use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.
the class HostBO method queryForHosts.
/**
* Author: Sudhir
*
* Searches for the hosts using the criteria specified.
*
* @param searchCriteria: If in case the user has not provided any search criteria, then all the hosts
* would be returned back to the caller
* @return
*/
public List<TxtHostRecord> queryForHosts(String searchCriteria) {
try {
TblHostsJpaController tblHostsJpaController = new TblHostsJpaController(getEntityManagerFactory());
List<TxtHostRecord> txtHostList = new ArrayList<TxtHostRecord>();
List<TblHosts> tblHostList;
if (searchCriteria != null && !searchCriteria.isEmpty()) {
log.info("searchCriteria is not null -- calling tblHostsJpaController.findHostsByNameSearchCriteria(searchCriteria)");
tblHostList = tblHostsJpaController.findHostsByNameSearchCriteria(searchCriteria);
log.info(new Integer(tblHostList.size()).toString());
} else {
log.info("calling tblHostsJpaController.findTblHostsEntities()");
tblHostList = tblHostsJpaController.findTblHostsEntities();
log.info(new Integer(tblHostList.size()).toString());
}
// if (tblHostList != null) {
log.info(String.format("Found [%d] host results for search criteria [%s]", tblHostList.size(), searchCriteria));
for (TblHosts tblHosts : tblHostList) {
TxtHostRecord hostObj = createTxtHostFromDatabaseRecord(tblHosts);
txtHostList.add(hostObj);
}
return txtHostList;
} catch (ASException e) {
throw e;
} catch (CryptographyException e) {
throw new ASException(e, ErrorCode.AS_ENCRYPTION_ERROR, e.getCause() == null ? e.getMessage() : e.getCause().getMessage());
} catch (Exception e) {
throw new ASException(e);
}
}
use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.
the class HostBO method findBiosMleForHost.
private TblMle findBiosMleForHost(TxtHost host) throws IOException {
TblMleJpaController tblMleJpaController = getMleJpaController();
TblMle biosMleId = tblMleJpaController.findBiosMle(host.getBios().getName(), host.getBios().getVersion(), host.getBios().getOem());
if (biosMleId == null) {
throw new ASException(ErrorCode.AS_BIOS_INCORRECT, host.getBios().getName(), host.getBios().getVersion());
}
return biosMleId;
}
use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.
the class HostBO method addHost.
public String addHost(TxtHost host) {
String certificate = null;
String location = null;
String ipAddress = null;
HashMap<String, ? extends IManifest> pcrMap = null;
try {
ipAddress = InetAddress.getByName(host.getHostName().toString()).getHostAddress();
if (!ipAddress.equalsIgnoreCase(host.getIPAddress().toString())) {
throw new ASException(ErrorCode.AS_HOST_IPADDRESS_NOT_MATCHED, host.getHostName().toString(), host.getIPAddress().toString());
}
checkForDuplicate(host);
getBiosAndVMM(host);
log.info("Getting Server Identity.");
TblHosts tblHosts = new TblHosts();
tblHosts.setTlsPolicyName("TRUST_FIRST_CERTIFICATE");
tblHosts.setTlsKeystore(null);
tblHosts.setAddOnConnectionInfo(host.getAddOn_Connection_String());
if (host.getHostName() != null) {
tblHosts.setName(host.getHostName().toString());
}
if (host.getIPAddress() != null) {
tblHosts.setIPAddress(host.getIPAddress().toString());
}
if (host.getPort() != null) {
tblHosts.setPort(host.getPort());
} else {
throw new ASException(ErrorCode.PORT_MISSING, host.getHostName().toString(), host.getIPAddress().toString());
}
if (canFetchAIKCertificateForHost(host.getVmm().getName())) {
// datatype.Vmm
if (!host.getAddOn_Connection_String().toLowerCase().contains("citrix")) {
certificate = getAIKCertificateForHost(tblHosts, host);
// we have to check that the aik certificate was signed by a trusted privacy ca
X509Certificate hostAikCert = X509Util.decodePemCertificate(certificate);
hostAikCert.checkValidity();
// read privacy ca certificate
InputStream privacyCaIn = new FileInputStream(ResourceFinder.getFile("PrivacyCA.cer"));
// XXX TODO currently we only support one privacy CA cert...
// in the future we should read a PEM format file with possibly multiple trusted privacy ca certs
X509Certificate privacyCaCert = X509Util.decodeDerCertificate(IOUtils.toByteArray(privacyCaIn));
IOUtils.closeQuietly(privacyCaIn);
privacyCaCert.checkValidity();
// verify the trusted privacy ca signed this aik cert
hostAikCert.verify(privacyCaCert.getPublicKey());
// NoSuchAlgorithmException,InvalidKeyException,NoSuchProviderException,SignatureException
}
} else {
// ESX host so get the location for the host and store in the table
pcrMap = getHostPcrManifest(tblHosts, host);
// BUG #497 sending both the new TblHosts record and the TxtHost object just to get the TlsPolicy into
// the initial call so that with the trust_first_certificate policy we will obtain the host certificate now while adding it
log.info("Getting location for host from VCenter");
location = getLocation(pcrMap);
}
HostAgentFactory factory = new HostAgentFactory();
HostAgent agent = factory.getHostAgent(tblHosts);
log.info("Saving Host in database with TlsPolicyName {} and TlsKeystoreLength {}", tblHosts.getTlsPolicyName(), tblHosts.getTlsKeystore() == null ? "null" : tblHosts.getTlsKeystore().length);
Map<String, String> attributes = agent.getHostAttributes();
String hostUuidAttr = attributes.get("Host_UUID");
//if ((attributes != null) && (!attributes.isEmpty()) && (hostUuidAttr != null))
if (!attributes.isEmpty() && hostUuidAttr != null)
tblHosts.setHardwareUuid(hostUuidAttr.toLowerCase().trim());
//
log.debug("Saving the host details in the DB");
// retrieve the complete manifest and get module info inserted into database
// We only handle module info for PCR 19
HashMap<String, ? extends IManifest> pcrs = getHostPcrManifest(tblHosts, host);
List<TblHostSpecificManifest> tblHostSpecificManifests = null;
if (vmmMleId.getRequiredManifestList().contains(MODULE_PCR)) {
if (pcrs != null) {
PcrManifest pcr19 = (PcrManifest) pcrs.get(MODULE_PCR);
addModuleWhiteList(pcr19, tblHosts, host, hostUuidAttr);
log.info("Host specific modules would be retrieved from the host that extends into PCR 19.");
String hostType = host.getVendor();
tblHostSpecificManifests = createHostSpecificManifestRecords(vmmMleId, pcrs, hostType);
}
} else {
log.info("Host specific modules will not be configured since PCR 19 is not selected for attestation");
}
//saveHostInDatabase(tblHosts, host, certificate, location, pcrMap);
biosMleId = findBiosMleForHost(host);
vmmMleId = findVmmMleForHost(host);
saveHostInDatabase(tblHosts, host, certificate, location, pcrMap, tblHostSpecificManifests, biosMleId, vmmMleId);
// Now that the host has been registered successfully, let us see if there is an asset tag certificated configured for the host
// to which the host has to be associated
//attributes);
associateAssetTagCertForHost(host, agent.getHostAttributes(), tblHosts);
} catch (ASException ase) {
throw ase;
} catch (CryptographyException e) {
throw new ASException(e, ErrorCode.AS_ENCRYPTION_ERROR, e.getCause() == null ? e.getMessage() : e.getCause().getMessage());
} catch (Exception e) {
log.debug("beggining stack trace --------------");
e.printStackTrace();
log.debug("end stack trace --------------");
throw new ASException(e);
}
return "true";
}
use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.
the class HostBO method deleteHost.
public String deleteHost(Hostname hostName) {
try {
TblHosts tblHosts = getHostByName(hostName);
if (tblHosts == null) {
throw new ASException(ErrorCode.AS_HOST_NOT_FOUND, hostName);
}
log.info("Deleting Host from database");
deleteHostAssetTagMapping(tblHosts);
deleteHostSpecificManifest(tblHosts);
deleteModulesForMLE(createTxtHostFromDatabaseRecord(tblHosts));
deleteTALogs(tblHosts.getId());
deleteSAMLAssertions(tblHosts);
getHostsJpaController().destroy(tblHosts.getId());
unmapAssetTagCertFromHost(tblHosts.getId(), tblHosts.getName());
} catch (ASException ase) {
throw ase;
} catch (CryptographyException e) {
throw new ASException(ErrorCode.SYSTEM_ERROR, e.getCause() == null ? e.getMessage() : e.getCause().getMessage(), e);
} catch (Exception e) {
throw new ASException(e);
}
// return new HostResponse(ErrorCode.OK);
return "true";
}
use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.
the class HostTrustBO method getHostLocation.
// PREMIUM FEATURE ?
/**
* Gets the location of the host from db table tblHosts
*
* @param hostName
* @return {@link HostLocation}
*/
public HostLocation getHostLocation(Hostname hostName) {
try {
TblHosts tblHosts = getHostByName(hostName);
if (tblHosts == null) {
throw new ASException(ErrorCode.AS_HOST_NOT_FOUND, String.format("%s", hostName));
}
HostLocation location = new HostLocation(tblHosts.getLocation());
return location;
} catch (ASException e) {
throw e;
} catch (Exception e) {
throw new ASException(e);
}
}
Aggregations