(log.getError()));
                    hostType.setVerifiedOn(Util.getCalendar(log.getUpdatedOn()));
                    hostsTrustReportType.getHost().add(hostType);
                }
            }
        }
        return hostsTrustReportType;
    } catch (CryptographyException e) {
        throw new ASException(e, ErrorCode.AS_ENCRYPTION_ERROR, e.getCause() == null ? e.getMessage() : e.getCause().getMessage());
    } catch (Exception e) {
        throw new ASException(e);
    }
}

Example 4 with CryptographyException

use of com.intel.mtwilson.crypto.CryptographyException in project OpenAttestation by OpenAttestation.

the class ReportsBO method getAttestationReport.

public AttestationReport getAttestationReport(Hostname hostName, Boolean failureOnly) throws NumberFormatException, IOException {
    AttestationReport attestationReport = new AttestationReport();
    TblHosts tblHosts = null;
    try {
        // datatype.Hostname
        tblHosts = getTblHostsJpaController().findByName(hostName.toString());
    } catch (CryptographyException e) {
        throw new ASException(e, ErrorCode.AS_ENCRYPTION_ERROR, e.getCause() == null ? e.getMessage() : e.getCause().getMessage());
    }
    if (tblHosts == null) {
        throw new ASException(ErrorCode.AS_HOST_NOT_FOUND, hostName.toString());
    }
    Date lastStatusTs = getTblTaLogJpaController().findLastStatusTs(tblHosts.getId());
    if (lastStatusTs != null) {
        List<TblTaLog> logs = getTblTaLogJpaController().findLogsByHostId(tblHosts.getId(), lastStatusTs);
        com.intel.mountwilson.as.hostmanifestreport.data.HostType hostType = new com.intel.mountwilson.as.hostmanifestreport.data.HostType();
        // datatype.Hostname
        hostType.setName(hostName.toString());
        if (logs != null) {
            for (TblTaLog log : logs) {
                boolean value = (failureOnly && log.getTrustStatus() == false);
                if (!failureOnly || value) {
                    if (log.getManifestName().equalsIgnoreCase(ASSET_TAG_PCR)) {
                        attestationReport.getPcrLogs().add(getPcrLogReportForAssetTag(log, tblHosts.getId()));
                    } else {
                        attestationReport.getPcrLogs().add(getPcrManifestLog(tblHosts, log, failureOnly));
                    }
                }
            }
        }
    }
    return attestationReport;
}

Example 5 with CryptographyException

use of com.intel.mtwilson.crypto.CryptographyException in project OpenAttestation by OpenAttestation.

the class HostBO method updateHost.

public String updateHost(TxtHost host) {
    try {
        // datatype.Hostname
        TblHosts tblHosts = getHostByName(host.getHostName());
        if (tblHosts == null) {
            throw new ASException(ErrorCode.AS_HOST_NOT_FOUND, host.getHostName().toString());
        }
        getBiosAndVMM(host);
        //host (aik cert, manifest,etc)
        if (tblHosts.getTlsPolicyName() == null && tblHosts.getTlsPolicyName().isEmpty()) {
            // XXX new code to test
            tblHosts.setTlsPolicyName("TRUST_FIRST_CERTIFICATE");
        // XXX bug #497 the TxtHost object doesn't have the ssl
        // certificate and policy
        }
        tblHosts.setAddOnConnectionInfo(host.getAddOn_Connection_String());
        if (host.getHostName() != null) {
            tblHosts.setName(host.getHostName().toString());
        }
        if (host.getIPAddress() != null) {
            tblHosts.setIPAddress(host.getIPAddress().toString());
        }
        if (host.getPort() != null) {
            tblHosts.setPort(host.getPort());
        }
        log.info("Getting identity.");
        if (canFetchAIKCertificateForHost(host.getVmm().getName())) {
            // datatype.Vmm
            String certificate = getAIKCertificateForHost(tblHosts, host);
            tblHosts.setAIKCertificate(certificate);
        } else {
            // the
            if (vmmMleId.getId().intValue() != tblHosts.getVmmMleId().getId().intValue()) {
                log.info("VMM is updated. Update the host specific manifest");
                // BUG #497 added tblHosts parameter
                HashMap<String, ? extends IManifest> pcrMap = getHostPcrManifest(tblHosts, host);
            // Building objects and validating that manifests are
            // created ahead of create of host
            }
        }
        List<TblHostSpecificManifest> tblHostSpecificManifests = null;
        if (vmmMleId.getId().intValue() != tblHosts.getVmmMleId().getId().intValue()) {
            log.info("VMM is updated. Update the host specific manifest");
            HashMap<String, ? extends IManifest> pcrs = getHostPcrManifest(tblHosts, host);
            deleteHostSpecificManifest(tblHosts);
            if (vmmMleId.getRequiredManifestList().contains(MODULE_PCR)) {
                log.debug("Host specific modules would be retrieved from the host that extends into PCR 19.");
                // Added the Vendor parameter to the below function so that we can handle the host specific records differently for different types of hosts.
                String hostType = host.getVendor();
                tblHostSpecificManifests = createHostSpecificManifestRecords(vmmMleId, pcrs, hostType);
            } else {
                log.debug("Host specific modules will not be configured since PCR 19 is not selected for attestation");
            }
        }
        biosMleId = findBiosMleForHost(host);
        vmmMleId = findVmmMleForHost(host);
        log.info("Saving Host in database");
        tblHosts.setBiosMleId(biosMleId);
        tblHosts.setDescription(host.getDescription());
        tblHosts.setEmail(host.getEmail());
        if (host.getIPAddress() != null)
            // datatype.IPAddress
            tblHosts.setIPAddress(host.getIPAddress().toString());
        tblHosts.setPort(host.getPort());
        tblHosts.setVmmMleId(vmmMleId);
        tblHosts.setBios_mle_uuid_hex(biosMleId.getUuid_hex());
        tblHosts.setVmm_mle_uuid_hex(vmmMleId.getUuid_hex());
        log.info("Updating Host in database");
        getHostsJpaController().edit(tblHosts);
        if (tblHostSpecificManifests != null) {
            log.debug("Updating Host Specific Manifest in database");
            createHostSpecificManifest(tblHostSpecificManifests, tblHosts);
        }
    } catch (ASException ase) {
        throw ase;
    } catch (CryptographyException e) {
        throw new ASException(e, ErrorCode.AS_ENCRYPTION_ERROR, e.getCause() == null ? e.getMessage() : e.getCause().getMessage());
    } catch (Exception e) {
        throw new ASException(e);
    }
    // return new HostResponse(ErrorCode.OK);
    return "true";
}