Example 66 with ASException
use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.
the class TAHelper method getQuoteInformationForHost.
// BUG #497 see the other getQuoteInformationForHost which is called from IntelHostAgent
// public HashMap<String, PcrManifest> getQuoteInformationForHost(String hostIpAddress, String pcrList, String name, int port) {
public HashMap<String, PcrManifest> getQuoteInformationForHost(TblHosts tblHosts, String pcrList) {
try {
// going to IntelHostAgent directly because 1) we are TAHelper so we know we need intel trust agents, 2) the HostAgent interface isn't ready yet for full generic usage, 3) one day this entire function will be in the IntelHostAgent or that agent will call THIS function instaed of the othe way around
HostAgentFactory factory = new HostAgentFactory();
TlsPolicy tlsPolicy = factory.getTlsPolicy(tblHosts.getTlsPolicyName(), tblHosts.getTlsKeystoreResource());
String connectionString = tblHosts.getAddOnConnectionInfo();
if (connectionString == null || connectionString.isEmpty()) {
if (tblHosts.getIPAddress() != null) {
// without vendor scheme because we are passing directly to TrustAgentSEcureClient (instead of to HOstAgentFactory)
connectionString = String.format("https://%s:%d", tblHosts.getIPAddress(), tblHosts.getPort());
}
} else if (connectionString.startsWith("intel:")) {
connectionString = connectionString.substring(6);
}
TrustAgentSecureClient client = new TrustAgentSecureClient(new TlsConnection(connectionString, tlsPolicy));
// IntelHostAgent agent = new IntelHostAgent(client, new InternetAddress(tblHosts.getIPAddress().toString()));
HashMap<String, PcrManifest> pcrMap = getQuoteInformationForHost(tblHosts.getIPAddress(), client, pcrList);
return pcrMap;
} catch (ASException e) {
throw e;
} catch (UnknownHostException e) {
throw new ASException(e, ErrorCode.AS_HOST_COMMUNICATION_ERROR, "Unknown host: " + (tblHosts.getIPAddress() == null ? "missing IP Address" : tblHosts.getIPAddress().toString()));
} catch (Exception e) {
throw new ASException(e);
}
}
Also used :
TrustAgentSecureClient(com.intel.mountwilson.as.helper.TrustAgentSecureClient)
UnknownHostException(java.net.UnknownHostException)
PcrManifest(com.intel.mountwilson.manifest.data.PcrManifest)
ASException(com.intel.mountwilson.as.common.ASException)
ASException(com.intel.mountwilson.as.common.ASException)
KeyStoreException(java.security.KeyStoreException)
XMLStreamException(javax.xml.stream.XMLStreamException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
CertificateException(java.security.cert.CertificateException)
UnknownHostException(java.net.UnknownHostException)
Example 67 with ASException
use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.
the class TrustAgentStrategy method getPcrList.
private String getPcrList(TblHosts tblHosts) {
// Get the Bios MLE without accessing cache
TblMle biosMle = new TblMleJpaController(getEntityManagerFactory()).findMleById(tblHosts.getBiosMleId().getId());
String biosPcrList = biosMle.getRequiredManifestList();
if (biosPcrList.isEmpty()) {
throw new ASException(ErrorCode.AS_MISSING_MLE_REQD_MANIFEST_LIST, tblHosts.getBiosMleId().getName(), tblHosts.getBiosMleId().getVersion());
}
// Get the Vmm MLE without accessing cache
TblMle vmmMle = new TblMleJpaController(getEntityManagerFactory()).findMleById(tblHosts.getVmmMleId().getId());
String vmmPcrList = vmmMle.getRequiredManifestList();
if (vmmPcrList == null || vmmPcrList.isEmpty()) {
throw new ASException(ErrorCode.AS_MISSING_MLE_REQD_MANIFEST_LIST, tblHosts.getVmmMleId().getName(), tblHosts.getVmmMleId().getVersion());
}
return biosPcrList + "," + vmmPcrList;
}
Also used :
TblMleJpaController(com.intel.mtwilson.as.controller.TblMleJpaController)
TblMle(com.intel.mtwilson.as.data.TblMle)
ASException(com.intel.mountwilson.as.common.ASException)
Example 68 with ASException
use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.
the class SHA1HashBuilder method sha1.
private byte[] sha1(final byte[] input) {
try {
MessageDigest md = MessageDigest.getInstance("SHA-1");
md.update(input);
byte[] digest = md.digest();
return digest;
} catch (NoSuchAlgorithmException e) {
throw new ASException(e);
}
}
Also used :
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
MessageDigest(java.security.MessageDigest)
ASException(com.intel.mountwilson.as.common.ASException)
Example 69 with ASException
use of com.intel.mountwilson.as.common.ASException in project OpenAttestation by OpenAttestation.
the class HostTrustBO method getTrustWithSaml.
public String getTrustWithSaml(TblHosts tblHosts, String hostId, String hostAttestationUuid, boolean forceVerify) throws IOException {
log.debug("getTrustWithSaml: Getting trust for host: " + tblHosts.getName() + " Force verify flag: " + forceVerify);
// Bug: 702: For host not supporting TXT, we need to return back a proper error
// make sure the DEK is set for this thread
// My.initDataEncryptionKey();
// TblHosts tblHosts = getHostByName(new Hostname((host)));
HostAgentFactory factory = new HostAgentFactory();
HostAgent agent = factory.getHostAgent(tblHosts);
if (!agent.isTpmAvailable()) {
throw new ASException(ErrorCode.AS_TPM_NOT_SUPPORTED, hostId);
}
if (forceVerify != true) {
//TblSamlAssertion tblSamlAssertion = new TblSamlAssertionJpaController((getEntityManagerFactory())).findByHostAndExpiry(hostId);
//TblSamlAssertion tblSamlAssertion = My.jpa().mwSamlAssertion().findByHostAndExpiry(tblHosts.getName()); //hostId);
TblSamlAssertionJpaController tblSamlAssertionJpa = getSamlAssertionJpaController();
TblSamlAssertion tblSamlAssertion = tblSamlAssertionJpa.findByHostAndExpiry(tblHosts.getName());
if (tblSamlAssertion != null) {
if (tblSamlAssertion.getErrorMessage() == null || tblSamlAssertion.getErrorMessage().isEmpty()) {
log.debug("Found assertion in cache. Expiry time : " + tblSamlAssertion.getExpiryTs());
//HostAttestation ha = new HostAttestation();
return buildHostAttestation(tblHosts, tblSamlAssertion).getSaml();
} else {
log.debug("Found assertion in cache with error set, returning that.");
throw new ASException(new Exception("(" + tblSamlAssertion.getErrorCode() + ") " + tblSamlAssertion.getErrorMessage() + " (cached on " + tblSamlAssertion.getCreatedTs().toString() + ")"));
}
}
}
log.debug("Getting trust and saml assertion from host.");
try {
// return getTrustWithSaml(tblHosts, hostId);
return getTrustWithSaml(tblHosts, hostId, hostAttestationUuid);
} catch (Exception e) {
TblSamlAssertion tblSamlAssertion = new TblSamlAssertion();
tblSamlAssertion.setAssertionUuid(hostAttestationUuid);
tblSamlAssertion.setHostId(tblHosts);
//TxtHost hostTxt = getHostWithTrust(new Hostname(host),tblSamlAssertion);
//TxtHostRecord tmp = new TxtHostRecord();
//tmp.HostName = host;
//tmp.IPAddress = host;
//TxtHost hostTxt = new TxtHost(tmp);
tblSamlAssertion.setBiosTrust(false);
tblSamlAssertion.setVmmTrust(false);
try {
log.error("Caught exception, generating saml assertion");
log.error("Printing stacktrace first");
e.printStackTrace();
tblSamlAssertion.setSaml("");
int cacheTimeout = ASConfig.getConfiguration().getInt("saml.validity.seconds", 3600);
tblSamlAssertion.setCreatedTs(Calendar.getInstance().getTime());
Calendar cal = Calendar.getInstance();
cal.add(Calendar.SECOND, cacheTimeout);
tblSamlAssertion.setExpiryTs(cal.getTime());
if (e instanceof ASException) {
ASException ase = (ASException) e;
log.debug("e is an instance of ASExpection: " + String.valueOf(ase.getErrorCode()));
tblSamlAssertion.setErrorCode(String.valueOf(ase.getErrorCode()));
} else {
log.debug("e is NOT an instance of ASExpection: " + String.valueOf(ErrorCode.AS_HOST_TRUST_ERROR.getErrorCode()));
tblSamlAssertion.setErrorCode(String.valueOf(ErrorCode.AS_HOST_TRUST_ERROR.getErrorCode()));
}
// tblSamlAssertion.setErrorMessage(e.getMessage());
// Bug fix for 1038
tblSamlAssertion.setErrorMessage(e.getClass().getSimpleName());
getSamlAssertionJpaController().create(tblSamlAssertion);
} catch (Exception ex) {
//log.debug("getTrustwithSaml caugh exception while generating error saml assertion");
log.error("getTrustwithSaml caugh exception while generating error saml assertion", ex);
// String msg = ex.getMessage();
String msg = ex.getClass().getSimpleName();
// throw new ASException(new Exception("getTrustWithSaml " + msg));
throw new ASException(ex, ErrorCode.AS_HOST_TRUST_ERROR, msg);
//throw new ASException(new Exception("Host Manifest is missing required PCRs."));
}
//Daniel, change the messages into meaningful thiings here
//log.debug("e.getMessage = "+e.getMessage());
//throw new ASException(new Exception(e.getMessage()));
log.error("Error during retrieval of host trust status.", e);
throw new ASException(e, ErrorCode.AS_HOST_TRUST_ERROR, e.getClass().getSimpleName());
//throw new ASException(new Exception("Host Manifest is missing required PCRs."));
}
}
Also used :
TblSamlAssertionJpaController(com.intel.mtwilson.as.controller.TblSamlAssertionJpaController)
Calendar(java.util.Calendar)
TblSamlAssertion(com.intel.mtwilson.as.data.TblSamlAssertion)
ASException(com.intel.mountwilson.as.common.ASException)
ASException(com.intel.mountwilson.as.common.ASException)
WebApplicationException(javax.ws.rs.WebApplicationException)
ConfigurationException(org.apache.commons.configuration.ConfigurationException)
CryptographyException(com.intel.mtwilson.crypto.CryptographyException)
IOException(java.io.IOException)
UnknownHostException(java.net.UnknownHostException)
Aggregations
ASException (com.intel.mountwilson.as.common.ASException)69
IOException (java.io.IOException)28
CryptographyException (com.intel.mtwilson.crypto.CryptographyException)26
IllegalOrphanException (com.intel.mtwilson.as.controller.exceptions.IllegalOrphanException)20
NonexistentEntityException (com.intel.mtwilson.as.controller.exceptions.NonexistentEntityException)20
TblMle (com.intel.mtwilson.as.data.TblMle)20
NoResultException (javax.persistence.NoResultException)19
UnknownHostException (java.net.UnknownHostException)18
TblHosts (com.intel.mtwilson.as.data.TblHosts)17
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)14
ASDataException (com.intel.mtwilson.as.controller.exceptions.ASDataException)12
KeyManagementException (java.security.KeyManagementException)10
MwAssetTagCertificate (com.intel.mtwilson.as.data.MwAssetTagCertificate)9
SignatureException (java.security.SignatureException)8
CertificateException (java.security.cert.CertificateException)8
WebApplicationException (javax.ws.rs.WebApplicationException)8
ConfigurationException (org.apache.commons.configuration.ConfigurationException)8
ApiException (com.intel.mtwilson.ApiException)7
MwAssetTagCertificateJpaController (com.intel.mtwilson.as.controller.MwAssetTagCertificateJpaController)7
TblMleJpaController (com.intel.mtwilson.as.controller.TblMleJpaController)7
